I recently had to update a legacy project. The basis is Java with the Spring framework and an embedded Jetty. This is started via Maven. After updating the Jetty to the current version, I noticed that the server could no longer be accessed after booting. After some testing, it was clear that the Jetty version 9.4.3 (9.4.3.v20170317) worked fine, but the version 9.4.4 (9.4.4.v20170414) did not. To narrow down the problem, I looked at the output in the console: 9.4.3: 9.4.4: As you can see, neither the configurations are loaded nor the beans are initialized. The next step is to have a look at the changelog of version 9.4.4. There you can find this hint: 1467 Change default for WebAppContext.isConfiguredDiscovered to false And in the corresponding discussion on GitHub one finds out that this change is exactly what prevents the automatic scanning of the configuration. So you […]
I would like to come back to the topic of passwords, this time in a professional environment. Over the years I have worked for very different companies. Every time the topic password and password sharing were a more or less big problem. Usually, a process was established that worked reasonably well, but almost always I could still access some services for a long time after leaving the company. Unfortunately, the topic is not easy to solve, but there are a few things you can keep in mind, especially with technology startups. First, let us take a look at how things usually work in a young startup. In the beginning, the developers usually quickly set up a whole series of services, most of which run on their official email address. Sometimes the management even creates the central services itself, but also (and especially) here possibly even with private […]
Sitting is the new smoking. So they say. Because sitting too much and not enough exercise is unhealthy. Say the data. And nobody smokes anymore today, almost nobody. Except for a few incorrigible ones and those who now have these new-fangled vaporizers. And yes, the comparison is a little misleading, because you cannot always choose the sitting position. After all, not every office offers standing desks for working. However, it is said that data is the new gold. And the many services we use today without paying for them are not actually free. We pay with our data. And in fact, we are not the customers, but the product. The customers are the advertisers who use our data for advertising purposes. Or other companies that who knows what to do with our data. The funny thing is: We are somewhere subconsciously aware of that. And actually, it […]
When networks became established in the companies, there was soon a desire to connect to the internal network from outside. The main reason was that you could access its resources in this way. For example, field staff wanted to access files stored on the internal file server. Of course, it would have been a possible way to make the server accessible from outside. It is obvious, however, that this might not be the optimal solution from a safety point of view (not that this has not been done anyway and probably is still being done). It is better to connect to the internal network from the outside and then become a part of it. VPNs (Virtual Private Networks) were introduced for this purpose. The employee then logs on to an externally accessible server with a specific protocol and then can work on it as if he were […]
The average German internet user has 15 different accounts. Some of them he created because he wanted to, others he was forced to create more or less. And every single one of them is normally protected by a password. Of course, the user is lazy and therefore he is using every time the same password. At least since the major security breaches at Yahoo, LinkedIn and Tumblr you see what are the consequences. The leaked email-password combinations were used to try them at others services on a large scale and with an astonished high hit ratio accounts could be compromised. Obviously, the question is how can this be prevented best. Additionally, there are two basic conditions that do not make this easier. For one thing, more and more services insist that the password of the users has to follow specific rules (special characters, numbers, minimum length, …). […]
I just wrote a summary about the new bill regarding the data retention and surveillance (a.k.a. Snoopers’ Charter) in Great Britain. This is one of the most strict in Europe. Once you delve deeper into the subject you will be glad to live in Germany (or not…). Another Reason for Using a VPN: the Investigatory Powers Bill Disclaimer: At the moment I am working at ZenMate. That is why the article is tailored to that. Of course I stand by this statements.