On this page you can see the latest blog updates. For further articles, please use the search bar or navigate through the blue tags.
My recommendations are pim, privacy, or security.
Miscellaneous links to real events I was writing about in theory
since the article was published.
Back-link to a Hacker News discussion about this article.
2023-05-19
The extremely worrisome talk by Yuval Noah Harari
2023-05-27 A drastic warning by Google's former CEO Eric Schmidt and
others
2024-01-14 Interview Esther Dyson
ChatGPT is all over the media these days. It's a true miracle to most people. In this article, I want to express my personal opinion on ChatGPT as a non-expert on AI.
Please do note that ChatGPT is only one single example from a class of AI services that do provide similar services. Because of the current hype of ChatGPT, I'm using that product but you need to be aware that this article is not about ChatGPT only. This article is valid for all software services that are able to produce valid looking all-purpose texts from a simple command.
2024-01-12: Please note that meanwhile, the org-super-links prefix changed from sl- to org-super-links-. So I changed them here as
well.
Reading this article you will learn why the Zettelkasten method is not for everybody. Furthermore, I show you a nice Org mode extension to link headings with back-links.
This article was also part of the basis of my EmacsConf 22 9 minutes demo which can be also be found on various locations:
Mastodon features a Content Warning system. It’s an optional mask that
covers the content of a post with an editable warning message.
It’s used to cover content that is admitted by your Instance policy
but may still hurt people, like spoilers, nudity, depiction of
violence or threads about sensitive topics.
For example, if you want to start a thread about the ending of a fresh
new movie, you can do it using a CW like “Spoiler about the ending
of...”
Every Instance has its own rules about CWs and therefore it’s common
to see them used in different ways, like on selfies or depictions of
food. That is because what on an Instance is considered a sensitive
topic on another may be something commonly accepted. It’s possible
that an Instance is blocked by others because of its misuse of CWs on
certain kinds of topics.
This said, if you want you can always go in the Setting page and set
to automatically uncover all the CWs.
While there are tons of valid reasons to use a CW, there is a growing number of posts that do seem to dilute this great idea of CWs.
In the previous article on our PV, I've summarized many things related to the planning and construction phase and ended with the figures from the first six months. I assume, you went through this article before you continue below.
Here, I want to deliver the figures of the year 2023 which is more or less equal to the total run-time of our PV so far.
2021-08-03 Comments by me for the Hacker News arguments I read.
2021-11-11 Similar Angles: added Cory Doctorow's article
2022-04-10 Newsarchiv.tugraz.at gone
2022-04-25 Videos of the GLT22 talk
2023-12-31 Link to my 37C3 talk
If you're, for example, contributing to a reddit thread about something which is irrelevant or anything with only a short-term relevance, this article does not apply to you right now.
However, as soon as you're helping somebody solving an interesting issue, summarize your experiences with something or write anything that might be cool to be around in a couple of years as well, you do provide potential high-value content. My message to all those authors is: don't use web-based forums.
In late 2023, I got the opportunity to give a talk at the 37C3 by the CCC in Hamburg. This talk was not recorded but overlaps in most parts with the recorded talk above.
TL;DR: all of the content of closed, centralized services will be lost in the long run. Choose the platform you contribute to wisely now instead of learning through more large data loss events later-on.
After over two decades of using Debian-based GNU/Linux distributions (in short: "distros"), I did my first steps with a distro that is also considered as hyped one these days: NixOS.
Although NixOS is already around for twenty years, it only gained more attraction probably in the recent five to ten years or so.
If you're a frequent reader of my articles, you know that I don't follow the latest hype and I certainly would not practice distro hopping just because of the high switching cost.
This article is about my motivation to leave my comfort zone and try something very different, accepting this high switching cost for a higher goal.
Disclaimer: I'm still a Nix beginner and if I may have understood something wrongly, please feel free to leave a comment so that I'm able to fix errors I might have made here.
A bit of a warning upfront: it's complex. Furthermore, NixOS is doing many things very differently compared to other GNU/Linux distributions. It's a deep rabbit hole you may fall into - or not. My article should give you my personal point of view that might motivate or demotivate to use Nix for yourself.
As I once wrote on Mastodon, this is not the case at all:
My Mastodon post about spring-cleaning my Org-mode inbox file.
