Subscribe to one of my feeds:
This is the home-page of Karl Voit.
On this page you can see the latest blog updates. For further articles, please use the search bar or navigate through the blue tags. My recommendations are pim, privacy, or security.
I recommend any decent RSS/Atom aggregator to get notified on blog updates.
Most recent articles or updates:
Problem description: Lenovo x13 2-in-1 Gen 5 with Debian 13 GNOME 48: I can't select the native screen resolution for the external 34" TFT which is 2560x1080. Hostname = Cosmo.
In the GNOME screen configuration dialog, I may only choose a resolution (among others) that is similar but not correct: 2560x1440
Many smartphone owners seems to live with a constant fear that their smartphone might die. A clear sign that you might be affected as well could be that you find yourself in a situation where you desperately need to charge your phone during the day.
In 2022, I blogged about our first approach to produce soft drinks like Cola, Fanta, Sprite on our own. This is an add-on article which explains an alternative recipe for the Cola part. While the previous recipe is really good, we wanted to try out a second approach where Artemisia abrotanum, the southernwood, lad's love, or southern wormwood is an ingredient.
In German, this is called Eberraute but it's inofficial German name is the more fun here: "Cola-Kraut". If you find it in nature, you need to smell it: it will remind you of Cola.
2025-09-07 Update: see DIY Cola (Part 2) for a different recipe using Cola herbs.
I somehow stumbled over a video on how to make soft drinks with a simplified recipe yourself. To my surprise, the recipes were really simple and effort was small. That got me hooked: does this really end up with soft drinks that taste like the commercial ones we all know?
There is only one way to find out.
My primary focus was the DIY Sprite. I was curious about the taste of the DIY Cola especially after seeing the rather short list of ingredients. And my wife was interested in DIY Fanta. So I had to make all three of them myself.
On this page, I collect my public/media appearances of any kind.
I do have a separate press information page with my bio in German and English, summary of my academic work and photographs to download. Drop me a line via email in order to get the URL.
Most recent updates:
Some of them are available in German language only.
Here is a list of tasks I do on my computers and the software I am using for accomplishing these tasks. The first column also links corresponding workflow descriptions with further information on how I am doing things which should be our focus, not the tool. At the very bottom, there are links to more workflow descriptions.
For all the Emacs people visiting this page: here, I just list a few Emacs packages. For more details on which packages I'm using for my workflows, please do visit my online Emacs config and check out the first chapters explaining my setup.
It is important to emphasize that you can not derive anything for your situation without knowing my requirements and how they lead to my choice for a tool. For some workflows, I've added a link to further information which might also contain a description of my requirements (first column).
2025-09-03 IMPORTANT UPDATE: it seems to be the case that the TU Graz has cancelled almost all "Freifächer" (elective course, optional subject) a couple weeks before they were supposed to start again. As long as I don't find a way to get into a "Wahlfächerkatalog" (elective course catalogue) or similar, my lecture at the TU is history. If you're interested in the lecture (wherever I may be able to conduct it), please drop me a line via email at pimlvinfo@ (+the domain of this blog) and I'll contact you if this changes somehow. I'm truly sorry. Maybe I'll be able to realize my lecture together with Uni Graz or one of the FHs in Graz. If you do have connections, please do let me know.
Here's the old content for reference:
With this October, my lecture on Personal Information Management (PIM) at the Graz University of Technology is continued for the fall/autumn term (Wintersemester).
I conducted this lecture at the University of Applied Science St. Pölten for eight years.
For the TU lecture, I had the pleasure of being able to extend the content as it covers two hours a week (2 SMS or 2 ECTS).
I am proud to report that I always had excellent student feedback.
The short summary is:
Through self-enabled, tool-independent requirement engineering and objective market exploration, attendees of this lecture should be able to decide on well-suited solutions in terms of workflows/processes and tools for Personal Information Management.
Watch my previous promo video for the 2021 lecture (location and time are the same):
In 2023, I started to use NixOS. Please do read about the linked article in order to learn about my motivation, my background and my hopes for NixOS back then.
This article covers my issues with NixOS and I also briefly summarize my reasons to choose Debian 13 Trixie as a replacement.
Die Wochenzeitung Falter schreibt via Tessa Szyszkowitz in Ihrer Ausgabe 48/24 auf Seite 26:
2019 gab Jack Dorsey auf Twitter bekannt, dass er fünf „Open-Source-Architekten“ darauf ansetze, ein Produkt zu entwickeln, das „einen offenen und dezentralisierten Standard für soziale Medien“ entwickeln solle.
