Profile cover photo
Profile photo
Philipp Kern
SRE, Coffee addict, Debian developer
SRE, Coffee addict, Debian developer


Post has shared content
Treffer, versenkt.
"Ich freue mich, für die AfD wieder als Spitzenkandidatin in den Wahlkampf zu ziehen." - Frauke Petry (AfD)

Post has shared content
"In seinen FAQ weist Quad9 aber auch explizit darauf hin, dass der Dienst "Telemetriedaten" seiner Nutzer anonymisiert mit den kooperierenden Sicherheitsfirmen teilt. Außerdem speichere der Dienst Geoinformationen der Nutzer, die zur Analyse von "bösartigen Kampagnen" genutzt werden sollen. Ebenso speichere der Dienst die abgefragten DNS-Records mit Zeitstempel der Abfrage sowie einer Geolokation des Ursprungs der Abfragen"

Also Google teilt Benutzerdaten ja nicht mit anderen Unternehmen.

"(5) Bei jeder Anmeldung [auf der Webseite] hat der Karteninhaber das Sicherheitszertifikat zu überprüfen. Bei Auffälligkeiten und Zweifeln an der Echtheit hat der Karteninhaber die DKB AG [...] unverzüglich hierüber zu informieren."

Okay. Und wie prüft man Sicherheitszertifikate?

Post has shared content
Facebook’s Staggeringly Stupid and Dangerous Plan to Fight Revenge Porn

I’m old enough to have seen a lot of seriously stupid ideas involving the Internet. But no matter how incredibly asinine, shortsighted, and nonsensical any given concept may be, there’s always room for somebody to come up with something new that drives the needle even further into the red zone of utterly moronic senselessness. And the happy gang over at Facebook has now pushed that poor needle so hard that it’s bent and quivering in total despair.

Facebook’s new plan to fight the serious scourge of revenge porn is arguably the single most stupid — and dangerous — idea relating to the Internet that has ever spewed forth from a major commercial firm.

It’s so insanely bad that at first I couldn’t believe that it was real — I assumed it was a satire or parody of some sort. Unfortunately, it’s all too real, and the sort of stuff that triggers an urge to bash your head into the wall in utter disbelief.

The major Internet firms typically now have mechanisms in place for individuals to report revenge porn photos for takedown from postings and search results. Google for example has a carefully thought out and completely appropriate procedure that targeted parties can follow in this regard to get such photos removed from search results.

So what’s Facebook’s new plan? They want you to send Facebook your own naked photos even before they’ve been abused by anyone — even though they might never be abused by anyone!

No, I’m not kidding. Facebook’s twisted idea is to collect your personal naked and otherwise compromising sexually-related photos ahead of time, so just in case they’re used for revenge porn later, they can be prevented from showing up on Facebook. Whether or not it’s a great idea to have photos like that around in the first place is a different topic, but note that by definition we’re talking about photos already in your possession, not secret photos surreptitiously shot by your ex — which are much more likely to be the fodder for revenge porn.

Now, you don’t need to be a security or privacy expert, or a computer scientist, to see the gaping flaws in this creepy concept.

No matter what the purported “promises” of privacy and security for the transmission of these photos and how they’d be handled at Facebook, they would create an enormous risk to the persons sending them if anything happened to go wrong. I won’t even list the voluminous possibilities for disaster in Facebook’s approach — most of them should be painfully obvious to pretty much everyone.

Facebook appears to be trying to expand into this realm from a methodology already used against child abuse photos, where such abuse photos already in circulation are “hashed” into digital “signatures” that can be matched if new attempts are made to post them. The major search and social media firms already use this mechanism quite successfully.

But again, that involves child images that are typically already in public circulation and have already done significant damage.

In contrast, Facebook’s new plan involves soliciting nude photos that typically have never been in public circulation at all — well, at least before being sent in to Facebook for this plan, that is.

Yes, Facebook will put photos at risk of abuse that otherwise likely would never have been abused!

Facebook wants your naked photos on the theory that holy smokes, maybe someday those photos might be abused and isn’t it grand that Facebook will take care of them for us in advance!

Is anybody with half a brain buying their spiel so far?

Would there be technically practical ways to send photo-related data to Facebook that would avoid the obvious pitfalls of their plan? Yep, but Facebook has already shot them down.

For example, users could hash the photos using software on their own computers, then submit only those hashes to Facebook for potential signature matching — Facebook would never have the actual photos.

Or, users could submit “censored” versions of those photos to FB. In fact, when individuals request that Google remove revenge porn photos, Google explicitly urges them to use photo editing tools to black out the sensitive areas of the photos, before sending them to Google as part of the removal request — an utterly rational approach.

Facebook will have none of this. Facebook says that you must send them the uncensored photos with all the goodies intact. They claim that local hashing won’t work, because they need to have humans verify the original uncensored photos before they’re “blurred” for long-term storage. And they fear that allowing individuals to hash photos locally would subject the hashing algorithms to reverse engineering and exploitation.

Yeah, Facebook has an explanation for everything, but taken as a whole it makes no difference — the entire plan is garbage from the word go.

I don’t care how trusted and angelic the human reviewers of those uncensored submitted nude photos are supposed to be or what “protections” Facebook claims would be in place for those photos. Tiny cameras capable of copying photos from internal Facebook display screens could be anywhere. If human beings at Facebook ever have access to those original photos, you can bet your life that some of those photos are eventually going to leak from Facebook one way or another. You’ll never lose your money betting against human nature in this regard.

Facebook should immediately deep-six, bury, terminate, and otherwise cancel this ridiculous plan before someone gets hurt. And next time Facebook bros, how about doing some serious thinking about the collateral risks of your grand schemes before announcing them and ending up looking like such out-of-touch fools.


Post has attachment
I guess it's time to tout the My Activity dashboard for your Google account again. If you don't want things like location history to be stored in your account, you can turn it off there ( And you can delete whatever you want to get rid of.

Also note that Google never sells your personal information and that the activity is only visible to you.

Post has shared content

Post has attachment
Russ pointing out how the root of the systemd disagreement is about Lennart and systemd being evil. No argument is going to change that. It's sort of like having a discussion about guns. A decision on technical merit has one pretty clear outcome (hand out less guns, use systemd). But at the same time the discussion is emotional ("we always did it one way") and totally destructive.

Post has attachment
""Ich glaube nicht, dass die Abschaltung genehmigt wird", sagte CSU-Fraktionschef Manuel Pretzl. Von einem deutlichen Votum der Bürger wollte er nichts wissen. "Das Thema bewegt doch nicht die Massen, es hat doch fast niemand hinterm Ofen vorgelockt", teilte er in Richtung des Anti-Kohle-Bündnisses aus. Offen räumte Pretzl ein, dass sich der Stadtrat auch über den Bürgerentscheid hinwegsetzen könnte. Dessen rechtliche Bindung läuft nämlich nach einem Jahr aus."

War es nicht die CSU, die mehr Bürgerbeteiligung gefordert hat? Und dann hat man einen Bürgerentscheid, der nach den Regeln angenommen wird und dann ist es der CSU egal weil es ihr nicht in den Kram passt? Schockierend.

Post has attachment
systemd-coredump is apparently a thing. And it's super useful. At least on Debian you still need to install it (it's the name of the package there). And then you can just "coredumpctl info" and it gives you the latest crash including a backtrace. And there's "coredumpctl gdb". How awesome is that.

Post has attachment
Better hardware for better meetings. A platform that's much more similar to what Google uses internally.
Wait while more posts are being loaded