Just posted “Automattic & Tumblr” - commenting on The Verges interview with Matt https://www.timo-zimmermann.de/2019/08/automattic-tumblr/
Compromised rubygems account results in rest-client code injection.
#Python programming Humble Bumble time!
Just published „Thoughts on video on demand, Netflix and the revival of piracy“
Ranting a little bit about the change in vod landscape, the content industry messing up and YouTube Premium being worth the money https://www.timo-zimmermann.de/2019/08/thoughts-on-video-on-demand-netflix-and-the-revival-of-piracy/
Published „Zoom, web servers and silent updates“ - I still believe silent updates are the right solution for some problems, expect that to change and don’t like Zoom.
I'm quite relieved that this doesn't apply to me. Even back when my social skills were far worse than they are now - my desktop background was never black. And I make pauses while typing. So I'm not *that* type of engineer. #10xEngineer
One day I will give a talk titled „you do not want to appear on TechCrunch“. Without irony and not specific to security incidents.
I remember them reporting about a feature I worked on for a quarter basically getting everything wrong telling our customers we would now have a certain feature we didn’t even plan to build because it made no sense at the time,...
The solution? Make all of your passwords sound like innocuous messages you'd send to slack anyway.
Email password: Hey, who's going to be in on Monday?
Laptop password: Does anyone have that pricing sheet?
New blog post: One week with iPadOS - used it as my daily driver for a whole week and I have to admit I am very satisfied. If Apple continues putting work into it I can see it as an alternative to Chromebooks and viable option for non engineering departments.
Just posted „security 101 - know your threats“ - things a startup should be worried about and what to consider in a threat model
It’s so stupidly hard to find a good computer case for a gaming machine. Proper cooling and enough space is key.
It feels like a market where you can enter with a block of aluminium and a CNC machine mixed with some common sense.
Even cases explicitly build for air cooling don’t fit an be quite! or Noctua CPU cooler properly.
Just posted “Startup Security 101 - Introduction” - my attempt to collect a series of articles explaining easy wins for startups which are time, money and engineering constraint (so,… all of them) https://www.timo-zimmermann.de/2019/06/startup-security-101-introduction/
I build backends, apps and sometimes break them, practice martial arts and enjoy video games.
Currently working as head of security.
A Mastodon instance for info/cyber security-minded people.