#^Fawkes

So how do we protect ourselves against unauthorized third parties building facial recognition models that recognize us wherever we may go? Regulations can and will help restrict the use of machine learning by public companies but will have negligible impact on private organizations, individuals, or even other nation states with similar goals.

The SAND Lab at University of Chicago has developed Fawkes1, an algorithm and software tool (running locally on your computer) that gives individuals the ability to limit how unknown third parties can track them by building facial recognition models out of their publicly available photos. At a high level, Fawkes "poisons" models that try to learn what you look like, by putting hidden changes into your photos, and using them as Trojan horses to deliver that poison to any facial recognition models of you. Fawkes takes your personal images and makes tiny, pixel-level changes that are invisible to the human eye, in a process we call image cloaking. You can then use these "cloaked" photos as you normally would, sharing them on social media, sending them to friends, printing them or displaying them on digital devices, the same way you would any other photo. The difference, however, is that if and when someone tries to use these photos to build a facial recognition model, "cloaked" images will teach the model an highly distorted version of what makes you look like you. The cloak effect is not easily detectable by humans or machines and will not cause errors in model training. However, when someone tries to identify you by presenting an unaltered, "uncloaked" image of you (e.g. a photo taken in public) to the model, the model will fail to recognize you.

We used a local KMS for M$ Windows Enterprise volume activation. Unfortunately we do not fulfil the required activation thresholds anymore, so we had to switch to MAK activation.

I discovered VAMT from the Windows ADK tools. That is a really handy tool. Overview over your keys and easy mass key changes and activation for all your computers.

#^Use the Volume Activation Management Tool (Windows 10) - Windows Deployment

The Volume Activation Management Tool (VAMT) provides several useful features, including the ability to track and monitor several types of product keys.

Well... like most of the time with Micro$oft it sounds nice and good, until you start using it and reach disillusion.

#^Lightmeter

Getting mail reliably and quickly in the inbox of recipients is hard. Lightmeter shows where the bottlenecks are so you don't waste time.

Funny project. If you look at the code #^https://gitlab.com/lightmeter it is just R

#^Browsh - A fully interactive, realtime and modern browser rendered to TTY

Browsh is a fully-modern text-based browser. It renders anything that a modern browser can; HTML5, CSS3, JS, video and even WebGL. Its main purpose is to be run on a remote server and accessed via SSH/Mosh or the in-browser HTML service in order to significantly reduce bandwidth and thus both increase browsing speeds and decrease bandwidth costs.

#^glpi-project/android-inventory-agent

GLPI Android Inventory Agent allows your company to maintain control of all mobile devices, whilst providing comprehensive protection and enhanced security for sensitive corporate data, via a centralized management console.

nice!!!

#^The Log File Navigator

Many logging tools, like Splunk, provide great features but are optimized for large-scale deployments.  They require installing and configuring servers before they can be effectively used.  There is still a need for a robust log file analyzer for the terminal.
Just point lnav to a directory and it will take care of the rest.  File formats are automatically detected and compressed files are unpacked on the fly.
Log files are a wealth of information, lnav can help highlight the parts that are important and filter out the noise.

Last year someone mentioned OBS Studio and this weekend I could play a bit with it and it is a really nice and powerful tool. It takes a bit to understand the labels and names, but it is really worth trying it. Actually I only misused it to record a window on the screen. There are tools that are much easier for this task, but it was so much fun to play with all the other features of OBS Studio. So many sources and such a huge list of streaming destinations it supports out of the box. Too bad I don't stream content, this tool is just too nice not to use it.

Finally

#^Icinga Director v1.7.0 has been released

Over the last four years, the Icinga Director has grown from an optional configuration add-on to a mature Software product with lot‘s of features. Most Icinga installations are now driven by the Director, no matter whether they are small or huge, manually curated or fully automated.
But it will not stop here. Many cool ideas are eager to finally become reality. Director v1.7 is a huge step in that direction, as it lays the foundation for a completely new type of features. We are now able to delegate complex tasks to a dedicated background daemon that has been introduced with this version. New library modules have been published, allowing us to share cool bleeding edge funtionality among different modules in a more efficient way.

The first release that includes my property modifier from December last year.

#^Open Data nutzen: Wie der Refugee Datathon Zahlen zum Thema Asyl verarbeitet - Linux Magazin

Politisch aufgeladene Diskussionen wie die ums Asyl brauchen belastbare Zahlen. Dank des Informationsfreiheitsgesetzes sind diese direkt bei den Behörden erhältlich. Die liefern allerdings oft nur schlecht geeignete Formate. Gefragt sind dann Tools, um sie aufzubereiten.

Wer Zahlenmaterial aus verschiedenen Quellen, verschieden formatiert und mit verschiedenen Größenordnungen verarbeiten muss, braucht die richtige Technik. Dieser Beitrag stellt einen bewährten Ansatz vor und nutzt als Beispiel ein Projekt, zu dem sich 2015 eine Gruppe von Menschen aus der IT zusammenfand, um öffentliche Daten zum Thema Asyl einzufordern und sichtbar zu machen: der Refugee Datathon Munich.
Die Gruppe trifft sich seitdem regelmäßig in ihrer Freizeit, um zu einem Fakten-basierten Verständnis der Flüchtlingssituation beizutragen. Die Autorin dieses Artikels gehört dieser Gruppe an. Wie sieht der Weg von den Behördendaten bis zum Erkenntnisgewinn aus?

