On one hand, I hear discussions like

How do we make our encryption quantum-proof?

On the other I see hundreds (and that is no joke) of S3 buckets, Azure Blobs with even the most intimate data being completely open for everyone.

How do we expect to solve complex and difficult problems of #infosec, if we cannot even solve the easy and trivial ones reliably?

I am not talking about amateurs. Sometimes I see so much data in such storage, that the high costs involved would prevent some rando from being responsible.

And even worse: if something like this happens, there is no process to solve that.

Closing those buckets falls on shoulders of volunteers and activists and them working through dozens of contacts.

While the people exposing the data get paid well, the people trying to prevent a disaster are working for free.

Wenn der #ADAC nicht unmittelbar vor Wochenenden oder Feiertagen vor Staus 🚗 warnt, implodiert ganz sicher ein Autokonzern oder die Hölle friert zu.

Anders kann ich es mir nicht erklären, dass diese Luftnummer von vielen meiner Kolleg*innen in den #Nachrichten immer noch reproduziert wird. 🤷🏻

Hello [redacted],

I don't do private support for free. If you want curl help, either pay for support and we can continue the conversation privately, or take the discussion to a public mailinglist/github discussion.

/ Daniel

Heute gibt es einmal einen Post in eigener Sache:

Ich schreibe meine Masterarbeit. Ziel der Arbeit ist das Erstellen einer Veranstaltung für Jugendliche (14-17 Jahre) zum Thema Künstliche Intelligenz. Und jetzt kommt die Herausforderung: Ich muss Jugendliche befragen. Ich bitte daher einmal darum, folgende Umfrage weiter zu verbreiten.

https://t1p.de/KI-Bildung1

Mastodon - do your magic! 🧙 🧙‍♂️ 🧙‍♀️

#bibliothek #oeb #FediLZ #studium #master #umfrage #jugendliche #KI #KuenstlicheIntelligenz #rp25

Microsoft: "we gonna screenshot every 3 seconds and feed it to Windows 11's AI assistant."

Signal: "This dangerous. Please put option to disable"

Microsoft: "No! Everything will be fed to the AI, except DRM protected content of course."

Microsoft: .....

Microsoft: ".. Don't you dare-"

Signal: *Calls to DRM API to protect user privacy*

Types of codebases my customers send me:

- Enterprise javabean factory factory... on a SIM card

- C# programmer retasked to write an authenticated bootloader in C for an arm platform with no training

- Beautiful well-written, easy-to-read C by an experienced systems programmer, with one mind-blowing 100-out-of-100-risk-severity bug buried in miscutils.c

- There is a hermit monk in a cave in Czechia. Once every three years, he emerges with a new revision of the codebase. It is horrifying spaghetti logic that repulses the human soul, but no matter how long and how hard you look, you can't actually find anything wrong with it