I am regularly surprised how many organizations fail with one of the most basic things they can do about IT security: HAVE A SECURITY CONTACT. If someone externally wants to tell you about a security issue, make it easy for them. There's a standard for it (security.txt), but even having any place on your webpage saying e.g. "if you found a security issue, please contact XYZ" is good enough.
Es sagt ja so viel über den kaputten Stand unserer gesellschaftlichen Diskurse, dass wir gerade eine Diskussion über den Krankenstand haben, aber kein einziger Vorschlag dazu zielt darauf ab, dass Leute weniger krank werden. Ich mein, ist ja nicht so dass man da nix tun könnte. (Luftfilter, Masken, Homeoffice, leichterer Zugang zu Impfungen, ...)
Ach echt, es war gar keine tolle Idee, die Heidekrautbahn mit Wasserstoff (wohlgemerkt aus Erdgas) fahren zu lassen? Hätte uns nur jemand gewarnt!
Wasserstoff-Engpass führt zu Einschränkungen bei Regionalbahn
Auf der Strecke der Heidekrautbahn zwischen Berlin und Groß Schönebeck fahren seit Mitte Dezember Züge mit Wasserstoffantrieb. Damit ist nun vor...
Anyone has an explanation how that happened? I got an error about a double free in an ssh shell with an immediate disconnect afterwards. Likely a memory corruption happening in bash. Possibly also in ssh itself... image
This is quite something: The BBC reports about health misinformation. One example is... a show on BBC! I mean, I guess it's good that they critically evaluate their own reporting. But it gets better: "A spokesperson for the BBC declined to comment." That's quite arrogant of the BBC to decline to comment when a journalist working for the BBC asks you for a comment
Steven Bartlett sharing harmful health misinformation on Diary of CEO podcast
Disproven health claims are accepted with little challenge by host on number one podcast, BBC investigation finds.
Dear everyone who owns domains that are *not used for e-mail*, particularly ones that are potential targets for phishing (banks, high-profile names): Could you please configure SPF+DMARC, ideally with p=reject? You may wonder: Why should I configure anything email for a host that isn't used for email? Well... it helps others to identify spam sent with your domain as the sender.
Google payed me a bugbounty for a bug I reported 8 years ago...
Is there anything like a reasonably working local antispam solution for web contact forms? It appears the popular one is akismet, but that essentially means "sent the whole message to someone else", and that feels really inacceptable privacy wise.
Certainly the thought crosses my mind whether anyone will want to read my likely-30k-characters thoughts on green methanol that I'm currently writing down, with obscure, nerdy side quests towards formaldehyde, dimethyl ether, and gasification technology. But then, I know at least a couple of people that will almost certainly read it, so I guess it's okay.