Und weiter:
Als CEO konzentrierte sich Graber ab 2021 auf den Kern der Gefahr: Soziale Medien besitzen nicht nur die Daten ihrer User, sie monetarisieren sie auch. Bei Bluesky kann eine Userin jetzt ihre Daten mitnehmen. Graber entwickelte das AT-Protokoll, ein dezentralisiertes System, damit nicht eine Firma alle Daten besitzt. Ob das in Zukunft klappen wird, ist bisher unklar.
Das stimmt soweit auch beinahe.
Allerdings liest sich dieser Artikel - wie auch so viele andere zur Zeit - so, als ob Bluesky tatsächlich ein dezentrales Medium wäre. Das ist allerdings falsch.
Sie müssen nicht mein Wort dafür nehmen. Ich habe hier ein paar Quellen mal verlinkt, die sich mit dem Thema weitaus näher beschäftigt haben:
These are my personal notes on how to set up a new GNOME desktop environment (preferably Debian stable). This documentation started with GNOME 48 of Debian 13 (Trixie).
(For the record: I was using the XFCE desktop environment for more than 15 years until 2025-08 when I wanted to try out something new with some additional armenities and better styling.)
This is a — hopefully qualified — rant about the use of Markdown as a Lightweight Markup Language (LML) instead of other LMLs that are more qualified to do the very same job.
I'm very well aware that Markdown is the most widely used syntax for that purpose at this moment. It's so widespread that most people do think that Markdown is the only LML there is.
My point is that Markdown is a bad syntax choice for LML applications. I think I have good arguments for my point. I also mention better designed LMLs that you should use instead in order to simplify your personal digital life as well as the digital life of so many others that are about to learn their main LML.
I am trying to explain everything from the basics as well. Furthermore, I try to explain everything within that context in order to address people who are not tech-savvy. If you know, e.g., what file formats are, you may skip sections, of course.
(TL;DR: Among other Markdown design issues, Markdown with its zoo of different flavors has too many practical issues to deal with that better designed LMLs offer much better alternatives with almost similar tool support. So you don't have to get rid of your workflows, just switch to a better syntax.)
As my wife is not happy to start using GNU Emacs with Org-mode as I recommended to her, I was looking for an alternative. The general requirements are those of a typical student, collecting all kinds of university- and domain-related knowledge and - I presume it will take the usual direction - contact management, information on things, household stuff, appointments, and so forth.
This article is a brief report on my personal experience from that journey. It's not a tutorial. It's not describing the full set of features of mentioned tools. This is just my remarks from an Org-mode point of view, mentioning things that caught my eye.
In letzter Zeit wurde nicht zuletzt durch das Engagement der großen Megacorps Microsoft, Google, Apple und Amazon das Thema Passkeys in der breiten Bevölkerung bekannter.
Allerdings sind die zahlreichen Auswirkungen des Themas für IT-Sachkundige als auch für nicht IT-Sachkundige nicht so ganz einfach zu verstehen.
Ich habe einige allgemeine Dinge zu Passwortsicherheit unter diesen Artikel zusammengefasst und da kommen FIDO2 und Passkeys bereits vor:
In "Wie man eine vertrauenswürdige Authentifizierungs-App auswählt" erkläre ich, wie man sich gute mobile Authentifizierungslösungen aussucht, ohne, auf die Technik näher einzugehen.
FIDO2 und Passkeys sind sich recht ähnlich und werden oft auch verwechselt oder über einen Kamm geschert. Es gibt meiner Meinung nach auch keine genaue Definition von "Passkeys".
Für alle Menschen, die ein wenig mehr über die Unterschiede und jeweiligen Vor- und Nachteile lernen wollen, ist dieser Artikel geschrieben:
TL;DR: Zwei moderne FIDO2 Hardware-Token kaufen, die auch mit Passkeys umgehen können. Primär FIDO2 nutzen, wo es geht und ansonsten Passkeys oder mit niedrigerer Priorität auch andere Mehrfachauthentifizierungsmethoden.
Falls ich wo etwas falsch aufgefasst haben sollte oder wenn sich etwas an der beschriebenen Sachlage ändert, freue ich mich über Feedback (unten).
This is huge. This is important.
In July 2023 Microsoft had to announce a security incident which impact is more or less a total desaster for Microsoft and its trustworthyness. This was only the beginning of the story of the biggest security catastrophy I have heard so far.
