frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

New York Times and Other Publishers Ask Court to Penalize OpenAI

https://www.nytimes.com/2026/07/09/technology/new-york-times-openai.html
1•1vuio0pswjnm7•3m ago•0 comments

Let's build a simple interpreter for APL – part 1

https://mathspp.com/blog/lsbasi-apl-part1
1•mpweiher•4m ago•0 comments

USAA closed 51% of home insurance claims without making a payment in 2025

https://www.expressnews.com/business/article/san-antonio-usaa-insurance-claims-rejected-22293061.php
2•gscott•4m ago•0 comments

Good Questions

https://www.economist.com/business/2026/07/09/the-secret-to-good-questions
1•andsoitis•4m ago•0 comments

40 Years of AVM/Fritz: From BTX Hobby Project to Router Icon

https://www.heise.de/en/news/40-Years-of-AVM-Fritz-From-BTX-Hobby-Project-to-Router-Icon-11357116...
1•sebastian_z•5m ago•0 comments

Dora Compliance for Email: Mapping Sender Authentication to Article 9-10-11

https://dmarcguard.io/blog/dora-email-authentication/
1•meysamazad•5m ago•0 comments

How the Rule-Breaking Octopus Is Rewriting the Evolution of Intelligence

https://nautil.us/how-the-rule-breaking-octopus-is-rewriting-the-evolution-of-intelligence-1282633
1•Brajeshwar•6m ago•0 comments

I was wrong about game development

https://mijndertstuij.nl/posts/i-was-wrong-about-game-development/
1•meysamazad•7m ago•0 comments

What I Expect from an Editor as a Programmer

https://plaindrops.de/blog/2026/programming/
1•meysamazad•7m ago•0 comments

How Does AI Work? [video]

https://www.youtube.com/watch?v=YmLp8qe87A0
1•luispa•9m ago•0 comments

Ask HN: My father died and I need to find my path

1•c4kar•9m ago•1 comments

Thomas Midgley Jr

https://en.wikipedia.org/wiki/Thomas_Midgley_Jr.
1•chistev•13m ago•0 comments

DoS Attack on Crates.io

https://status.crates.io/incidents/h2fxgl2jtc5q
1•garo-pro•15m ago•1 comments

PR Reminder Bot – Node.js tool that Slack-nags you about stale PRs

https://github.com/Enox77/pr-reminder-bot
1•Enox77•16m ago•0 comments

The world bank has ditched its climate targets

https://www.economist.com/finance-and-economics/2026/07/06/the-world-bank-has-ditched-its-climate...
1•andsoitis•16m ago•0 comments

Show HN: Agent OS – a local-first harness for reliable software agents

https://github.com/earthwalker17/agent-os
1•MonoEarthwalker•18m ago•0 comments

The largest available Minecraft world, totalling 15 TB

https://2b2t.place/1million
1•_____k•18m ago•0 comments

Litert.js, Google's High Performance Web AI Inference

https://developers.googleblog.com/litertjs-googles-high-performance-web-ai-inference/
1•simonpure•18m ago•0 comments

Can Nix Be a Better Arch Linux AUR?

https://grigio.org/can-nix-be-a-better-arch-linux-aur/
1•grigio•19m ago•0 comments

GitHub – PolymathicAI/The_well: A 15TB Collection of Physics Simulation Datasets

https://github.com/PolymathicAI/the_well/
1•bilsbie•22m ago•0 comments

Seaboard maker Roli fights to avoid second collapse

https://www.thetimes.com/business/companies-markets/article/seaboard-maker-roli-fights-to-avoid-s...
1•startupfreak•24m ago•0 comments

You Might Be a Late Bloomer

https://www.theatlantic.com/ideas/archive/2024/06/successs-late-bloomers-motivation/678798/
1•jaynate•26m ago•0 comments

Oodle Keeps Observability Fast at Scale

https://blog.oodle.ai/how-oodle-keeps-observability-fast-at-scale/
1•ankitg12•26m ago•0 comments

CNN investigates Iran rebuilding nuclear facilities

https://www.cnn.com/2026/07/10/world/video/investigates-polglase-iran-nuclear-sat-imagery
1•spwa4•27m ago•0 comments

Show HN: I used Claude to make some free fun pet-themed browser arcade games

https://whatpetshouldiget.com/play.html
2•scamdrill•32m ago•0 comments

Evaluating the impact of two decades of USAID intervention

https://www.thelancet.com/action/showPdf?pii=S0140-6736%2825%2901186-9
2•Topfi•33m ago•0 comments

How the Bayeux Tapestry broke the internet

https://spectator.com/article/how-the-bayeux-tapestry-broke-the-internet/
1•thinkingemote•33m ago•0 comments

Laguna XS 2.1 33B on a RTX 3090: 296 tok/s peak, 152 tok/s at 256K context

https://www.lucebox.com/blog/laguna-xs21
1•GreenGames•33m ago•0 comments

Show HN: verbatimeter - check how grounded your LLM / RAG agent is in real-time

https://pypi.org/project/verbatimeter/
1•pobonin•37m ago•0 comments

List of OpenAI Whisper Checkpoints Variants

https://blog.sparsh.dev/list-openai-whisper-checkpoints-variants/
1•sparshrestha•41m ago•1 comments
Open in hackernews

Are Your Passwords in the Green? (2025)

https://www.hivesystems.com/blog/are-your-passwords-in-the-green
1•kemotep•1y ago

Comments

kemotep•1y ago
With NIST finally updating their standards to recommend 15 character password minimums last, I like to use their recommendations and compare them to these charts show how effective such a password would be.

Using E = L x log2(R), where E is entropy, L is number of characters in the password (15), and R is the total number of possible characters used (26 for all lowercase letters), you can get ~70 bits of entropy. Using a password manager like Bitwarden for a 15 character password using the full character set minus the ambiguous characters (65 characters total) leads to ~90 bits of entropy.

Using these charts and figures from the article, a well configured bcrypt setup means even the fastest computer systems still in 2025 cap out at 1 billion hashes per second for offline cracking (without getting into Nation States spending billions on just cracking your passwords, or dedicating all the world’s supercomputers or some other speculations). So to calculate how long it would take with a “realistic” password cracker in 2025, would use this formula:

((((((2^(70-1))/ 1 billion hashes per second)/ 60 seconds)/ 60 minutes)/ 24 hours)/ 365 days) to get ~18,700 years. (Nearly 20 billion years for the Bitwarden generated one)

But without a password filter checking for known bad passwords somewhere like Have I Been Pwned, even a 30 character password that has been leaked is useless. Would be instantly “cracked”. So I personally would have the password policy be:

1. 15 character minimum, no composition rules.

2. All passwords filtered for known bad passwords against HIBP.

3. Accounts protected by MFA.

4. Combination of network controls, best practices security configurations, and alerts and monitoring to help detect and limit/eliminate password guessing attacks, password database dumps.