Yulqen

Quicknote capture 9 May 23

• CompVis/stable-diffusion-v1-4 · Hugging Face
• Watch “Exploring an AI’s Imagination (Stable Diffusion and MidJourney)” on YouTube
• Faircode model
• Watch “Go is great for command-line tools” on YouTube
• Why Perl?
• My favorite C compiler flags during development
• The Pomodoro Technique — Why It Works & How To Do It
• OKRs: A Guide to Data-Driven Goal Setting for Individuals and Teams
• [Quiz] Which productivity method is right for you? Get a personalized recommendation
• The Complete Guide to Time Blocking
• This is really good on planning: beyond_good_intentions_-_prompting_people.pdf
• How I Finally Made Sense of Todoist’s Priority Levels
• Watch “Modal forms with Django+HTMX” on YouTube
• Low Byte Productions
• Cuttings / Moving Away from Todoist - to Taskwarrior, SSH & Dropbox - Part 2
• What Matters: OKR Examples: How to Write Objectives & Key Results
• What Matters: Why use OKRs? The 3 top reasons
• What Matters: 4 Mistakes to Avoid When Starting a Business
• What Matters: How to find the ‘why’ of your company From https://www.whatmatters.com/faqs/4-mistakes-to-avoid-when-starting-a-business:

If there are too many unknowns to set a committed or aspirational OKR, consider using a learning OKR instead. Rather than setting a goal around what you are striving to accomplish, a learning OKR frames it around what you are trying to learn. Create and implement a mix of these as you chart your business course.

• beyond_good_intentions_-_prompting_people.pdf
• n8n - an alternative to Zapier
• Debian Mailing Lists
• Linux kernel programming guide - this is good.
• Bits from Debian - Blog from the Debian Project
• List of Internet Relay Chat commands - Wikipedia
• quicknote
• REST API Reference | Todoist Developer
• x11 - Larger "xterm" fonts on HIDPI displays - Unix & Linux Stack Exchange
• Brutalist Web Design
• Google Sign-In issues (fix and workaround available!) · Issue #5182 · qutebrowser/qutebrowser · GitHub - this is what I needed to do to get qutebrowser logged into Google.
• Hacking with Andrew and Brad: tip.golang.org - YouTube
• GitHub - fatih/vim-go: Go development plugin for Vim
• Mobile App Monetisation - Covert trackers in your pocket / Privacy International

article about passwords

from: https://infosec.exchange/@epixoip/110309336934641249 epixoip@infosec.exchange - Happy #WorldPasswordDay!

I’ve cracked billions of #passwords from tens of thousands of #data #breaches in the past 12+ years, and because of this, I likely know at least one #password for 90% of people on the Internet. And I’m not alone! While I primarily crack breached passwords for research purposes and the thrill of the sport, others are selling your breached passwords to criminals who leverage them in #AccountTakeover and #CredentialStuffing attacks.

How can you keep your accounts safe?

• Use a #PasswordManager! I recommend @bitwarden and @1password

• Use a #Diceware style #passphrase  - four or more words selected at random - for passwords you have to commit to memory, like your master password!

• Enable MFA for important online accounts, including cloud-based password managers!

• Harden your master password by tweaking your password manager’s KDF settings! For #Bitwarden, use Argon2id with 64MB memory, 3 iterations, 4 parallelism. For #1Password and other PBKDF2 based password managers, set the iteration count to at least 600,000.

• Use unique, randomly generated passwords for all your accounts! Use your password manager to generate random 14-16 character passwords for everything. Modern password cracking is heavily optimized for human-generated passwords, because humans are highly predictable. Randomness defeats this and forces attackers to resort to incremental brute force! There’s no trick you can do to make a secure, uncrackable password on your own - your meat glob will only betray you.

• Use an ad blocker like #uBlock Origin to keep you safe from password-stealing #malware and other browser based threats!

• Don’t fall for #phishing attacks and other social engineering attacks! Browser-based password managers help defend against phishing attacks because they’ll never autofill your passwords on fake login pages. Think before you click, and never give your passwords to anyone, not even if they offer you chocolate or weed.

• Enterprises: require ad blockers, invest in an enterprise password management solution, audit password manager logs to ensure employes aren’t sharing passwords outside the org, implement a Fine Grained Password Policy that requires a minimum of 20 characters to encourage the use of long passphrases, implement a password filter to block commonly used password patterns and compromised passwords, disable #NTLM authentication and disable RC4 for #Kerberos, disable legacy broadcast protocols like LLMNR and NBT-NS, require mandatory #SMB signing, use Group Managed Service Accounts instead of shared passwords, monitor public data breaches for employee credentials, and crack your own passwords to audit the effectiveness of your password policy and user training!

• github - vim everywhere

• Build your own private WireGuard VPN with PiVPN / Jeff Geerling

• Frictionless developer environments: Simplify and add lightness

• Joanna web site

• you-tldr

• The UNIX Koans

• Frictionless developer environments: Simplify and add lightness

• rqlite

• Re: [Toolserver-l] The Norwegian toolserver - Toolserver-l - lists.wikimedia.org

• Mailing list etiquette - MediaWiki

• What’s up in the Python community?

• Nyxt browser: why-lisp.org

• HP® Workstations / HP® Small Business Store

• Learn Go with Tests - Learn Go with tests

• Watch “4 Super Insane Magic Tricks You Can Do #voila #voilamagic” on YouTube

• Watch “I built my own AutoGPT that makes videos” on YouTube

• https://chaos.social/@daniel_bohrer/110333976882050589 daniel_bohrer@chaos.social - TIL: yt-dlp can just read the Firefox (and other browser’s) cookie database, and login to many websites before extracting the video URLs 🤯

In my case: adding the parameter –cookies-from-browser firefox:~/.mozilla/firefox/ to the command line-

• Build your own ADS-B receiver - Pi24 client for flight tracking | Flightradar24
• Reality 2.0 Episode 145: Authenticating Content With Cryptography
• Personalized workout program - MadMuscles