When I tell people about that incident, they usually don't seem to believe. I blame the general media for not having properly covered the incident. This should have been in the headlines for weeks and Microsoft should be history by now. To my astonishment, this was not the case. Not even close. Even Wikipedia is not as alarming as the incident should indicate.
Why do I think that way? In short: basically any service provided by Microsoft and at least all Windows hosts need to be considered hacked beyond repair. This is the mother of worse case scenarios when it comes to security.
Let me explain - using sources we trust.
Here is a neat little PIM improvement which has a great impact on my personal way on how to deal with Virtual Desktops and windows on my GNU/Linux systems. After using it for a few months, I do find this method brilliant and therefore, I need to blog about it.
Working with many application windows on different Virtual Desktops comes with a burden. In most setups, you have to manually switch desktop before you can see the corresponding windows and switch to them. However, in my usual work I know exactly to what window I'm going to jump to, independent of my current Virtual Desktop.
Same as with using a (local) search engine to "teleport" to a specific web site, computer file or start an application, I introduced myself to a method to teleport to any open window on my computer.
In combination with the Firefox add-on "window-titler", I may switch to arbitrary windows by simply invoking a custom keyboard combination, enter a search term (if it's unique with few letters, it's really quick), press Enter and my focus is switched to the Virtual Desktop and the window of choice.
I want to start with a brief episode from my past. When I was about to finish my PhD thesis in 2012, I was looking for options of starting a career in academia. Therefore, I was speaking to great PIM researchers at international conferences and asking them if I may join their research groups as a post-doc. One of my favorite researchers was Gloria J. Mark. Back then, she was analyzing the effects of multi-tasking settings on efficiency and so forth.
After I have introduced myself and my research on tagstore where I was using user-generated tags to support filing and retrieving arbitrary files on the local file system, she explained that she doesn't see any future in that research. To my surprise, she argued that the future is not text-based. She wants to shift her focus on video-based information where she thinks that this will be much more relevant for the people. According to her, text is getting less important while video is getting more and more important.
This is why I do think that we should think about the importance of information locked into video, audio and image content.
Ich habe ein Haus gebaut. Wie bereits angekündigt.
Als ich mit dem Hausbau begonnen habe, erkundigte ich mich bei Freunden, die ebenso schon Häuser gebaut haben, worauf ich denn achten muss. Ein guter Freund formulierte seine Antwort in etwa so, dass die Probleme bei jedem Haus andere sind, sodass man sich schwer tut, generelle Ratschläge zu geben.
Ich probiere es trotzdem, obwohl ich inzwischen einsehe, dass man dabei nur allgemein bleiben kann.
my-generate-sanitized-alnum-dash-string(str)This is an article from a series of blog postings. Please do read my "Using Org Mode Features" (UOMF) series page for explanations on articles of this series.
In this article, I'm going to explain how I am using internal links to create links pointing to headings using unique :ID: properties.
Here's an idea for the geeks of us: I manage my OpenWRT DHCP (IPs) and firewall configuration from a single Org-mode table.
Why did I start with this? Well, in early 2025, I lost all of my router configuration because of a dying hardware and a personal error of not continuing my quarterly backup process for quite some time (due to router hardware switch issues).
So I had to start from scratch. Before I did this, I was thinking of getting an overview of my network devices. And combining this overview table with the configuration re-do I was thinking of generating the configuration files from that overview table. This way, I only have one single point of truth and the overview combined.
For people who do not use Org-mode yet: yes, you can keep the table in a text file or a CSV file and use the Python script as an independent script file. In this case, you need to adapt the parsing of the table data yourself. The idea and the workflow are the same. The implementation is slightly different.
The general workflow is that I maintain an Org-mode table with my devices. Furthermore, there is a babel code snippet in Python which takes this table as an input and generates the firewall and dhcp configuration files in their right format. Those files are then get copied to the router via scp (and key authentication).
So let's go though all those parts one after each other.
Disclaimer: this is a very nerdy blog entry. It is about lightweight markup languages and why I think that Org mode syntax is the best lightweight markup language for many use-cases. And with lightweight markup language, I do mean the syntax, the way you express headings, lists, font variations such as bold face or italic, and such things.
Disclaimer: I've written a very similar article on why Markdown is a bad idea in general.
Please do note that this is not about Emacs at all. This is about Org mode syntax and its advantages even when used outside of Emacs. You can type Org mode syntax in vim, notepad.exe, Atom, Notepad++, and all other text editors out there. And in my opinion it does have advantages compared to the other, common lightweight markup standards such as Markdown, AsciiDoc, Wikitext or reStructuredText.
