Category: Secure Systems
GDPR and Information Security: A practical guide for Startups and small businesses
Let me start with a story. My first contact with GDPR (general data protection regulation) and the topic of information security was during my bachelor throughout an app project. We had set ourselves the goal of uploading the app to Google Play Store by the end of the semester and were thus inevitably confronted with…
IoT security – The current situation, “best practices” and how these should be applied
Smart thermostats, lamps, sockets, and many other devices are no longer part of any futuristic movies. These items can be found in most households, at least in parts, whether in Europe, America, or Asia. A trend that affects the entire globe and is currently gaining ground, especially in industrialized countries. It seems to be obvious…
E-Health in Deutschland: Die neue Elektronische Patientenakte
Anfang 2021 soll die elektronische Patientenakte (ePA) starten. Damit wird es möglich sein, alle Gesundheitsdaten (Befunde, Diagnosen, Behandlungsmaßnahmen, Arztbriefe, etc.) zentral zu speichern. Patienten bekommen so einen zentralen Überblick über all ihre bei verschiedenen Ärzten erfassten Daten, und sind in der Lage, diese Informationen mit bestimmten Ärzten zu teilen. So wird der Datenaustausch zwischen Ärzten,…
Bidirectional Power Transfer for a Smart Load Management for Electric Vehicles
Abstract The global expansion of electromobility is progressing rapidly. The chinese city of Shenzhen has the world’s first and largest fleet of electric buses with more than 16,000 buses. A gigantic charging infrastructure for 5805 electric buses was established to cope with this. It reaches peak loads of 464.4 megawatts which is an enormous challenge…
DNS over HTTPS: One problem solved, but a bunch of new ones created…
In the course of attending the lecture “Secure Systems” I became aware of a blog post by Geoff Huston on how the Domain Name System (DNS) handles “no such domain name” (NXDOMAIN) responses and which possible attack vectors could result from this. His analysis showed how little effort is necessary to perform a Denial of…
How to build fault-tolerant software systems
A brief introduction to the fundamental concepts of Erlang and Elixir Ever since the first electronic systems have been created, engineers and developers have strived to provide solutions to guarantee their robustness and fault-tolerance. Thereof arose the understanding that developing and building a fault-tolerant system is not an easy task, because it requires a deep…
Spy Gadgets that the most people don’t know
From time to time there are reports in the media about spy cameras in hotels rooms or in Airbnb apartments. These cameras are used to spy the gusts. But there are other spy gadgets then cameras, there are gadgets to attack wireless connections or to collect all keystrokes of a system. In this article is…
Are Passwords for Web Authentication Obsolete? Leakage of Passwords and API-Keys and Possible Solutions
Hardly any service today works without an API that allows users to log in and then use features that are not available to unregistered users. To do this, the user can create an account that is password protected. Services such as the Google Maps API also provide access interfaces to allow application developers to easily…
Social Bots – An Attack on Democracy?
Election campaigns are increasingly carried out in social networks to influence voters. Social bots are being used for this purpose, which raises the question of how much influence they have on voters and whether they can even endanger a democracy. Furthermore, the question arises as to who can be held responsible for this and how…
Cryptomining Malware – How criminals use your devices to get wealthy!
Has your computer ever been slow and you couldn’t tell what the problem was? Nowadays, illicit cryptomining can cause those performance problems. It dethroned ransomware as the top cybersecurity threat in 2018. (Webroot Threat Report 2018) A simple website visit can start the mining process as a javascript running in the background of the browser…
You must be logged in to post a comment.