I got great feedback from people writing that they are relieved that even "somebody like me" is really struggling with processing all the information as properly as desired.
Therefore, I want to update this persistent article from time to time, showing my current status of some digital debt in terms of unprocessed items in various inboxes of mine.
Ich hatte vor vielen Jahren eine Freundin. Oder besser gesagt, ich war ein Werber, denn sie war noch nicht ganz von unserer Beziehung überzeugt und wir noch nicht offiziell zusammen.
Leider war ich recht rasch ziemlich heftig in sie verschossen und so entstand eine sehr emotionale und eventuell auch ein bisschen toxische Beziehung mit vielen schönen Hochs und auch vielen schlimmen Tiefs.
In dieser Situation war ich ständig auf positive Signale hellhörig. Diese Frau musste einfach mein werden.
Nun ging es damals auf Weihnachten zu. Wir feierten getrennt mit unseren Familien und so tauschten wir bereits im Vorfeld verpackte Geschenke aus.
Here is a list of tasks I do on my computers and the software I am using for accomplishing these tasks. The first column also links corresponding workflow descriptions with further information on how I am doing things which should be our focus, not the tool. At the very bottom, there are links to more workflow descriptions.
For all the Emacs people visiting this page: here, I just list a few Emacs packages. For more details on which packages I'm using for my workflows, please do visit my online Emacs config and check out the first chapters explaining my setup.
You have to use ADE since the ebooks are using Digital Rights Management (DRM) which prevents you from using the data as you would like to. DRM is for protecting the property of companies. So you never own any DRM protected data. You only rent it as long as the DRM owner allows you to.
The only way to make it run was for me using winetricks with "install software" and choosing ADE version 1.7.2. Don't even try to install a downloaded ADE exe setup file within wine.
After setting up my Adobe account, I was able to download an EPUB into ADE. ADE then (sometimes) recognized my Kobo ebook reader and transferred the books onto its storage.
Du hast deinen Weg auf meine Homepage gefunden und interessierst dich für Personal Information Management (PIM)? Wunderbar. Hier ein kleiner Überblick zum Einstieg, da ich schon recht umfangreiches Material gesammelt habe.
Da das Thema PIM sehr viele Menschen interessiert, sind die meisten Artikel zu dem Thema in englischer Sprache. Ich hoffe, das ist kein Problem. Ansonsten gibt es ja noch entsprechende Übersetzungsdienste.
Auf How to Use This Blog Efficiently erkläre ich, wie man über neue Artikel benachrichtigt werden kann, wie die Navigation über Schlagworte (tags) funktioniert und was die verschiedenen Seitentypen (temporal, persistent, tag pages) unterscheidet. So findest du dich mit der hier verwendeten Blogging-Software zurecht.
Du wirst am besten mit meiner Tag-Seite zu PIM beginnen, wo du alle Artikel findest, die mit "PIM" verschlagwortet sind. Hier habe ich auch vor der Artikel-Liste einführende Worte zu dem Thema formuliert.
Wir waren mal wieder im Kabarett. Alfred Dorfer ist jedem Österreicher aus Kabarett, TV und Film wohlbekannt. Seit 2017 spielt er sein Programm "und…". Ich ging vollkommen ahnungslos in das Programm - ich wusste nicht, was mich erwarten wird: politisches Kabarett oder ein typisch österreichisches Kabaretttheater à la Haders "Privat" oder auch frühere Dorfer-Programme, die in diese Richtung gingen oder Musikeinlagen oder etwas anderes.
Es war - bis auf die fehlenden Musikeinlagen - ein bunter Mix aus vielen Elementen, würde ich sagen. Hier ist mein Bericht.
Somebody could say that this is what you get when people get promoted when they "ship something to the customer" totally neglecting whether or not this "something" has meaning, value or other positive aspects. This is a general cultural issue of the Silicon Valley.
Google was on the right track in my opinion when they worked on Google Wave. It was planned as a federated open protocol with open source code published. This way, each company, organization or community was able to set up their own instance that talked to all other instances. Just like the email infrastructure.
For the first time, I thought that this had the potential to replace business email services in the long run. The technology involved was awesome and highly collaborative work was extremely well supported. In this direction, I've never seen anything better ever since.
Then Google discontinued the development out of the blue and moved the code to the Apache Foundation. It entered a slow but steady death road until it was finally declared dead in 2018.
