Back in March, I’ve been skiing/snowboarding in Livigno for the first time. I had heard good things about it in the past, but there are just so many other ski-resorts closer to where I live. I wasn’t disappointed. They have two small ski areas, that are not linked together. But there is a lot of …
Category Archives: Technology
How I love Apps! [en]
I’m a little techno-skeptical at times. And the concept of (mobile/native) apps has bothered me ever since the first true smart-phones popped up 20 years ago. The word “app” is annoying in itself: we’ve had software “applications” for decades. And we’ve had software package managers, too. Then someone comes along, hijacks the term “app”, puts …
Shoot yourself in the foot: WordPress UAM vs. HTTP Cache Headers [en]
Ever since I had reactivated this blog a couple of years ago, I noticed that something was wrong with its content caching. On each page reload, the browser would download all images from scratch. Even though it should have been easy to cache these images. There are various standards govern how web browsers should cache …
Continue reading “Shoot yourself in the foot: WordPress UAM vs. HTTP Cache Headers [en]“
Shoot yourself in the foot: Docker, Nextcloud & git [en]
I did something stupid again. I noticed it, when I received notifications from my Prometheus monitoring. The probe that sends HTTP requests to my Nextcloud server was failing. Strangely, no other probes were failing. No high load, no memory exhaustion, no filesystem running full. Manual testing confirmed that all my other web-apps worked as expected, …
Continue reading “Shoot yourself in the foot: Docker, Nextcloud & git [en]“
Kodi on Raspberry Pi: First Impressions [en]
Background I’ve been living without a proper TV for the past 20 years. Nevertheless, I’m consuming a shitload of video content. Mostly streaming services; the usual suspects. But also select contents from Germany’s public TV stations. So far, I’ve been watching such videos on my laptop computer – I get a lot of screen-time there, …
Continue reading “Kodi on Raspberry Pi: First Impressions [en]“
Free at Last — XSS Edition [en]
Yesterday my employment contract ended, after more than ten years at a big software company. I feel free now. Weirdly. Cause it’s not like I wasn’t free in my work there. I had a lot of freedom in what I was working on and how I organized my work. And, I was working alongside some …
New OpenPGP Key [en]
I’ve been using OpenPGP for email signing (and very rarely for email encryption) for ages. In fact, the key that I’ve been using so far is from 2001: This key (actually two sub-keys, one for signing, one for encryption) has a fairly low size by today’s standards. I’ve been aware of this for ages, but …
Shoot yourself in the foot: crypttab edition [en]
I’m running Ubuntu on my laptop, using the standard disk-encryption that the Ubuntu installer provides. (Well, the one it provided a couple of years back, when I last installed from scratch.) This setup uses cryptsetup with LUKS on the main partition. This in turn contains an LVM physical volume, which contains a volume group with …
Continue reading “Shoot yourself in the foot: crypttab edition [en]“
The Gotchas of Railroad-Safety [en]
They say trains are one of the safest modes of transportation. And while I can think of several horrific train crashes in the past, I generally believe it’s true. But now I’m wondering about all the small things that could go wrong? How common are they? On my last surf-trip, I witnessed this small incident …
Notes on exiftool Usage [en]
Most of the image manipulation and media organization applications that I’m using do not have great support for meta data. Sure, they can display and edit relevant meta data. But they’re not great at filtering, bulk-editing, etc. So I’m using the exiftool CLI to get some of the basic image meta-data straight, before uploading images …
The 80s called and want their communication tech back [en]
Well, they might as well. Because I just got my first fax machine today. No fax hardware though, just a virtual one. My e-mail provider is offering that as a service. Even got my own number (which I had to verify via snail mail) and I can send and receive faxes. It’s 2022 now, and …
Continue reading “The 80s called and want their communication tech back [en]“
Small Money in Tanzania [en]
One thing that stands out here in Tanzania (yupp, I’m still here, greetings from Zanzibar!) is the huge wealth gap. Tourists can easily pay European prices at restaurants and hotels. Wealthy locals drive big SUVs and own generous houses (and other real estate). But many Tanzanians live in tremendously poor conditions, especially in rural areas. …
XSS Demo [en]
Finally some good use for my new infrastructure. I’ve had this small Angular app lying around, which I wrote for a presentation/demo on XSS a couple of years ago. So far, I’ve run it locally to demonstrate XSS vulnerabilities and how to exploit them. Now I have a place to put it and share it …
The B in BYOK stands for Bullshit [en]
I’ve recently encountered someone, who insisted on a Bring-Your-Own-Key (BYOK) setup for compliance reason. I’ve always been skeptical about that and I didn’t have to search long for confirmation. This is what the Wikipedia article on BYOK has to say: […] a cloud computing security marketing model […] […] gives the enterprise the perceived control …
Let’s Revoke! [en]
Getting TLS certificates from Let’s Encrypt is easy, but that’s just part of the story. It may sound paranoid, but being able to revoke certs is almost equally important. The premise is that there’s always a chance that your private keys will leak. Maybe it will never happen to me, but it will eventually happen …
Let’s Encrypt! [en]
… is where I’m getting the TLS certificates for this blog nowadays (after moving away from CAcert). I’ve been using Let’s Encrypt at work now and then. Many colleagues in my department are heavy users and my employer is a sponsor. So I knew what to expect and how to get started. Nevertheless, here’s a …
Goodbye CAcert [en]
When I started this blog back in 2010, I wanted HTTPS, but I didn’t want to pay extra for it. Back then that wasn’t as easy as it is today. So I compromised and got my TLS certificates from CAcert. Problem was that almost no OS or browser vendor trusted their certs. Debian and Ubuntu …
OK, Boomer [en]
Looking for a web security challenge? I recommend this XSS Game. Frankly, I’ve even struggled with some of the “easy” warmups. Let alone the challenges. Luckily, they’ve published solutions, too. Kudos to Pwn()!
Biting my style [en]
So I’m working at a huge software company and in my department we have this nice tradition of lunch-talks. The company buys pizza and we all eat it, while one hungry person gives ~1h talk. (Well, that was before the pandemic, now everything is remote and we have to fend for ourselves.) Most of the …
It’s been a while [en]
My last post here has been over 4 years ago. I’ve really neglected this blog. Let’s see, if I can change that… Part of the problem was the rotten technology underneath. Even apart from WordPress. It was running on some weird virtual server at a local hosting provider. Weird, because it was neither full virtualization …