Tourdates for the @maclemon/@leyrer Europe Tour 2017

As Maclemon and me synced our calendars last night, the following would be out preliminary list of conferences/events we plan to/think about attending or even contributing to in 2017. All is subject to change of course ;)

P.S.: If you have ideas on how we can finance all those trips, let us know. ;)

P.P.S.: We also accept (eg. would be very happy about) suggestions on topics we could/should talk about.

Tagged as: , , , , , , | Author:
[Samstag, 20161203, 18:22 | permanent link | 0 Kommentar(e)

Links from 2016-11-25

Web Bloat Score Calculator

Look at the homepages of Tim Berners-Lee, Bjarne Stroustrup, and Donald Knuth. All three together have 235 kB, less than one Google SERP. Images are optimized, most of the content is above the fold, and their pages were "responsive" two decades before responsive design became a thing. But they are all ugly. If the father of the WWW, the father of C++, and the father of computer algorithms were in an evening web development class, they would all get an F and be asked to do their homepages again.

Tagged as: , , , | Author:
[Samstag, 20161126, 05:00 | permanent link | 0 Kommentar(e)

Links from 2016-11-18

Experte warnt vor Gefahren der vernetzten Welt

from the "no shit, sherlock" department:
Cybersecurity wird laut IT-Experten Peter Singer zu sehr vernachlässigt. Auch der Mangel an IT-Sicherheitsspezialisten wird in Zukunft ein Problem.

Tagged as: , , , | Author:
[Samstag, 20161119, 05:00 | permanent link | 0 Kommentar(e)

Links from 2016-11-07

Britain’s cybersecurity policy needs common sense, not just cash

It ought to be a criminal offence to sell or import IoT devices that don’t meet specific security criteria.

Tagged as: , , , | Author:
[Dienstag, 20161108, 05:00 | permanent link | 0 Kommentar(e)

Links from 2016-11-04

Kerberoasting Without Mimikatz – harmj0y

Just about two years ago, Tim Medin presented a new attack technique he christened “Kerberoasting“. While we didn’t realize the full implications of this at the time of release, this attack technique has been a bit of a game changer for us on engagements.

Thanks to an awesome PowerView pull request by @machosec, Kerberoasting is easier than ever using pure PowerShell. I wanted to briefly cover this technique and its background, how we’ve been using it recently, and a few awesome new developments.

Tagged as: , , , | Author:
[Samstag, 20161105, 05:00 | permanent link | 0 Kommentar(e)

Links from 2016-11-01

The Information Age Is Over. Welcome to the Infrastructure Age.

Nobody wants to say it outright, but the Apple Watch sucks. So do most smartwatches. Every time I use my beautiful Moto 360, its lack of functionality makes me despair. But the problem isn’t our gadgets. It’s that the future of consumer tech isn’t going to come from information devices. It’s going to come from infrastructure.

Tagged as: , , , | Author:
[Mittwoch, 20161102, 05:00 | permanent link | 0 Kommentar(e)

Links from 2016-10-16

The Election Won’t Be Rigged. But It Could Be Hacked. - The New York Times

I study the impact of technology for a living, and I’m a former programmer. I happily bank online, and use my smartphone to message friends and family. I support and trust encryption to protect ordinary people’s communication. I even believe computers will probably turn out to be safer drivers than too-easily distracted humans. I’m not averse to technological solutions.

In this case, though, we need to stick with methods that allow a paper trail that is verifiable after the election. No matter how you vote, there should be a tightly guarded paper record that can be used for audits, if not for the initial counting. This is not just because paper verification is more tamper-resistant than our insecure voting machines. Our elections need to be open to oversight without the need for voters to understand how encryption works. We can’t tell them to simply trust the experts, especially when people are deliberately sowing distrust.

Tagged as: , , , | Author:
[Montag, 20161017, 05:00 | permanent link | 0 Kommentar(e)

USA President Barack Obama as Wired Guest Editor

President Barack Obama on Bureaucracy VS. Moonshots

WIRED guest editor President Barack Obama, WIRED editor in chief Scott Dadich and MIT Media Lab director Joi Ito discuss where the center of artificial intelligence research is and where it might be.

On YouTube.

President Barack Obama on How Artificial Intelligence Will Affect Jobs

WIRED guest editor President Barack Obama, WIRED editor in chief Scott Dadich and MIT Media Lab director Joi Ito discuss how artificial intelligence might up-end economies and how societies can adapt.

On Youtube.