There are no specific descriptions on the new stuff Google is going to release. My prediction is that this is going to be either dead on arrival or a bit later or it is going to be a niche product for some time.
Considering the market power of Google, the whole story is a declaration of failure.
In June 2023, I got invited to give a short talk about local file management at the Worklab 2023 which was organized by mur.at. This time, I used a different idea and talked about a few general concepts and ideas related to this topic. A few things I took from my PIM lecture.
The talk was part of the session "Desire to collect - Tools & Roadmap".
On this page, I collect my public/media appearances of any kind.
I do have a separate press information page with my bio in German and English, summary of my academic work and photographs to download. Drop me a line via email in order to get the URL.
Most recent updates:
2017-04-28: GLT17
2017-04-28: Ö1 Matrix (Privacy) from February
2019-04-29: GLT18 and GLT19
2020-02-20: LinuxUser 03.2020 Article
2020-06-17: Linux Magazine July 2020 Article
2021-04-10: GLT21
2021-12-07: PIM lecture at Graz University of Technology and talk at
EmacsConf21
2022-04-09: GLT22 talk
2022-07-03: BarCamp 22
2022-09-09: Digital.Lebel Graz.social
2022-12-04: EmacsConf22
2023-05-07: barcamp Graz 2023
2023-10-20:
Barbara Karlich Show 2023
Podcast episodes "The Informed Life" and "Focus On Linux"
2023-11-05: Worklab 2023 talk and video
Some of them are available in German language only.
Im Falter 41/23 S.21 (eine Seite vor einem großartigen Artikel über Kompetenz in Sozialen Median) schreiben Sie:
Gäbe es doch etwas wie Twitter, nur ohne Elon Musk! Seitdem der
erratische US-Investor den Nachrichtendienst übernommen hat, driftet
Twitter/X hart nach rechts. Jeder hadert damit, aber wohin migrieren?
Jetzt ist Bluesky als Alternative aufgetaucht, die Codes, mit denen
man sich dort anmelden muss, sind begehrt – und werden sogar um Geld
gehandelt. Wird Bluesky, das wie Twitter/X aussieht und sich auch so
anfühlt, das nächste große Ding, oder bleibt es nur ein
Nischenphänomen wie das umständliche Mastodon? Das lässt sich wohl
erst dann sagen, wenn Meta seinen Twitter-Klon Threads in der EU
anbietet.
Ich finde es schade, dass ein Medienunternehmen wie Sie das meiner Meinung nach ungerechtfertigte Vorurteil der Umständlichkeit von Mastodon so breit wiederholt. Der einzige fundamentale Unterschied in der Bedienung zwischen Twitter und Mastodon ist, dass man sich bei dem offenen Mastodon ist die verteilte Struktur, die man auch schon von E-Mails kennt. Niemand hat ein vielbeachtetes Verständisproblem, weil man sich für einen E-Mail-Provider entscheiden muss.
Meine Hoffnung wäre, dass die Redaktion keine Vorurteile wiederholt, sondern im besten Fall ihren LeserInnen erklärt, wie etwaige Startschwierigkeiten überwunden werden können.
Große Verlagshäuser starten ihre eigenen Mastodon-Server und stellen ihren RedakteurInnen somit verifizierte Accounts zur Verfügung. Dadurch kommt es auch vermehrt zu direktem Austausch zwischen LeserInnen und dem Printmedium. Sie finden beispielsweise auch unter https://verifiedjournalist.org/ verifizierte KollegInnen im Fediverse.
Falls es doch noch offene Fragen und Unsicherheiten gibt, so komme ich sehr gerne auch von Graz in die Redation vorbei, um den großen Unterschied zwischen kommertiell betriebenen Plattformen wie X oder Bluesky und offenen Plattformen wie die Services im Fediverse näherzubringen.
Disclaimer: ich bin im Vorstand von https://graz.social "Verein zur Förderung ethischer Digitalkultur" und betreibe viel Aufklärungsarbeit bei techniklastigen Themen auf https://Karl-Voit.at
To my knowledge, Microsoft is currently not actively promoting this feature. Therefore, complaining on bad design decisions does not apply here as long as Microsoft does not understand this kind of tagging as something which was designed to be used by the general user. Because from my perspective, it obviously can't be meant to be used in practice. Unfortunately. Let's take a closer look why I came to this conclusion.
