Category Archives: Security Theater

Leadership Antipatterns

Leadership Anti Patterns are a special variant of Antipatterns. They are dangerous, they kill productivity and they very often come together with Crocodile Management (Link is German), Mushroom or Bulldozer Management (a new manager comes in and guess what he does first?). You might also like to read about Leadership Behaviour patterns … but that’s Harvard Business School… or Antipatterns in Project Management.

Darknet demystified – The Limits of Anonymity.

The error is on OSI Layer 8, and even the best technology won’t help you if you use it wrong. In this article about the Darknet (Heise I’X, in German) I demystify many “given” assumptions. No NSA, no police, nobody needs to crack your cryptography if you do the same silly mistakes like so many others before you.

Darknet demystified

Update: Early in February I was interviewed by Radio Berlin Brandenburg about the my opinion on the darknet.

Wechselwahn – why it does not make sense to enforce recurrent password changes.

In this article for Heise I’X (in German) I present statistical and empirical evidence why it usually is a bad idea to force your users to change their password regularly. In fact, you’ll maybe push users to use patterns for their passwords that are cracked much easier than their password. What is a good password, and why you should only change it when you have reason for doubt. “You will need good reason to push your users into regularly changing their passwords – and only in few cases or insecure environments this may make sense at all…”

Factsheets and calculations about the right password length.

DIVSI – a matter of Trust ?

Welcome to the DIVSI, the “German Institute for Trust and Security on the Internet”. This is what the website looks like in my browser, with Javascript, Cookies and all Trackers turned off. Would you trust them? It’s a government project, but still: Would you trust such a website? For once, working with experts would be nice. #sigh. I know, I am using wordpress here, but at least I am not pretending. #plonck.

DIVSI

NetzDG – well, that didn’t quite work out, did it?!

Good intentions and their real life effects – that’s sometimes a whole other story.

In Germany NetzDG, a new law, passed the legislative process with best intentions: against cyber bullying, against hate speech, against fake news. Website owners and companies such as Twitter and Facebook are to be held responsible for what is published under their watch. At least, that was the idea.

Only three weeks into its existence the law, however, has had several severe impacts on free speech. Afraid of being punished social media platforms started to delete numerous postings and content..

More: https://netzpolitik.org/2018/csunet-netzdg-verstoesst-gegen-die-verfassung/

ePrivacy – Keynote at 34th Chaos Communication Congress

At the 34th CCC meeting – the legendary Chaos Communication Congress – Ingo Dachwitz held an interesting speech about a highly controversial topic: We all want our data to be safe. But what is really necessary for a well informed understanding of data security of individual users? Can we declutter ePrivacy?

Watch here: https://netzpolitik.org/2018/34c3-eprivacy-macht-der-datenschutz-das-internet-kaputt/