Blog
Refactoring Part 1 – A Collyer’s Mansion of code
It’s a common problem in software development that – all best intentions aside – the once clean and structured code base gets more and more complicated and messy over time. There are plenty of reasons for even the most cared for code to get to this state, e.g. technical debt. At this stage the designated developer is faced with at least two options to proceed further: Recreating the code from scratch or refactoring the code base over time.
BigBlueButton – Selbst gehostete Videokonferenzen
Videokonferenzen erfreuen sich gerade in Coronazeiten großer Beliebtheit, passen aber auch so ins 21. Jahrhundert, in dem Meetings auch online abgehalten werden können. Die Open Source Videokonferenzplattform BigBlueButton zeigt, wie dies auch mit eigenem Hosting unabhängig und datenschutzkonform möglich ist.
Locking your screen when you remove your U2F device
Universal Second Factor (U2F) devices were invented as a second factor for websites using two factor authentication. The website sends a challenge, the U2F device responds if its button is pressed. A small LED starts blinking, you press your button and thus confirm the usage.
But you cannot only use U2F devices for websites. Using PAM’s pam_u2f module, you can plug it into any service that uses PAM. This was described in my previous article.
If you want to use your U2F device to unlock your running session, you need to treat it like a key. So, when you leave your desk to grab a cup of coffee, you need to take your key with you. You should of course lock your screen when you leave your desk, too. But wait – couldn’t you combine these steps? Lock your screen by removing your U2F device?
Having fun with U2F devices
Inspired by a recent article series in the German magazin c’t (1, 2, 3), I got my hands on two simple U2F devices to find out if their usage might help my work pattern.
Imagine sitting in public transportation and having to retype your (root) password for each and every sudo call you issue. Imagine having to retype your password each time your screen lock engages. Imagine just having to touch a small button on a USB device instead.
Schwachstelle gefährdet Linux-VPNs: Analyse und Gegenmaßnahmen
Sicherheitsforscher beschreiben unter CVE-2019-14899 eine mögliche Angreifbarkeit von Virtual Private Networks, die auf Linux (sowie FreeBSD, Android u.a.) mit IPSEC oder OpenVPN aufgebaut werden. In diesem Artikel wird die Schwachstelle analysiert und mögliche Gegenmaßnahmen aufgezeigt.