Dezember – Budapest (Freunde besuchen) -> Zürich -> Leipzig (34C3) -> Zürich (31.12.2017)
Den Vorwurf viel unterwegs zu sein kann ich als FalschNeuheit abtun, ich war im 2017 nämlich 83% des Jahres in der Schweiz (Das entspricht einer Gesamtheit von 304 Tagen)! Sascha meinte kürzlich, dass der Fakt das ich Daten über meine Anwesenheitszeit in der Schweiz hätte schon Grund genug sei mich damit aufzuziehen. Naja unrecht hat er nicht.
TL;DR: you can hijack certain Lisk accounts and steal all their balance after only 264 evaluations of the address generation function (a combination of SHA-256, SHA-512, and a scalar multiplication over Ed25519’s curve).
Interesting Data on the rise and fall of JS Frameworks
[…] and I joked at the end that one could use this for file storage.
Well, I could not stop thinking about doing this. There are surely a lot of open DNS resolvers out on the internet, that are just asking to be used for storing random things in them. Think of it. Possibly tens of gigabytes of cache space that could be used!
We… we had ad-free social networking in 2004. It was called “one of your friends got a Dreamhost and put some forum software on it and everyone hung out there.” If the website got really big and popular, maybe the owner would ask for donations from the users, and usually folks would give enough to keep the place afloat, because everyone wanted to keep hanging out there.
It’s 2018 and I still read blogs (yes via RSS) and listen to podcasts (also in high speed mode sometimes).
As I’m pretty picky when it comes to podcasts, I decided to sum up a short list of what I regularly listen to. First, the content should be interesting and I like good audio quality. I can not for the love of my life listen to stuff that sounds like it was recorded over a landline. Last but not least I don’t like ads 😉
Bonus points for show notes and Topicmarks which are incredibly helpful when listening to 4 hour podcasts.
The co-hosts around Tim discuss all new and fancy topics out of the tech scene. They run a show every other week and land usually on the 4 hour mark 🙂 If that’s too much for you this podcast has fantastic show notes and great chapter marks so if you just want to listen in to a few parts it makes it very very easy.
Wow auf das war ich nun wirklich nicht vorbereitet. Und ja, das ist ein “ZOMG!IchBinZumErstenMalAmCongress”-Beitrag. Dei 4 (also eigentlich 5) Tage im CCC-Universum vergingen wie im Fluge, und wie Steini in Relativitätstheorie für blutige Anfänger sagte: “Zeit ist relativ”. Nebst den Talks gab es viel zu sehen, entdecken und diskutieren. Es war toll mal die Leute hinter den Projekten wie Tor und OONI direkt zu treffen und mit ihnen zu plaudern.
Die 6-2-1 Regel wurde Plusminus eingehalten – 6 Stunden schlaf, 2 Mahlzeiten und einmal Duschen pro 24 Stunden. Mate und Kaffee werden aus Gründen nicht quantifiziert.
Die Talks! – Hier mal ein paar der Talks, die ich sehr gut gefunden habe:
Cabin is an interesting experiment; an attempt to compete with airlines by promising a better night’s sleep. Flying between the two cities may take less than an hour and a half. But getting to the airport, shuffling through the security queue, waiting at the gate, picking up your bag upon arrival, and getting from the airport to your actual destination can nearly quadruple the total travel time. That means a trip can eat up most of the day. Or if you want to travel at night, you have about an hour to sleep, between several hours of hassle and tedium.
That’s among the reasons, why I prefer the night train to wherever place possible in europe 🙂
Here’s how Haven might work: You lock your laptop in a hotel safe — not a secure move on its own — and place your Haven phone on top of it. If someone opens the safe while you’re away, the phone’s light meter might detect a change in lighting, its microphone might hear the safe open (and even the attacker speak), its accelerometer might detect motion if the attacker moves the laptop, and its camera might even capture a snapshot of the attacker’s face. The Haven app will log all of this evidence locally on the Android device.
It’s still in early beta state but I like what it does so far.
We recently built a distributed cron job scheduling system on top of Kubernetes, an exciting new platform for container orchestration. Kubernetes is very popular right now and makes a lot of exciting promises: one of the most exciting is that engineers don’t need to know or care what machines their applications run on.
Distributed systems are really hard, and managing services on distributed systems is one of the hardest problems operations teams face. Breaking in new software in production and learning how to operate it reliably is something we take very seriously. As an example of why learning to operate Kubernetes is important (and why it’s hard!), here’s a fantastic postmortem of a one-hour outage caused by a bug in Kubernetes.
Es dauert noch geschlagene drei Monate, bis das Stimmvolk die No-Billag-Initiative endlich versenken darf. Es drohen drei lange Monate zu werden. Drei Monate, während denen der SRG die Tweets nur so um die Ohren fliegen. Jede missliebige Sendung, jede holprige Äusserung eines Moderators, jedes schlechte Ergebnis eines Schweizer Skistars wird als schlagender Beweis angeführt, weshalb diese elendlichen Zwangsgebühren abgeschafft gehören.
There will also be those who will criticize me and say that I’ve acted irresponsibly, but that’s completely missing the point. The real point is that if somebody like me with no previous hacking background was able to do what I did, then somebody better than me could’ve done far worse things to the Internet in 2017. I’m not the problem and I’m not here to play by anyone’s contrived rules. I’m only the messenger. The sooner you realize this the better.
A good read from an individual that singlehandedly made the internet a bit better.
“Damn. If only there was some system which allowed you to follow updates to blogs and websites you care about in a manner that ensured you never missed an update, could find new updates at a glance, and didn’t have to wade through masses of noise to do so. …Hey, this would be a great idea for a startup!”
“I think you’ll find it’s already been done.”
“Really? Who by? Why didn’t you mention this earlier?”
“We got the airplane on Sept. 19, 2016. Two days later, I was successful in accomplishing a remote, non-cooperative, penetration,” Hickey said in an article in Avionics Today. “[That] means I didn’t have anybody touching the airplane; I didn’t have an insider threat. I stood off using typical stuff that could get through security, and we were able to establish a presence on the systems of the aircraft.”