Monthly Archives: February 2017

Another unpatched hole in Windows 10

... and yet another unpatched security hole in Windows 10. This time it's the Internet Explorer and Edge. Sent to Microsoft 3 months ago, still no patch out there. And this will be the last post ranting about Windows. Everyone knows about their security policy and how much you should trust them.


Today my server was down for like 2h because of a misconfiguration by myself in the Let's encrypt certificate (in the usage of the script). Now everything is operational again.

SHA-1 is dead

SHA1, the old secure hashing algorithm is now broken in practice. See the Google Security blog post on the first SHA1 collision. SHA1 was already theoretically broken 2005, when Prof. Xiaoyun Wang announced a differential attack. By 2010 the NIST decided to announce SHA-1 as deprecated. SHA1 is still in use in BitTorrent and on… Read More »

Privilege escalation bug in Linux Kernel

... and how to deal with it right: Bug filed and fixed on February 17, patches are already in circulation. Exploit will be made available in some days to allow the administrators to update. The fix was just a two-liner but still: Fixed-on-the-same-day-as-filed. That's how it should work 🙂 And in the Windows world we… Read More »

Windows 10 zero-day LĂĽcke

Google veröffentlich erneut eine Windows 10 Zero-day Lücke (CVE-2017-0038). Microsoft hatte 3 Monate Zeit, die Lücke zu fixen. Das sind mindestens zwei Patchdays. Drei Monate. DREI VERDAMMTE MONATE. Und jetzt sind potentiell alle Windows-Installationen bis zum nächsten Patchday offen. Na toll! Windows ist einfach nur ein inhärent kaputtes System.

LineageOS - My first builds

I just compiled my first LineageOS system for my Nexus 5. Works like charm! The required steps are well documented on the LineageOS Wiki page. I just followed the steps on my Ubuntu Mate 16.04. The process itself was straight-forward but took some time. Including downloading all the repos and building it took me something… Read More »

ICRC : Six ICRC staff members killed in an attack

Sad news: Six ICRC (International comitee of the red cross) staff members have been shot and killed in Afghanistan. Two staff members are unaccounted for. The team was in a logistical mission on the way to deliver livestock supplies when they were attacked by unknown armed forces. RIP Brothers and sisters. Thanks your your service… Read More »

Looking at Venus and Mars

Maybe some of you have noticed a bright spot in the morning and evening hours at the sky - That's Venus. Venus has a fixed position in human culture, often referred as "morning star" and "evening star". A friend of mine noticed, that there is as well a second bright spot, like a "shadow" visible… Read More »