Microblog



October 20, 2020 | 09:09

A treasure of powerful quotes

For my presentations and webinars I am always looking for good quotations. A treasure of them, I found yesterday evening in the Netflix documentary “The Social Dilemma”1, of course in the original English version. I do not know the German translation. Some of those quotes I would like to share with you but not without first saying something about their context. Besides the inventors of the “Like-Button”2 and the “Infinite Scroll”, the documentary features numerous software developers, managers up to the highest levels of management, venture investors from Google, Twitter and Facebook, as well as a lot of scientists and civil rights activists. Read more

October 19, 2020 | 08:00

RFC 8461 MTA-STA

This weekend I was very active in improving my own security. I have also found two neat tools for quality testing which are Hardenize1 and DNSViz2 - both added to my Micro-Blog post “Measuring website quality”. On my own mailserver I have implemented MTA-STA according to RFC 84613 incl. reporting. This standard is quite new (2018) and is particularly suitable for servers without DANE4. However, even without DANE I believe that I have the best and most complete server by standards (DKIM, SPF, DMARC, MTA-SRA, TLS-RPT, TLS1. Read more

October 18, 2020 | 12:20

Conditional Logging with Apache

I’ve started using Apache-Exporter1 for monitoring and checking this weekend how useful it is and how it can be integrated into my Prometheus2 monitoring enviroment. The server-status requests inevitably lead to more “background noise” in the Apache logfiles. The screenshot below clearly shows in the upper less section: Of course the requests cannot be prevented, but you can manipulate what Apache writes in its logfiles. It’s called conditional logging and allows you to set variables with SetEnvIf3 to any regex on each request. Read more

October 13, 2020 | 13:01

Security, Risks, Liability and Audits

I need to admit: I really love writing audits. It has a certain degree of scientific working to falsify statements. So I was recently confronted with the following quote from a responsible IT manager: We are not concerned with security, but with liability. If Microsoft promises security, this is enough for us. Well, unfortunately I did not attend a judicial exam but when I read the Microsoft EULA1 regarding risks and liability, I consider the circumstances slightly more differentiated: Read more

October 12, 2020 | 08:25

Webinar: Security of Conferencing Software

Within a " digital breakfast " I will give a presentation for the DigiNet Südwestfalen at November, 3rd 2020, 08:30 am at my own Conferencing-Server Topic: “Security of Conferencing Software” giving Stakeholders and Decision-Makers Orientation for risk-assesment. This is a non-public event, please register via Sonja Pfaff on the DiginetSWF Website. About DigiNet Südwestfalen: In early 2019, the Transferverbund Südwestfalen started to track down service providers and networks active in the field of digitalization in South Westphalia as part of the NRW. Read more

© 2020 Tomas Jakobs - Imprint and Legal Notice