Of course, Org mode syntax is my favorite syntax. Despite my personal choice you will see that I've got some pretty convincing arguments that underline my statement as well. So this is not just a matter of personal taste.
If you already have a grin on your face because you don't have any clue what this is all about: keep on reading. It makes an excellent example for making fun of nerds at your next dinner party. ;-)
I do write a lot about PIM topics, I did some PIM research about local file management, I love to give lectures on PIM topics. Therefore, it's quite natural that people start to believe that my personal PIM situation is near perfect.
As I once wrote on Mastodon, this is not the case at all:
I got great feedback from people writing that they are relieved that even "somebody like me" is really struggling with processing all the information as properly as desired.
Therefore, I want to update this persistent article from time to time, showing my current status of some digital debt in terms of unprocessed items in various inboxes of mine.
my-mark-as-project()This is an article from a series of blog postings. Please do read my "Using Org Mode Features" (UOMF) series page for explanations on articles of this series.
In my world, I tend to define "projects" as a construct that contains a set of tasks in order to reach a common project goal. A project may contain another (sub-) project.
Within Org mode, I need a syntax element to decorate my projects as such in order to make sure Org recognizes projects in case I need Org mode support for projects.
Update 2024-12-23: Aspekte für kollaboratives Arbeiten ergänzt
Der Podcast "FOCUS ON: Linux" (keine mir bekannte Homepage) brachte am 2024-12-19 eine Episode zu "Org-Tools" (vermutlich kurz für "Organisationstools").
Die Shownotes dazu findet man unter anderem unter podigee.io.
Für mch war die Episode insofern sehr spannend, weil ich wieder mal viel über die Anforderungen von Menschen lernen durfte, die sie an ihre PIM-Tools stellen. Sowas finde ich immer sehr aufschlussreich.
Ich habe allerdings auch einige Dinge auszusetzen beziehungsweise Falschinformation zu korrigieren.
Ich war beim Podcast Methodisch inkorrekt! in Episode 239 mit einen Audiokommentar on air, wo ich etwas zu den Themen "Wie man eine Authentifizierungs-App auswählt" und Passwortsicherheit im Allgemeinen sagen durfte. Der bezog sich auf die Diskussion zum Thema "Google" der Podcast-Episode 238 "Mö Mö", wo Reini einen etwas saloppen Kommentar zu der Thematik geäußert hat.
In diesem Artikel möchte ich den Teil mit der Auswahl einer TOTP-Anwendung beschreiben. Die meisten Punkte können jedoch auch für die Auswahl von sicherer Software verallgemeinert weiterverwendet werden.
Für ganz allgemeine Tipps zur Auswahl von Werkzeugen wie Softwareprodukten, empfehle ich meinen (englischsprachigen) Artikel zur Tool-Auswahl.
Falls du zuvor noch generell etwas über Passwortsicherheit und Zweifaktor-Authentifizierung lernen willst, so lies dir meinen Artikel zu Passwortsicherheit durch und komm zum Thema Authentifizierungs-App und TOTP hierher zurück.
Es gibt verschiedene Authenticator-App-Typen. Deshalb sollte man sich zuerst bewusst werden, worüber man gerade spricht.
Neben proprietären Authenticator-Apps verschiedener Firmen, die keinem offenen Standard folgen, gibt es den aktuell weit verbreiteten Standard TOTP, der für "Time-based One-time Password" steht. Da zu ersterem mangels Einsicht in den Code keine sicherheitstechnische Aussage getroffen werden kann, kann ich hier nur zu TOTP schreiben.
TOTP ist den meisten Anwendern durch einen QR-Code bekannt, den man beim erstmaligen Einrichten einer neuen Zugangsberechtigung mit der TOTP-App einlesen muss.
Da es sich um einen offenen Standard handelt, gibt es hier etliche Apps, die TOTP-Funktionalität zur Verfügung stellen.
Meine persönlichen Kriterien zur App-Auswahl sind:
Update 2024-10-17: sketchnote and captions by Sacha Chua
In June 2023, I got invited to give a short talk about local file management at the Worklab 2023 which was organized by mur.at. This time, I used a different idea and talked about a few general concepts and ideas related to this topic. A few things I took from my PIM lecture.
The talk was part of the session "Desire to collect - Tools & Roadmap".
Fortunately, the talk was recorded and got published in October 2023 (44min):
Here are the main topics of my talk with some links:
Sacha Chua created awesome sketchnotes for that talk:
Its licensed under a Creative Commons Attribution. She also published captions for the video recording file.