President Barack Obama on Fixing Government With Technology

WIRED guest editor President Barack Obama discusses what he’d like to see technology solve in government with WIRED editor in chief Scott Dadich and MIT Media Lab director Joi Ito.

On YouTube.

The whole playlist on YouTube.

Tagged as: , , , , , | Author:
[Sonntag, 20161016, 16:03 | permanent link | 0 Kommentar(e)

Links from 2016-09-30

Pisspoor IoT security means it’d be really easy to bump off pensioners • The Register

“What we’re getting with the IoT is actuation in the real world. If I take a bunch of thermostats offline for 24 hours in the UK in winter, I’ll probably kill a bunch of pensioners. There’s your cyber terrorism attack.”

Tagged as: , , , | Author:
[Samstag, 20161001, 05:00 | permanent link | 0 Kommentar(e)

Links from 2016-09-03

Sometimes I don’t know why I bother!

The trouble with writing fiction is that, as a famous novelist once said, reality is under no compulsion to make sense or be plausible. Those of us who make stuff up are constantly under threat of having our best fictional creations one-upped by the implausibility of real events. I’m pretty much resigned to this happening, especially with the Laundry Files stories: at least space opera and fantasy aren’t as prone to being derailed as fiction set in the near-present.

Tagged as: , , , | Author:
[Sonntag, 20160904, 05:00 | permanent link | 0 Kommentar(e)

Links from 2016-08-22

My Perfect GnuPG / SSH Agent Setup

Now that I’m using OpenPGP cards for GnuPG, I may as well start using them for their other bells and whistles too. The first and most useful such extra feature of those cards is using the authentication key for SSH.

Getting this working is actually surprisingly simple…

Tagged as: , , , | Author:
[Dienstag, 20160823, 05:00 | permanent link | 0 Kommentar(e)

Nächstes Jahr werdet ihr euch über die Terrorismus-Richtlinie der EU beschweren

Joe McNamee, Executive Director bei EDRi, schreibt auf

Die geplante Terrorismus-Richtlinie der EU könnte einen nachhaltigen Effekt auf das offene Internet haben. Der Beitrag zeigt auf, warum es wichtig ist sich schon heute über die Richtlinie zu informieren und den Gesetzgebungsprozess zu beeinflussen. Und damit Netzsperren und noch mehr Überwachung zu verhindern.

Kompletter Text.

Tagged as: , | Author:
[Samstag, 20160716, 17:57 | permanent link | 0 Kommentar(e)


/network list

/network add -nick USERNAME -user USERNAME -realname „Martin USERNAME” freenode
/network add -nick USERNAME -user USERNAME -realname „Martin USERNAME” darkfasel

/server list

/server add -network freenode -auto -ssl 6697 USERNAME/freenode:PASSWORD
/server add -network darkfasel -auto -ssl 6698 USERNAME/darkfasel:PASSWORD

/channel add -auto #metalab freenode
/channel add -auto #chaossbg darkfasel


Tagged as: , , , | Author:
[Samstag, 20160716, 17:54 | permanent link | 0 Kommentar(e)

It's „MS SQL”, not „SQL”

One of the things that get my blood flowing is when someone calls the Microsoft SQL server (which basicall is/was a fork of the Sybase SQL Server for IBM OS/2) just „SQL” instead of „Microsoft SQL Server” or „MS SQL”.

SQL was initially developed at IBM by Donald D. Chamberlin and Raymond F. Boyce in the early 1970s. This version, initially called SEQUEL (Structured English Query Language), was designed to manipulate and retrieve data stored in IBM’s original quasi-relational database management system, System R, which a group at IBM San Jose Research Laboratory had developed during the 1970s.

So PLEASE, it’s either „Microsoft SQL Server” or „MS SQL”, but not „SQL”. Thank you.

Tagged as: , , , , | Author:
[Mittwoch, 20160713, 16:42 | permanent link | 0 Kommentar(e)

Happy Towel Day

The Hitchhikers Guide To The Galaxy Wikipedia has the following to say about Towel Day:

Towel Day is celebrated every May 25 as a tribute by fans of the late author Douglas Adams. The commemoration was first held in 2001, two weeks after his death on May 11, and since then has been extended to an annual event. On this day, fans carry a towel with them throughout the day. The towel is a reference to Adams’s popular science fiction comedy series The Hitchhiker’s Guide to the Galaxy.

For this year, I found Neil Gaiman at the Douglas Adams Memorial Lecture 2015:

Tagged as: , , , , , , , | Author:
[Mittwoch, 20160525, 07:00 | permanent link | 0 Kommentar(e)

Improved Console Setup

Inspired by Sven Guckesgpg+mutt+vim+zsh workshop at Metalab Vienna, I set out to „improve” (YMMV) my console setup.