At the last WebTech meeting in #Bonn was a very interesting talk about ReactPHP with many fascinating examples for Streams, Redis, SSE, Websocket, etc. Pushing the limits of #PHP

#^Pushing the limits of PHP (WebEngAc19)
by Christian Lück on Speaker Deck

#^Zentrales Logging mit dem Elastic Stack
on media.ccc.de

Dezentrales Logging wird mit der steigenden Zahl von zu überwachenden Prozessen immer aufwändiger. Deshalb gibt es seit mehreren Jahren Tools welche das Zentrale Logging unterstützen. In diesem Vortrag soll der Elastic Stack als ein solches Tool vorgestellt werden.

In der Welt der Microservices ist die Anzahl der Logs-produzierenden Prozesse sehr groß und liegt durchaus im Bereich von 100-1000 Prozessen. Eine manuelle Log-Verarbeitung ist hier so gut wie undenkbar. Doch auch monolithische Services laufen oftmals dezentral und das Analysieren der Produktions-Logs ist dann häufig auch mit viel Aufwand verbunden. Mithilfe eines zentralen Loggins lässt sich eine viel bessere Übersicht über den Gesamtzustand eines Systems gewinnen, da nicht jedes Log einzeln untersucht werden muss, sondern die Logs aggregiert und somit auch leicht automatisiert ausgewertet werden können. Der Elastic-Stack bietet die Möglichkeit, große Mengen an Logs zu speichern und zu durchsuchen. Das Ökosystem um den ELK-Stack unterstützt Entwickler, DevOps usw. dabei, die Logs schnell und einfach aufzubereiten, damit diese gut analysierbar sind. In diesem Vortrag werden die Vor- und Nachteile des zentralen Loggins dargelegt und gezeigt, wie sich der Elastic Stack in Umgebungen einbinden lässt.

#ELK #FrOSCon14 #FrOSCon2019

#^cheat.sh/:firstpage

To access a cheat sheet you can simply issue a plain HTTP or HTTPS request specifying the topic name in the query URL:
    curl cheat.sh/tar
    curl #^https://cheat.sh/tar

#^SIEM on the Elastic Stack | Elastic SIEM

Security teams use Elastic SIEM to detect threats by analyzing events from network, host, and cloud technologies, as well as other data sources.

Elastic SIEM equips security practitioners with easy data ingestion via Beats, shareable analytics based on the Elastic Common Schema (ECS), and the ability to interact with security data using the #SIEM app in Kibana. As threats continue to evolve, so too will Elastic SIEM.

#^7 CI/CD tools for sysadmins | Opensource.com

An easy guide to the top open source continuous integration, continuous delivery, and continuous deployment tools.

#^MISP » ADMIN Magazine 48/2018

Shared Protection By Matthias Wübbeling
The Malware Information Sharing Platform lets you record and document security incidents – and share the information with users on other networks.
Cunning attackers often collaborate with others and share information about vulnerabilities. Companies, on the other hand, face hackers as lone warriors and all too often rely on traditional security technologies. But companies can also share IT security knowledge. One platform for sharing security information is the Malware Information Sharing Platform (MISP).

#^MISP - Malware Information Sharing Platform and Threat Sharing - The Open Source Threat Intelligence Platform

MISP - a threat information sharing platform - The Open Source Threat Intelligence Platform

This python3 script works really nice to export the last.fm history.
#^encukou/lastscrape-gui

lastscrape-gui - GUI for getting scrobbles from last.fm and moving them somewhere else

In February 2005 my first scrobble was a Norwegian singer, then an Indonesian song. Around 17800 songs later in November 2014 was my last scrobble to last.fm. Actually I wanted to run my own GNU FM installation then, but unfortunately never finished to set it up.

#^Retargetable Decompiler

RetDec is an open-source machine-code decompiler based on LLVM.

The decompiler is not limited to any particular target architecture, operating system, or executable file format:
* Supported file formats: ELF, PE, Mach-O, COFF, AR (archive), Intel HEX, and raw machine code.
* Supported architectures (32b only): Intel x86, ARM, MIPS, PIC32, and PowerPC.

nice tool when you work with #TYPO3.

TYPO3 Console: Getting things done

The TYPO3 console is a great tool in order to get things done quickly. It provides many commands that will ease your live with TYPO3 a lot. Even if you are not used to command line tools, you should, no, you must have a look at this post.

This is a really nice tool I didn't knew something like that exists. How many times I was wondering how the progress of loading a sqldump was.

man pv

pv shows the progress of data through a pipeline by giving information such as time elapsed, percentage completed (with progress bar), current throughput rate, total data transferred, and ETA.
To use it, insert it in a pipeline between two processes, with the appropriate options.  Its standard input will be passed through to its standard output and progress will be shown on standard error.

Should have known this before:

unexpand -t 4 --first-only infile > outfile

When you have a space-intended file and you want tabs. Will create one tab for 4 spaces and only at the beginning of a line.