What a pity, this is exactly the scenario I first expected for Microsoft. But I’m not really surprised that Apple is now ahead, what happened? The ocsp.apple.com server was apparently down and/or unreachable between yesterday and today1. Unfortunately macOS tries to reach it every time an app is opened to check if a certificate has expired2 or an app has been retracted or some more magic. Read more

I need to admit: I really love writing audits. It has a certain degree of scientific working to falsify statements. So I was recently confronted with the following quote from a responsible IT manager: We are not concerned with security, but with liability. If Microsoft promises security, this is enough for us. Read more

Within a " digital breakfast " I will give a presentation for the DigiNet Südwestfalen at November, 3rd 2020, 08:30 am at my own Conferencing-Server Topic: “Security of Conferencing Software” giving Stakeholders and Decision-Makers Orientation for risk-assesment. This is a non-public event, please register via Sonja Pfaff on the DiginetSWF Website. Read more

In the previous webinar on IT risk assessment and information security, participants questioned me during the 15-minute live hacking session: Is this not illegal? We took a closer peek at the servers of an ambulant care unit and two other businesses. I found them by chance from a total of 28 million hosts1 across Germany using specific search terms. Read more