~=8 Character Passwords Are Dead=~

New benchmark from the Hashcat Team shows a 2080Ti GPU passing 100 Billion password guesses per second (NTLM hash).

This means that the entire keyspace, or every possible combination of:
- Upper
- Lower
- Number
- Symbol

...of an 8 character password can be guessed in:

~2.5 hours

(8x 2080Ti GPUs against NTLM Windows hash)

#Hacking #Infosec

Nobody told me that The Obsessed re-recorded Sodden Jackal, it sounds incredibly menacing. Also Wino doesn't sound drunk while singing which is probably for the best...

Oh boy. That feeling of listening to your favourite music after being unable to for a month.

I lived for a while with an American medical student in Hungary, one day we talked about Rage Against the Machine and he explained how he didn't like it because the politics were "juvenile".

Just thinking back on this now, I suspect if I'd asked him why, he wouldn't have been able to answer.

What are the correct words for describing when an idea is dismissed because it's inconvenient for society?

"Alright well what if I told you that Tubthumping, this song that everyone remembers as a what, silly, feel-good pop song, was actually the work of an anarchist slash socialistic collective, and it was part of their deliberate 30-year strategy to empower the working class and to overthrow the status quo of England."

This podcast was the first time I heard that there was more to Chumbawamba than I'd ever suspected was possible.

Here's the not quite specced right low pass filter that I made from my blown computer PSU.

As part of figuring this out I had to find the specifications for my drivers, which was quite hard since they have been out of production for more than a decade.

Eventually I found a copy of part of the Jaycar catalog that covers audio and video products, it lists a bunch of their older speakers including all of mine.

I uploaded it to the Internet Archive:

Sadly there are quite a few great drivers from 2000-2005 that this doesn't cover.

The tool I've used to figure this out is available here:

Well worth a play if you need to figure out how to tune your sub, or want to design something from scratch.

That's besides the point however, since I've only got one cabinet and that cabinet happens to be 70 litres.

To make the most of this small space it makes sense to use an isobaric configuration as it drastically increases efficiency, meaning it works in much smaller enclosures.

I've configured my box with a 27Hz port that's 10cm by 38cm long (it sticks out the top because the box itself is too small).

This results in a +3db bump at 30Hz and a steep roll off below. Perfect for music.

This design has some serious advantages when it comes to achieving good bass response.

Using a single driver the size of the enclosure grows exponentially dependant on how low (and the driver parameters, Fs, Vas, Qts) of a frequency you want to target.

If I was to use just one of my drivers to achieve the flattest and lowest frequency response the cabinet would need to be over 250 litres, which means if it was a cube it'd be about 70cm3.

Bloody huge.

Well, the answer was obvious actually, install both drivers into the same cabinet!

This is called an isobaric subwoofer, the two drivers are coupled together so that they assist each other.

The drivers must be wired out of phase for this configuration to work.

I want good sound from my computer. To this end I have a pair of Creative E-MU XM7 desktop speakers on my desk. They sound great but lack much extended bass below about 50Hz.

I however have a lot of speakers from when I was about 16. Amongst them are these 15" subwoofers.

However, I only have one 15" cabinet, what to do?..

I have a new PSU for my computer, for the first time in more than a month I can access my music. 😂

For Whom The Bella Tolls - Metallica's For Whom The Bell Tolls only it's about my cat and being overly fussy about food.

I've been looking for something like this for a little while now. A Short Glossary of Anarchist Terms.

@colomar this might interest you too.

I think this is one of the not so good fosdem talks.

It's a good illustration of how entangled open source became with some of the more regressive elements of capitalism. There's no thought or care for what Google or Amazon might be doing or where they might be taking the web. You just need to make sure you're on the right career path and and focus on community without considering the context in which the software exists.

It may be true that open source won, but the other question is what did it win, and for whom? With free software it's not so clear that there was any big victory and basic stuff like being able to use a phone without proprietary software is still hard.

Twitter shows ads to ~100mm users a day. They put up with the ads because there's 100mm people for them to talk to. Every time somebody jumps the fence, Mastodon gets just a little more compelling.

That 100mm is made up of many smaller communities. Moving any one of them over to Mastodon could probably be done by enticing a few dozen people. Mastodon can only win by subcultures. Broad invitations just cause people to show up and not be able to find people to talk to.

Y'know, I can't help but think something's socially different between the time of "I have no users, so I'll do what I like" and "I have thousands of users, and need to make a change."

When it's a one-person project with no users, you can Move Fast and Break Things. But when you get users, that dynamic changes. Suddenly, it's not just about you, the developer. Now you have to put some thought into breaking changes. If you're lucky, you were smart and established that pre-1.0 is unstable, and your users will probably work with you and be more understanding of breakage until 1.0 comes out. That gives you and your users time to experiment and expand (or refine) the software. By 1.0, they're going to expect you to not treat them like an asshole, and they want some sort of warning before APIs become deprecated, so they have time to migrate their tools. They expect a project that is run well and actively communicates with users, addressing their concerns and (optionally) recommending other projects if the dev's project isn't cut out for the problem.

If you have a bunch of users and still act like there's just this one guy, there's a problem. Your users will eventually get sick of that toxic attitude, or feed into it and magnify its intensity. Either way, you're squandering your userbase and your software will suffer.

If you want case studies, take one look at Arch Linux or suckless. Both have some great resources on their side, but their community management is pathetic and dismissive. Neither of those communities see that as a problem since both of them revel in making their work harder to use, but other projects may see that as a severe blow to their potential.

Project management is just as much social as it is technical. Failing in either will limit a project.

Right. It's 7:40am and I've been up all night, again. Time to get some sleep.