TL;DR: Microsoft Windows does provide NTFS features to tag arbitrary files. Some applications do also merge format-specific tags with these NTFS tags. Although there are quite nice retrieval functions for tags, it is very complicated to use this for general file management. Applied tags are easily lost so that in practice, users will refrain from using native Windows file tagging like this.
Table of contents:
What Does Tagging Mean Here?
A Well-Hidden Feature
How to See and Assign Tags
How to Make Use of Tags
Playing Around With Tags
Enabled File Types for Tagging
How to Enable Tags for More File Types
Relations Between Applications and Meta-Data
History, Implementation Details, and Similar Implementations
2023-04-25: Ich muss von Google Authenticator wegen
Cloud-Datenabfluss dringend abraten.
2023-04-26: Google Authenticator überträgt Geheimnisse
unverschlüsselt!
2023-05-25: Google hat auch den Fix vom Authenticator verbockt.
2023-07-08: Beispiel-Screenshot einer Warnung vor einer bösen
2FA-App
2023-09-17: Google Authenticator hat mit Cloud-Backup Geheimnisse
von Nutzern verloren
Ich war beim Podcast Methodisch inkorrekt! in Episode 239 mit einen Audiokommentar on air, wo ich etwas zu den Themen "Wie man eine Authentifizierungs-App auswählt" und Passwortsicherheit im Allgemeinen sagen durfte. Der bezog sich auf die Diskussion zum Thema "Google" der Podcast-Episode 238 "Mö Mö", wo Reini einen etwas saloppen Kommentar zu der Thematik geäußert hat.
In diesem Artikel möchte ich den Teil mit der Auswahl einer TOTP-Anwendung beschreiben. Die meisten Punkte können jedoch auch für die Auswahl von sicherer Software verallgemeinert weiterverwendet werden.
Falls du zuvor noch generell etwas über Passwortsicherheit und Zweifaktor-Authentifizierung lernen willst, so lies dir meinen Artikel zu Passwortsicherheit durch und komm zum Thema Authentifizierungs-App und TOTP hierher zurück.
Es gibt verschiedene Authenticator-App-Typen. Deshalb sollte man sich zuerst bewusst werden, worüber man gerade spricht.
Neben proprietären Authenticator-Apps verschiedener Firmen, die keinem offenen Standard folgen, gibt es den aktuell weit verbreiteten Standard TOTP, der für "Time-based One-time Password" steht. Da zu ersterem mangels Einsicht in den Code keine sicherheitstechnische Aussage getroffen werden kann, kann ich hier nur zu TOTP schreiben.
TOTP ist den meisten Anwendern durch einen QR-Code bekannt, den man beim erstmaligen Einrichten einer neuen Zugangsberechtigung mit der TOTP-App einlesen muss.
Da es sich um einen offenen Standard handelt, gibt es hier etliche Apps, die TOTP-Funktionalität zur Verfügung stellen.
Meine persönlichen Kriterien zur App-Auswahl sind:
möglichst eine freie Software mit großer Community
vertrauenswürdige Hersteller- und Installations-Quellen
For example, we've been adding cables from the engineering room to the roof. This is the story about early plans until we've got our PV and experiences and statistics after half a year.
Our main goals were:
Do something against the climate catastrophe we're going through in
the next centuries
Reduce the energy bill with DIY-power
Beat the high volatile power prices after Putin's war on the
world
Be a bit more independent from the power grid
Protect our house from loss of grid power which we expect to happen
more and more in future
Please notice that the list doesn't contain something like "earn money" or "have a great return of invest (ROI)". This is important because I planned to invest some money into a house battery. With a decent battery size, there is a poor chance that you get more money back during the life-span of your components than you have invested. This supports our goals with gaining more independence. More on that later.
Feel free to skip some sections if you are just interested in the result and not the journey.
2020-01-01: Modified version using appendorgheading
2023-09-02: Updated link to gitwatch repository
Maybe you have faced the very same issue: when large Org mode hierarchies are folded, it might happen that you overwrite or delete large parts of your Org mode file without noticing.
This is not a big deal if you happen to have your Org mode files within a git repository. All changes to my Org mode files even get committed automatically using gitwatch. Everything that happened to your Org mode files can be revoked. However, you have to recognize the deleted lines in order to be able to restore them.
