Pushing the iCalendar Standard

A few years ago I found out that my local waste disposal company offered an Android App mymüll.de with the capability to remind me the day before the collections. Back then it was easy to install and it saved me a few times from missing to put out the garbage cans, so I did not think any further of it. Only when the App on a later update started to request privileges that were surely not needed for a simple reminder service, I revisited the topic.

In the meantime I have an established calendaring solution in the form of my own NextCloud server and I wondered why it would not be possible to import the dates into a shared calendar. Most Apps on Android nowadays seem to exist because of the data collection features much rather than the actual functionality, so getting rid of yet another one is a worthwhile aim. Although people not seem to care, I for myself have decided not to install apps anymore requiring privileges not related to their intended task.

iCalendar.org

Read more…

checksec

It is not a coincidence that the first post in this still young year is about security. Since I realized last year how far the current internet with its "data capitalism" has strayed from its beginnings, I did a lot of reading to understand the situation in more detail. Data and Goliath by the renowned security expert Bruce Schneier was a depressing eye opener and I am currently still reading his new book Click Here to Kill Everybody which reiterates the problems in light of more recent events. If you are looking for more in depth information from somebody with a long track record, I can strongly recommend those books as a starting point.

Linux Security

One of the lessons I recently learned is that real security is extremely hard to achieve - even by the best in the field. It is also pretty much impossible for a non-specialist to evaluate the security of any given solution without much more transparency into the security design process (threat models) and the implementation methods used to avoid them (protocols, etc.).

The Linux kernel and the GNU tool chains on the other hand offer a variety of hardening features to protect a GNU/Linux system from certain vulnerabilities. Having a tool to quickly evaluation which of those methods are in effect on a given system would be a welcome tool in the toolbox, especially when custom build systems are involved rather than the well known distributions.

The application security expert Tobias Klein provides a nice shell script to do exactly that. As checksec.sh only requires the Bourne Again Shell (bash), it is immediately usable on pretty much every GNU/Linux system out there.

Read more…