Teaching IT-Security and Math (since 2020 or forever, whatever came first)
Practicing Habitual Automation
(languages Deutsch and English, depending on topic)
| website | https://informatik.hs-bremerhaven.de/lafischer |
| coffee | tea |
| PGP | A2FE 7D7E A05C 92C3 F9EC F875 B296 0E33 A4AC D842 |
| Licence | Starting 2020-10-05 this work is licensed under CC BY-NC-SA 4.0 |
Not only students grow at this university. Its "applied", keep that in mind.
Put them in last week.
Nice, short read on vulnerabilities in two password managers. (Others seemingly have not been addressed.) Weaknesses like "missing authentication" might raise some hairs.
Short commercial for the standard Unix password-manager https://www.passwordstore.org/ here. Main advantage in this context is that the actual software is simply combining trusted and tested tools and concepts: pgp, files, git, ssh, pinentry, various tools to further use pass in different applicatios , and not trying to "re-invent". That also has the advantage of the passwordsbeing accessible if the password-store software becomes unusable.
Furthermore it is easier to estimate the achieved level of security, e.g. https://gpg.fail/ (Prectical hint, sequoia-chameleon promises to provide a stand-in replacement for gnupg.)
Category Theory is cool and if only because you can abbreviate it as "Cat Theory".
Started re-reading "Category Theory for the Sciences" by David Spivak with a friend. Read the foreword for the first time and immediately got this nice quote from it:
“when we formalize our ideas, our understanding is clarified. [...]
And if we are ever to get to the point
that we can input our ideas into computers,
we will need to formalize these ideas first.”
Very much what I experienced dabbling in Haskell-Code and the reason why that felt very much elevating.
If you know him on mastodon, please drop me a pointer. (Best in the way of "Hi, I'm David, glad you like my books", because I own two of them and cherish them both. (Just found a missing closing-bracket in section reference. I'd like to improve the second edition, but that is such an unimportant mistake. I both hope and not hope to find some mistake important enough to write an email.)) )
[Here I added an extra bracket for you to take, should you become aware of this text.]
🌍 Gladys West (1930–2026) war Mathematikerin und arbeitete über 40 Jahre in der Geodäsie für das US-Militär.
Mithilfe von Satellitendaten entwickelte sie präzise Modelle des Erdgeoids. Eine zentrale Grundlage des GPS. Ihre Berechnungen ermöglichen Navigation bis auf wenige Zentimeter genau.
Lange blieb ihr Beitrag unbeachtet. 2018 wurde sie international geehrt und in die Hall of Fame der US Air Force aufgenommen.
Quickly, I have to absolutely urgently to help the chair of the board of GÉANT, who inexplicably unexplained cannot access his geant-email and thus has to borrow a presidents(! no less) gmail-account, with something utterly urgent! !k! Europe, no, the world is at the brink of cyber-apocalypsis.
Is this some insufficient elaborate scam for busy professors? You are out of luck, I have grading work to attend to. There is no other task on my schedule for today — because I will use any and every excuse to #procrastinate from grading exams.
Or is it just, that something found me which could be called "shotgun-whaling"? Because I'd like to start the day with creating some new and (arguably) funny terminology. It would make my day so much better to see such a thing make a small ripple through the fediverse. I am soooo much not phishing for boosts here! ;-)
Oh, look, the tea is empty, have to go and brew some new tea.
(The 'k' between the exclamation marks above becomes slightly more funny if you are typing with the neo2 layout.)
I am slow in adopting all the shiny new technologies. (I actually went "backwards" to vim somewhat 10 years ago, after having been forced to work in one of those big IDE-things, eclipse I think it has been. Even emacs seemed bloated afterwords, though I had long years of happy relation with the latter. No hard feelings there.)
Turns out that it's good I could not remember the name "openclawai" that has been recommended to me by a fascinated coding-person.
Today (well, yesterday. Remember "slow") moltbook featured in "this week in security". Some million of API-keys disclosed to the general interested public — as well as the nefarious ones too. So there is an example of an Ouroboros (that a phrase usable here? Make it one.): Vibe-coders (or -shellers) bitten by vibe-code platform for vibe-coding. Well accidents tend to happen, bad code happens too, let us just see the funny side of this and do not think about what could have happened if this kind of very much not-mature technology would already be adopted widely.
Instant Update: I just got word from the office next door about the fascinating efficiency of vibe-coding and how everybody is and should be doing it. O_o (Told you; "slow" 😉)
(source: https://www.wiz.io/blog/exposed-moltbook-database-reveals-millions-of-api-keys via: https://this.weekinsecurity.com/this-week-in-security-february-8-2026-edition/)
Host your own "Cloud"! Why? Because it is amazing in a sense.
Just, for the first time got the directory of a project shared from a foreign nextcloud instance into my own. Works like a charm.
Strangely I seem to be able to re-share this directory. O_o Now I'll have to see if anyone has exploited this already. 😞 Or, more likely, if it has been called a "feature".
But still, I am positively happy about this simple way to cooperatively work over federated instances. Basically, because the Internet has been designed as such a wonderfully distributed place and all these centralized (web-)services have been destroying this through their (economically motivated) monopolization of the "cyber"space.
#distributedsystems for teh win!
Besides the punchy title (which might be true, but that's not my point), this article is interesting to learn in what way AI affects our writing style:
BKG
cryptax