And this is where this small trick can help you: using the post-commit hook below, you get a warning on your daily agenda when you check in a commit that deleted more than a given number of lines.
Ich habe mit Folge 175 (2020-09-30) den Wissenschaftspodcast methodisch inkorrekt (kurz: minkorrekt) angefangen zu hören. Er begleitete mich seither ständig. Ich hörte die aktuellen Folgen, sobald sie veröffentlich wurden und dazwischen hörte ich seit deren Folge 0 (ja, sie haben den Fehler der Nullfolgennummerierung schon oft beklagt) alle Folgen nach.
2023-06-12 Further arguments for raising awareness on issues of
privacy, data-protection and lock-in situations.
One single tool can not be a perfect fit for all sets of requirements. You need to differ between different situations, frequency of use, preconditions related to the user's knowledge, user interface requirements, and so forth.
On the other hand, for each given tool, there exists at least one set of requirements where this particular tool is a perfect fit. This way, each tool is a legitimate choice for at least one situation.
Since the requirements are defined by our situation alone, the only free variable here is the tool of choice. Therefore, we need to find a match between our current set of requrements at hand and a tool.
Unfortunately, I have to watch people making sub-optimal choices for their software tools too often. Most of the time, the root cause for a bad tool choice is that there was no deliberate process on how to select the tool. Maslowonce said:
I suppose it is tempting, if the only tool you have is a hammer, to treat everything as if it were a nail.
For me, the proper way of choosing a tool is following this pattern:
I wrote lazyblorg in order to get the blogging software I wanted to use myself. Therefore, I optimized it for minimal effort for a posting and being embedded into my Org-Mode setup.
Of course, I published lazyblorg on GitHub so that other people could use it as well. The second reason for publishing lazyblorg for others was that I was forced not to deliver an ugly works-on-my-machine hack.
2023-06-05: fixed dimensions from mm to cm - thanks Alexander!
For capturing tasks or information when I am away from my computers, I carry a Hipster PDA. It's just a plain A4 paper folded three times so that it measures approximately 7.5cm times 11.5cm. I use four sides of it until I scan the old one and create a new one.
I write down the current date and a horizontal line whenever I write something on it and a checkmark at the beginning of each line.
Simple, cheap, and it gets the job done very well.
Either I resolve tasks on it directly and cross out the checkmark or I move the task to my Org-mode and cross out the checkmark. Just to be sure that everything gets done in time, I've got a recurring "check Hipster PDA"-task in Org-mode. You might as well be interested in my blog posts where I describe how I am using Org-mode (or some videos).
In terms of pens I recommend Fisher Space Pen Bullet since they write independent of their position in your pocket. Other pens tend to refuse to write instantly whenever they were upside down for too long.
If a plain paper is not enough for you, you should check out http://PocketMod.com which is a very cool locking interactive service to produce an enhanced hipster PDA.
Update 2023-05-19: Passkeys ergänzt und Microsofts Empfehlungen von 2FA-Methoden
Ich war beim Podcast Methodisch inkorrekt! in Episode 239 mit einen Audiokommentar on air, wo ich etwas zu den Themen "Wie man eine Authentifizierungs-App auswählt" und Passwortsicherheit im Allgemeinen sagen durfte. Der bezog sich auf die Diskussion zum Thema "Google" der Podcast-Episode 238 "Mö Mö", wo Reini einen etwas saloppen Kommentar zu der Thematik geäußert hat.
In diesem Artikel möchte ich den Teil mit den Tipps zum Umgang mit Passwörtern und Zweifaktorauthentifizierung (2FA) beschreiben.
Ausschließlich sichere Passwörter verwenden
Niemals ein Passwort bei mehr als einem Dienst verwenden
Vertrauenswürdigen Passwort-Manager verwenden
Wenn wo 2FA angeboten wird, immer 2FA nutzen
Natürlich gibt es hier im Detail noch interessante Dinge zu betrachten. Deshalb gehe ich in den folgenden Kapiteln auf die wesentlichen Fallstricke und Hintergründe etwas näher ein. Falls es phasenweise etwas trocken wird empfehle ich trotzdem, da zumindest einmal durchzusteigen, da die Sicherheit all deiner Daten und auch deines Geldes davon abhängt.
Subscribe to one of my feeds:
