Refactoring Part 3 - Spring Cleaning

As hinted in the second part of the series, code smells can be used as an indicator for a corresponding refactoring strategy. Some of these strategies seem like common knowledge, but shouldn’t be ignored as this is often the main cause of software issues.

Weiter lesen ...

Refactoring Part 2 - When code starts to smell fishy

After establishing the advantages and disadvantages of refactoring in my previous post, the next step is to understand when and where to begin the progress. Refactoring should be best applied to the regular programming workflow, to support the programmers in their everyday work routine:

Weiter lesen ...

Refactoring Part 1 - A Collyer's Mansion of code

It’s a common problem in software development that - all best intentions aside - the once clean and structured code base gets more and more complicated and messy over time. There are plenty of reasons for even the most cared for code to get to this state, e.g. technical debt. At this stage the designated developer is faced with at least two options to proceed further: Recreating the code from scratch or refactoring the code base over time.

Weiter lesen ...

BigBlueButton - Selbst gehostete Videokonferenzen

Videokonferenzen erfreuen sich gerade in Coronazeiten großer Beliebtheit, passen aber auch so ins 21. Jahrhundert, in dem Meetings auch online abgehalten werden können. Die Open Source Videokonferenzplattform BigBlueButton zeigt, wie dies auch mit eigenem Hosting unabhängig und datenschutzkonform möglich ist.

Weiter lesen ...

Locking your screen when you remove your U2F device

Universal Second Factor (U2F) devices were invented as a second factor for websites using two factor authentication. The website sends a challenge, the U2F device responds if its button is pressed. A small LED starts blinking, you press your button and thus confirm the usage.

But you cannot only use U2F devices for websites. Using PAM’s pam_u2f module, you can plug it into any service that uses PAM. This was described in my previous article.

If you want to use your U2F device to unlock your running session, you need to treat it like a key. So, when you leave your desk to grab a cup of coffee, you need to take your key with you. You should of course lock your screen when you leave your desk, too. But wait – couldn’t you combine these steps? Lock your screen by removing your U2F device?

Weiter lesen ...

Having fun with U2F devices

Inspired by a recent article series in the German magazin c’t (1, 2, 3), I got my hands on two simple U2F devices to find out if their usage might help my work pattern.

Imagine sitting in public transportation and having to retype your (root) password for each and every sudo call you issue. Imagine having to retype your password each time your screen lock engages. Imagine just having to touch a small button on a USB device instead.

Weiter lesen ...

Schwachstelle gefährdet Linux-VPNs: Analyse und Gegenmaßnahmen

Sicherheitsforscher beschreiben unter CVE-2019-14899 eine mögliche Angreifbarkeit von Virtual Private Networks, die auf Linux (sowie FreeBSD, Android u.a.) mit IPSEC oder OpenVPN aufgebaut werden. In diesem Artikel wird die Schwachstelle analysiert und mögliche Gegenmaßnahmen aufgezeigt.

Weiter lesen ...
Col 2