Why I am not afraid of the AI / Big Data / Cloud powered robot apocalypse. SQL order injection means to run custom SQL queries through web interfaces because the input to the intended query is not sanitized, like appending the infamous ‘ OR ‘1’=’1 to a user name or search term. It is 2nd […]Read More Unintended 2nd Order SQL Injection
You know you have become a dinosaur when you keep using outdated terminology. Everybody else uses the new buzz word, but you just find it odd. But someday it will creep also into your active vocabulary. Then I will use the tag cyber something, like stating that I work with cyber-physical systems. But am I […]Read More Cyber Something
I am joining the ranks of self-proclaimed productivity experts: Do you feel distracted by social media? Do you feel that too much scrolling feeds transforms your mind – in a bad way? Solution: Go find an online platform that will put your mind in a different state. Go hacking on hackthebox.eu. I have been hacking […]Read More Hacking
I’ve unlocked a new achievement as a blogger, or a new milestone as a life-form. As a dinosaur telling the same old stories over and over again. I started drafting a blog post, as I always do since a while: I do it in my mind only, twist and turn in for days or weeks […]Read More Infinite Loop: Theory and Practice Revisited.
I have clicked on company websites of social media acquaintances, and something is not right: Slight errors in formatting, encoding errors for special German characters. Then I notice that some of the pages contain links to other websites that advertize products in a spammy way. However, the links to the spammy sites are embedded in […]Read More The Orphaned Internet Domain Risk
To my surprise, the most clicked post ever on this blog is this: Network Sniffing for Everyone: Getting to Know Your Things (As in Internet of Things) … a step-by-step guide to sniff the network traffic of your ‘things’ contacting their mothership, plus a brief introduction to networking. I wanted to show how you can […]Read More Give the ‘Thing’ a Subnet of Its Own!
This is in praise of Peter Gutmann‘s book draft Engineering Security, and the title is inspired by his talk Everything You Never Wanted to Know about PKI but were Forced to Find Out. Chances are high that any non-geek reader is already intimidated by the acronym PKI – sharing the links above on LinkedIn I have been […]Read More What I Never Wanted to Know about Security but Found Extremely Entertaining to Read