I built something and blogged about it! If you're into Django and security, read here:
Fully prepared to make it to Leipzig tomorrow and giving my „startup security“ talk on Monday.
While preparing the talk I actually started considering a blog series „startup security 101“, really starting with the basics like „why two people approve a merge into master“ and „yes, you have to have a lock screen password“
Google Street View letting you case a joint by going into its parking lot and checking rear doors and loading docks is one thing.
Letting you use 360° Photo to case a lobby (and get an idea of physical security and security guards) is another thing entirely.
This is nice!
Oh, the irony... Malware spread via Best of the Web security seals
Zara Larsson wants your password so she can watch Game of Thrones
Because to much people complained that they had troubles to get their homeserver online I wrote a tutorial including all setup steps from 0 to running server, incl. reversed proxy, certificates, .... Have fun.
How to Setup your Matrix Synapse Messaging Homeserver (May 2019/English)
Mobile devs discussing an XML API
„JSON is so much easier to use!“
„You will be replaced by a company offering JSON!“
Got bad news for you. XML is not the problem but you inability to integrate an API without libraries that blur the line of HTTP client and object mapping.
I am all for libraries handling things this, but not being able to use one doesn’t mean the companies API is the problem here.
Published a new article - Buying an Android phone is hard. https://www.timo-zimmermann.de/2019/05/buying-an-android-phone-is-hard/
ranting a bit about the various specs and bloatware you find on most devices.
I was invited to speak to a few startups about security and I am currently not sure how to appproach this.
I’d like to keep it high level and reference resources to cover a lot of ground, but being too abstract likely makes the whole talk very unappealing.
So much to cover for infrastructure, web apps and physical security,... „don’t do stupid and pay the maid / janitor well“ feels a bit too simplified.
Apparently if you are logged in chrome, it will provide to websites like Quora and Pinterest(login with google) your information, beacause a few days ago I saw a question on quora the first time (i don't have a quota account) and it suggested me to login with Google(I didn't), a few days later (today) I got an email asking if I'm still interested in that question...
I visit quota once, I didn't login or gave my info and I now I'm tracked.
That's crazy.... It only took 20s on the website.
I build backends, apps and sometimes break them, practice martial arts and enjoy video games.
Currently working as head of security.
A Mastodon instance for info/cyber security-minded people.