Letters

Is It True What They Say about Passwords?

The article “Two-Factor Authentication” by Corey Steele [LJ, November 2005] raised a few questions in my mind about using passwords alone.

Without using two-factor authentication, and with the better and quicker password-breaking tools, how long does it take to break a password?

And, how much more time does it take for every character added to a password?

Is my 15-character password much stronger than an 8-character password (assuming they both have been chosen with the same level of inherent “strength”)?

How long of a password is needed to make the new better and quicker breaking tools impractical?

Please run some tests. I want to know.

PS: Is it really true that 90% of the passwords in use are on a short list of 100 passwords? I can't believe it.

—
Conrad Schuler

Ah, Memories

I found the article “Radio's Next Generation: Radii” by Dan Rasmussen, Paul Norton and Jon Morgan, about the Internet Radio [LJ, November 2005] quite interesting.

It reminds me of a time quite a few years ago when I interfaced a Commodore VIC-20 with a set of Moog Taurus II pedals and turned it into a MIDI controller. We actually used it to perform live at the Festival of Arts in Grand Rapids, Michigan. That was back in the 1980s! My brother played guitar and used the pedals for playing whatever (bass, strings and so on) on his Roland D10. I play drums. Boy, those were the days! I programmed the whole thing in 6502 assembly.

I would like to suggest, if you hadn't thought of it already, that you could get one of those Linux-based SBCs, similar to those advertised in Linux Journal, which cost not much more than an old laptop, and interface it with an old SoundBlaster 16 board and make the whole thing self-contained. Then you wouldn't have to play “Hide the Laptop” and you wouldn't have to wait for it to boot before listening to your favorite tunes.

Love that Linux Journal magazine. It's not all corporate fluff, but plenty of hacking and even some electronics now and then! I'm so glad someone still publishes this stuff!

—
Ken Peterson

Astronomy Heaven

As a new amateur astronomer and an avid Linux user, I was eager to somehow use both hobbies together. I had recently bought a rather nice Discovery 15-inch Dobsonian telescope. I also bought an Argo Navis Digital Telescope computer (DTC) to guide me to all the cool astronomical objects in the night sky, from Wildcard Innovations, and was anxious to use KStars, a KDE project, on my Linux laptop. To my dismay, the DTC wasn't compatible with KStars. The two systems would not allow me to see what my telescope was pointing at in the night sky. I had put both the DTC and KStars in the “Meade” emulation mode, but still no joy.

Linux, OSS and the GPL to the rescue! I had never gotten involved in an open-source project before but did have many great support experiences via OSS project listservers. So I thought I would give a shot to soliciting a modification to KStars. The KStars developers were fantastic, as I hear most OSS project maintainers are. I contacted the driver maintainer for KStars, Jasem Mutlaq, and he was very friendly and helpful. First I described my situation, and he gave me several ideas to try. They failed, so Jasem got the technical specs for the Argo Navis DTC from their Web site and almost immediately set about modifying an existing driver, the driver for Meade telescope. In a couple of days Jasem had something for me to try. I had never used Subversion before, so Jasem patiently talked me through using it to download and compile the latest KStars source code. We got close on the first try, me doing the testing and Jasem making source mods. The second try was much more successful—the pointer on KStars was moving as I moved the telescope, but when it went off the screen, KStars didn't update the skymap properly. So after one more modification, Jasem had done it. I was in Linux, KStars and Astronomy heaven. I could move the telescope, and KStars, through coordinates passed to it via the DTC, was updating the skymap and very accurately showing me exactly what my telescope was pointing at in the night sky! I could actually look at the KStars screen to find objects to view. Jasem also informed me that the next release of KStars would include the modified Meade telescope driver renamed as “Argo Navis” for all to use and enjoy. Wow that was cool!

After everything was working, Jasem asked me for a little favor. He needed to debug his Sky Commander driver so I put my Argo Navis DTC in the Skycomm mode and operated it with KStars to help him with debugging the Sky Commander Digital Setting Circle unit. He didn't have one, and since my Argo Navis had a mode for it, I was more than happy to help. I gave him the requested debugging output from KStars and he was able to fix his driver.

This development experience was fun, pleasant, fast and most of all free. I learned a lot too. Try doing that with a proprietary software package!

By the way, Jasem lives in Kuwait. Talk about a distributed development environment! But the whole process worked very well.

—
Doug Phillipson

JBuilder vs. Netbeans

Greetings. I'm a new subscriber to your fine magazine, with my first issue being your November 2005 issue. I see that in that issue you have a letter from a reader promoting JBuilder. I have used JBuilder before, and I can agree that it's a fine IDE, but I wanted to point out that Netbeans is also free and just as good, if not better. Personally, having used both, I prefer Netbeans.

—
Shawn