I ended up with using the following stuff: And as I gave (together with MacLemon) a tmux talk at Easterhegg 16 (german but using Hanna Montana Linux!), I also updated my local tmux to the most current version and pimped it a little bit using the TMUX plugin manager. My current plugin set:

And maglev as the tmux theme.

Tagged as: , , , , , , | Author:
[Samstag, 20160507, 15:01 | permanent link | 0 Kommentar(e)

Installing Tmux 2.3 on Linux Mint 17 Qiana

sudo apt-get install libevent-dev eclipse-cdt-autotools libncurses5-dev libncursesw5-dev
(eclipse-cdt-autotools for


git clone
cd tmux
sudo make install
/usr/local/bin/tmux -V
tmux 2.3

Tagged as: , | Author:
[Donnerstag, 20160505, 15:50 | permanent link | 0 Kommentar(e)

How to Install Nikola on Ubuntu/Mint

1. sudo apt-get install python3 python3-dev libxml2-dev libxslt-dev zlib1g-dev python3.4-venv
2. python3 -m venv ~/software/nikola
3. source ~/software/nikola/bin/activate
4. pip install nikola livereload webassets

Via Torrin Jones, added the venv install.

Tagged as: , , , , , | Author:
[Dienstag, 20160412, 07:50 | permanent link | 0 Kommentar(e)

„Sichere” Handysignatur

Wir könne/dürfen ja in Österreich mit „Der Bürgerkarte” (also einer Smartcard mit Bürgerkartenfunktion, deren Java basierte SW nicht mehr weiterentwickelt wird; oder der Handy-Signatur) rechtsverbindliche digitale Signaturen (Unterschriften) erstellen, welche der eigenhändigen Unterschrift gleichgesetzt sind. Ja,zwischen Dir und einer rechtsgültigen Unterschrift steht nur ein per SMS übermittelter PIN. ;)

Rechtlich geregelt wurde das bisher in dem „Signaturgesetz”, das jetzt aufgrund von Änderungen auf EU-Ebene in das „Signatur- und Vertrauensdienstegesetz (SVG)” geändert wird. Dazu gibt es derzeit einen Gesetzesentwurf, der zur Begutachtung freigegeben wurde. Und da findet sich folgendes Juwel:

Willenserklärungen des Familien- und Erbrechts und eine Bürgschaftserklärung (§ 1346 Abs. 2 ABGB), die von Personen außerhalb ihrer gewerblichen, geschäftlichen oder beruflichen Tätigkeit abgegeben wird, werden somit nur dann der elektronischen Form geöffnet, wenn ein Notar oder ein Rechtsanwalt am Zustandekommen der Erklärung beratend beteiligt war und eine entsprechende Erklärung auch mit seiner Berufssignatur dokumentiert.

OK, das wäre jetzt noch nicht sooo schlimm, aber …

… Darüber hinaus besteht gerade im Bereich des Familien- und Erbrechts eine größere Missbrauchsgefahr durch die Weitergabe oder das Ausspähen von Autorisierungscodes (z. B. Pin-Code).

Weil sonst besteht die Gefahr des Ausspähens des Pin-Codes nicht?
Ich bewundere ja alle, die ihren privaten Schlüssel für rechtsgültige, digitale Signaturen den Servern der A minus Trust anvertrauen und nur durch einen PIN schützen.

Ach übrigens, Unterhaltsverpflichtungserklärung dürfen weiterhin digital signiert eingebracht werden, da diese nicht als formgebundenes Rechtsgeschäfts zu qualifizieren ist. #wtf

Tagged as: , , , , | Author:
[Montag, 20160411, 05:41 | permanent link | 1 Kommentar(e)

Links from 2016-03-20

Please Don’t Learn to Code

Please don’t advocate learning to code just for the sake of learning how to code. Or worse, because of the fat paychecks. Instead, I humbly suggest that we spend our time learning how to … +) Research voraciously, and understand how the things around us work at a basic level. +) Communicate effectively with other human beings.

Tagged as: , | Author:
[Montag, 20160321, 05:00 | permanent link | 0 Kommentar(e)

Breitbandmiliarde für Mobilfunkausbau, nicht für Festnetzinternet

Mittlerweile kann man sogar schon nachlesen, wie die Post/Datakom/Jet2Web/Mobilkom/Telekom/A1/América Móvil ihren Teil der Breitbandmilliarde verwendet. Und nein, Glasfaser für Endkunden gehört nicht dazu:

Auch im leitungsgebundenen A1 Netz wird derzeit die Basis für 5G gelegt: Sämtliche 5G Mobilstationen werden eine leistungsfähige Anbindung an das Glasfasernetz benötigen. A1 erweitert dieses Netz seit einigen Jahren schrittweise in ganz Österreich und hat bereits mehrere tausend Zugangspunkte errichtet.

