Recently you could read the following news at heise.de (https://heise.de/-4421379) (translated):

WhatsApp has a vulnerability (CVE-2019-3568) that allows unauthorized remote access to the device. The attacker can simply smuggle the spyware into a device through a WhatsApp call, even if the called party does not pick it up. Since Monday evening there is a patch.

Also, there were reports last year that WhatsApp will scan messages to show personalized ads, which is probably the case now.

These and several other events of this kind (I also recall the “Cambridge Analytica” scandal on Facebook) have kept me from installing and using WhatsApp on any of my devices and I will not do that in the future.

Those who use WhatsApp should be aware that you are potentially vulnerable. On the one hand WhatsApp’s source code is not open source, so no one knows what backdoors and security vulnerabilities exist, and on the other hand WhatsApp is also an attractive target for attacks due to the huge number of users.

Alternative to WhatsApp

As an alternative I can recommend “Signal”. This is a free messenger whose sources are also disclosed and which is also recommended by security experts. Even Edward Snowden uses and recommends this app. As with WhatsApp, the mobile number for logging in and contacting other people is sufficient, whereby the operator of Signal does not have access to this data and all messages are encrypted and can only be read by the persons involved.

Continue reading →

In my article about Nextcloud I also mentioned OnlyOffice which you can use within Nextcloud in a web browser.

Since then many things happened: Nextcloud and OnlyOffice have announced their partnership in November 2018 and meanwhile the desktop version of OnlyOffice also offers the integration of Nextcloud.

Continue reading →

What if the Samsung Galaxy Fold had been invented 1990ies? The guys from Sqirell Monkey created a video about this:

For synchronizing address books and calendars on my Android smartphone I’v been using  DAVDroid for quite a while. It is Open Source and also available on F-Droid. However it is now called DAVx⁵ – why?

The reasons are explained in this tweet – using “droid” as part of a name violates a trademark of Lucasfilm. Also see this extensive article at Priceonomics. Therefore the creator of DAVDroid decided to change the name to “DAVxxxxx” and replace “xxxxx” by “x⁵” – even though the official statment says something different ;-).

From now on I have a fast internet connection using VDSL100 which nominally provides 100 Mbps downstream and 40 Mbps upstream (before: 50 and 10 Mbps).

Eventhough the achievable speeds are slightly lower, uploading data is still more than three times as fast as before :-).

By the way… a copy of the first web site of the world still exists:

http://info.cern.ch

My humble beginnings in the web don’t reach back that far (see the archive of my website of from 1997).

Probably everybody knows public displays which are composed of segmented characters.

On https://aresluna.org/segmented-type/ you find an emulator for that which displays different variations from 8 to 93 segments per character. You can type any text on your own  and select different display variations with the displayed text.

Does anyone still remember the time when the first pinball machines started using 14 segment displays which allowed to show not only the current scores but also any kind of messages?

Many years ago I already had look at OwnCloud, which was first released in 2010 and claimed to offer an alternative to commercial services like DropBox or Google. The idea was good, only the implementation and the security was lacking at the beginning, which had kept me back from permanent use.

For exchanging files I later discovered Seafile as an alternative. For addresses and appointments I used Baïkal to synchronize the data between my Android devices and different computers with CalDAV and CardDAV. Added to this is Roundcube as a webmail client with an extension for using the Baïkal address book via CardDAV.

Although this constellation basically worked, there were some drawbacks: a browser-based calendar does not exist at all and Baïkal has no longer being actively developed for some time – the latest version is from August 2016 (see release page at Github).

Continue reading →

If you are using wireless mice and keyboards you should be aware of the risks. Also see this article at Computerworld.

At least Logitech provides a firmware update which fixes the problems:

Announcement at Logitech concerning “MouseJack”

The program also checks if there is an update needed at all. So I found out that even the Unifying Receiver of a new keyboard (K270), bought in January 2018, was still shipped with an outdated firmware.

Only when the update tools displays a message that all found devices are up to date, there is no risk.