The IT Blog

DNS4EU: a private, safe, and independent European DNS resolver

Recently I switched my DNS Resolver to one of the European public DNS resolvers | European Alternatives mainly for privacy reasons after reading Cloudflare’s blog post about analytics in their free-tiers.

But I missed the malware protection. But today I just got aware of DNS4EU For Public!

DNS4EU is an initiative by the European Commission that aims to offer an alternative to the public DNS resolvers currently dominating the market.
https://www.joindns4.eu/about

It offers 5 different flavours:

Unfiltered resolution
Protective resolution: Blocks access to known malicious and fraudulent websites
Protective Resolution With Child Protection
Protective Resolution Ad-blocking
Protective Resolution With Child Protection & Ad-blocking

And also with some step-by-step guidelines for configuring DNS settings on a variety of platforms.

Just cool 🙂

Is it finally over for Developers?!

We’ve heard it all a couple of times: “GenAI is replacing Software Developers”, Vibe Coding, … A C-Levels dream to (finally) get rid of expensive software developers by using AI.

Take Back the Stream: Support PeerTube’s Mobile App

Big Tech dominates online video. Algorithms, Ads, and tracking define what we see and who gets heard. PeerTube offers a real alternative – decentralized, open-source, and powered by its users, not corporations.

Now, PeerTube is taking a critical next step: building its first official mobile app. Framasoft, the nonprofit behind the project, has launched a crowdfunding campaign to make it happen.

I found my replacement for LinkedIn!

If you’ve followed me, you might have noticed that I had pulled back my activities on LinkedIn gradually: I posted less, stopped interacting and deleted my content.

But I kept returning – only to feel the same mix of disappointment and annoyance every time. Eventually, I asked myself: Why did I keep coming back – even though it never felt useful?

AI Agents: Loyal Only to the Prompt

Recently I thought “If AI scrapers are scraping my website, would a prompt injection work? Just adding invisible Prompt commands …?”

And just today, a colleague sent me this link to an article about prompt injection in GitLab Duo: Remote Prompt Injection in GitLab Duo Leads to Source Code Theft:

TL;DR: A hidden comment was enough to make GitLab Duo leak private source code and inject untrusted HTML into its responses.
https://www.legitsecurity.com/blog/remote-prompt-injection-in-gitlab-duo

Well – it shows: damit! Someone else was faster! 😀

But besides that: it confirms a paranoid thought that I have been harboring for quite a while. Any output of an AI system must not be trusted blindly.

Torture for Bitcoin: When Crypto Gets Brutally Real

It’s one thing to know that each password can be stolen by kidnapping a person knowing the passwords and then “convincing” them to reveal it. But really reading that it (very likely) happened … feels strange.

I just read an heise article (Um Bitcoin zu stehlen: US-Kryptoinvestor hat wohl wochenlang Touristen gefoltert), citing an NBC-article (Crypto trader tortured Italian man in NYC home in bid to steal his bitcoin).

Oh well, that’s one of the services that traditional banks do. Making suchthings harder. Maybe not fully impossible, but harder than “enter password”.

Why “Open” may not Always be Enough

If you care about open source, open data, or open standards, you should read “What we in the open world are messing up in trying to compete with big tech“.

I found it a good critique on Open Source and why “technology” and an OpenSource Licence may not be enough to compete with BigTech players. The author doesn’t argue against OpenSource but he points some quite valid points.

You might say “look at your own GitHub repo first” but wait: The difference in my view is: Do you open-source something just to make it available for others as well or do you make an OpenSource project to compete with a commercial product / to position yourself as a valid alternative …

Anyways, give it a read – and maybe follow his Blog as well!

Buchempfehlung: Die Logik des Mißlingens

Eine Kollegin hat mir neulich ein Buch empfohlen: “Die Logik des Mißlingens, Strategisches Denken in komplexen Situationen” von Dietrich Dörner. Klang ja wie eine Anleitung für Projektleitung. Kurz darauf lag also eine leicht vergilbte second-hand Ausgabe davon auf meinem Tisch.

“Die Logik des Mißlingens” ist kein neues Buch – es ist von 1989, aber ein Thema, das zeitlos bleibt. Weil menschliches Verhalten zeitlos fehlbar ist und – wie ich glaube – sich die generelle Denkweise in nur 30 Jahren vermutlich kaum geändert hat.

Podcast: Warum Arbeit häufig Zeitverschwendung ist

Gerade von Kollegen empfohlen bekommen: eine Podcast Folge über Arbeit und Meetings. – Wird irgendwie nie alt.

How to check the Email Security Level of your Provider

If you’ve ever wondered which security protocols your email-provider supports, there is an easy way that I found via Mastodon:

The European Commision provides My Email Communications Security Assessment (MECSA) (https://mecsa.jrc.ec.europa.eu/) with which you can quickly check, which of the protocols your provider supports (StartTLS, x509 Ceerts, SPF, DKIM, DMARC, DANE, DNSSEC).