Quelle: 5G Netze ab 2020, aber Vorbereitungen bereits heute notwendig

Tagged as: , , , , , | Author:
[Montag, 20160314, 19:30 | permanent link | 0 Kommentar(e)

32c3 - Chaos Communication Congress 2016 In One Tweet

As on the ccamp15, I worked as an Angel at 32c3. This time as a Stage Manager (everything the Heralds did in the last years minus being on stage). During my first shift, I got this tweet, that made me smile even more during the whole congress:

Tagged as: , , , | Author:
[Freitag, 20160101, 17:45 | permanent link | 0 Kommentar(e)


„Leyrers Online Pamphlet“ ist die persönliche Website von mir, Martin Leyrer. Die hier veröffentlichten Beiträge spiegeln meine Ideen, Interessen, meinen Humor und fallweise auch mein Leben wider.
The postings on this site are my own and do not represent the positions, strategies or opinions of any former, current or future employer of mine.


RSS Feed RSS Feed

Tag Cloud

2007, a-trust,, a1, accessability, acta, advent, age, amazon, ankündigung, apache, apple, audio, austria, backup, bba, big brother awards, birthday, blog, blogging, book, books, browser, Browser_-_Firefox, buch, bürgerkarte, cars, cartoon, ccc, cfp, christmas, cloud, collection, computer, computing, concert, conference, copyright, database, date, datenschutz, debian, delicious, demokratie, design, desktop, deutsch, deutschland, developer, digitalks, dilbert, disobay, dna, dns, Doctor Who, documentation, domino, Domino, Douglas Adams, download, drm, dsk, dvd, e-card, e-government, e-mail, e-voting, E71, Ein_Tag_im_Leben, email, eu, event, exchange, Extensions, fail, feedback, film, firefox, flightexpress, food, foto, fsfe, fun, future, games, gaming, geek, geld, gleichberechtigung, google, graz, grüne, grüninnen, hack, hacker, handy, hardware, HHGTTG, history, how-to, howto, hp, html, humor, ibm, IBM, ical, image, innovation, intel, internet, internet explorer, iphone, ipod, isp, it, IT, java, javascript, job, journalismus, keyboard, knowledge, konzert, language, laptop, law, lego, lenovo, life, links, linux, Linux, linuxwochen, linuxwochenende, living, lol, london, lost+found, Lotus, lotus, Lotus Notes, lotus notes, LotusNotes, lotusnotes, lotusphere, Lotusphere, Lotusphere2006, lotusphere2007, Lotusphere2008, lotusphere2008, lustig, m3_bei_der_Arbeit, mac, mail, marketing, mathematik, media, medien, metalab, Microsoft, microsoft, mITtendrin, mobile, mood, movie, mp3, multimedia, music, musik, männer, netwatcher, network, netzpolitik, news, nokia, notes, Notes, Notes+Domino, office, online, OOXML, openoffice, opensource, orf, orlando, os, outlook, patents, pc, pdf, perl, personal, php, picture, pictures, podcast, politics, politik, pr, press, presse, privacy, privatsphäre, productivity, programming, protest, qtalk, quintessenz, quote, quotes, radio, rant, recherche, recht, release, review, rezension, rss, science, search, security, server, sf, shaarli, Show-n-tell thursday, sicherheit, silverlight, SnTT, social media, software, sony, sound, space, spam, sprache, spö, ssh, ssl, standards, storage, story, stupid, summerspecial, sun, sysadmin, talk, technology, theme, thinkpad, tip, tipp, tools, topgear, torrent, towel, Towel Day, TowelDay, travel, truth, tv, twitter, ubuntu, uk, unix, update, usa, vds, video, videoüberwachung, vienna, Vim, vim, vista, vorratsdatenspeicherung, vortrag, wahl, wcm, web, web 2.0, web2.0, Web20, web20, webdesign, werbung, wien, wiener linien, wikileaks, windows, windows 7, wired, wishlist, wissen, Wissen_ist_Macht, wlan, work, wow, wtf, wunschzettel, Wunschzettel, www, xbox, xml, xp, zensur, zukunft, zune, österreich, övp, übersetzung, überwachung

AFK Readinglist