It's just been one security disaster after another for Intel the last few years. Meltdown, Spectre variant after variant and this week the "Microarchitectural Data Sampling" aka Zombieload attack have all required performance-degrading fixes and workarounds. There is no way around turning hyperthreading off to be safe from MDS/Zombieload and this is a rather high performance-price to pay. So what if you don't want to?

Disabling SMT/HyperThreading to get full protection against MDS/Zombieload on top of the mitigation code for "meltdown", several "spectre" variants and other security-issues discovered on Intel CPUs is a high price to pay for security on Intel CPUs. The total performance-penalty in many workloads is adding up. Unfortunately there is no safe and secure way around the performance-penalties - so you may want to..

The Big List of Naughty Strings is an evolving list of strings which have a high probability of causing issues when used as user-input data. This is intended for use in helping both automated and manual QA testing; useful for whenever your QA engineer walks into a bar.

Why Test Naughty Strings?
Even multi-billion dollar companies with huge amounts of automated testing can't find every bad input. For example, look at what happens when you try to Tweet a zero-width space (U+200B) on Twitter:

Das STUN-Protokoll erkennt Clients, die sich bspw. hinter einem Router oder einer Firewall befinden und eine NAT-Adresse haben. Mit Hilfe des STUN-Servers können NAT-Clients ihre öffentliche IP-Adresse erfahren und sind anschließend in der Lage eine direkte Kommunikationsverbindung zwischen (zwei) Teilnehmern herzustellen. Um die Übermittlung der IP-Adresse an externe Anbieter zu vermeiden, könnt ihr einen eigenen STUN- / TURN-Server betreiben. Alternativ könnt ihr natürlich auch einfach bestehende STUN-Server wählen, die öffentlich zur Verfügung gestellt werden.

In the age of IT automation and self-provisioning, the role of the I&O team comes into question. Principal Analyst Charles Betz provides a detailed outlook on I&O’s future.

Expect an even bigger bloodbath as IT employees at all levels are let go forever.

A Docker build for Solr, to manage the official Docker hub solr image

Solr is the popular, blazing-fast, open source enterprise search platform built on Apache Lucene™.

A research project I spent time working on during my master’s required me to scrape, index and rerank a largish number of websites. While Google would certainly offer better search results for most of the queries that we were interested in, they no longer offer a cheap and convenient way of creating custom search engines.

This need, along with the desire to own and manage my own data spurred me to set about finding a workflow for retrieving decent results for search queries made against a predefined list of websites. That workflow is described here, providing what I hope shall serve as a useful reference for how to go about setting up a small search engine using free and open-source tools.

Note:
• The instructions here assume that you use some UNIX-like operating system (Linux, MacOS, *BSD).
• Any Python code has only been tested using Python 3.7 (The clock is ticking).
• Any code provided is free to use under the MIT license.

The need for IPv6 is greater than ever due to unprecedented Internet growth and the rapid, continual development of smart phones, tablet computers and other online-enabled devices. In February 2011, the Internet Assigned Numbers Authority (IANA), the organization responsible for international IP address allocation, confirmed complete IPv4 resources depletion. Other global organizations have also reported critical limits on IPv4 address availability. In April 2011, the Asia Pacific Regional Internet Registry became the first of the IANA’s five regional registries to reach its IPv4 address limit. The American Registry for Internet Numbers (ARIN) is expected to follow suit in the near future.

WireGuard, created by security researcher Jason A. Donenfeld, is smaller and simpler than most other VPN software. The first version of WireGuard contained fewer than 4,000 lines of code—compared with tens of thousands of lines in other VPN software. That doesn't make WireGuard more secure, but it makes it easier to find and fix problems.

WireGuard clients are already available for Android, iOS, MacOS, Linux, and Windows. Cloudflare's VPN service Warp is based on the WireGuard protocol, and several commercial VPN providers also enable users to use the WireGuard protocol, including TorGuard, IVPN, and Mullvad.

The LoRaWAN protocol, which efficiently supports low-power wireless devices over wide area networks, has become standard in the world of the industrial internet of things (IoT). One of its benefits is its support for end-to-end encryption. However, researchers are warning that while LoRaWAN itself is perfectly secure, poor device security and user mistakes in configuration and implementation can still lead to hacks and widespread operational disruption.

Ever considered setting up and running your very own git server? It’s actually quite easy! In this post, I’ll outline the steps I took to set up my own so that you can give it a try yourself. But first, why might you even want to go through the trouble of setting up your own server?

After all, there are a wide array of excellent and free to use choices out there, such as GitHub, GitLab, and the up-and-coming sourcehut.

One reason is ownership: in today’s world of corporate surveillance, rampant privacy violations, and data breaches, there is something to be said of truly owning your own data. Both git and the web itself were designed and built on principles of decentralization and distribution. Standing up your own server is one way to tap into that heritage.

It’s also just plain fun, at least if you’re into that sort of thing. You get to build something useful and put your name on it. It’s something you control. You get to decide how it works, how it looks, who can access it, and what exists on it.

Setting up a git server is actually relatively straight-forward. Almost all of the heavy lifting is done by git itself, but I will also introduce a few supplementary tools to handle things like access control and HTTP access.

Waste the space or fill up the rack with additional Raspberry Pies? Well, we decided for the latter, and so our 1024-node Raspberry Pi cluster became a 1060-node Raspberry Pi cluster

Here’s something you can do before work, with your morning coffee, or whilst waiting for dinner to cook of an evening. And there’s never been a better time to install Kubernetes to a Raspberry Pi, with the price-drop on the 2GB model — perfect for containers.

Worldwide #IT spending will reach $3.7 trillion this year, a 2% increase over last year. http://t.co/6JmRbJAH9b #cloud

Percussive Maintainance http://t.co/IYVfKhxAeA #IT #fb

Oh, gar nicht der Hoax-Horx :) RT @thisisgordon: „Experten: Google könnte in acht Jahren verschwinden“ http://t.co/vfNdoudD #google #it

BKA kann bislang keinen #Staatstrojaner programmieren >> http://t.co/bd7aX1wU #IT #Sicherheit #Datenschutz #Cyberwar

We were doing it because it was fun to make something ... http://t.co/u6fEqmPM #ibm #it #rethink #fb

Gesucht 2: Programmierer/-in zur Erweiterung der IT-Abteilung von Dienstleistungsunternehmen in #Wien http://2big.at/0t3 #Job #IT