General

No Image

The Automotive industry’s inadequate approach towards software (in the cars)

Introduction The automotive industry has witnessed a paradigm shift with the increasing integration of software in vehicles. Modern cars are no longer just mechanical devices with a motor, wheels and steering; they are now sophisticated machines having dozens of CPUs (called ECU), entire computers, high speed network to connect them (called CAN-bus) and relying on complex highly distributed software systems. In my opinion, the industry fails to adapt to this new reality and fully embrace the concept of cars as hardware running software has significant consequences. This may sound contradictory at first, on one side they have these complex systems, on the other side they fail to adapt to this reality. In this article, I will explore how the automotive industry is not dealing correctly with this transformation and its potential implications.   Limited Focus on Software Development and Updates Traditionally, the automotive industry has primarily focused on hardware design and manufacturing, treating software as a necessary mean to make the hardware work. This approach results in a lack of emphasis on software development practices and updates capabilities. While cars are becoming more connected and dependent on software for various functionalities, manufacturers often overlook the importance of continuous software improvements…

Read More

So much hype about Chat GPT… here are some facts

So much hype about ChatGPT these days.. But what does it mean? So, I gave it a try … and I created an account. This is the first post from many about ChatGPT. First thing you see when you go on the page:   CapabilitiesRemembers what user said earlier in the conversationAllows user to provide follow-up correctionsTrained to decline inappropriate requests LimitationsMay occasionally generate incorrect informationMay occasionally produce harmful instructions or biased contentLimited knowledge of world and events after 2021   I will only see later how true these warnings are 🙂     Query: What does Chat GPT mean? ChatGPT: “ChatGPT” stands for “Chat Generative Pretrained Transformer”. It’s a language model developed by OpenAI, which uses the Transformer architecture and is pre-trained on a large dataset to generate human-like text in response to prompts.     Nice, let’s try something else: If I ask about me or several people I know, but not any VIP person, nothing is found. If I ask about big VIPs, like Joe Biden, Olaf Scholz, Michael Jackson, then it finds various things you would find by just googling.. But then if I provide an anchor, a starting point, apparently this more information confuses the…


Takeovers in the IT-Security Industry

I just sow a post by AV-Comparatives called  “AV-Comparatives Explains the Implications of Takeovers in the IT-Security Industry” The entire article is very interesting and it is worth reading. And it is also objective and valid as well! Great job, AV-Comparatives! What made me write this post is the graphic at the end of the post (courtesy of AV-Comparatives):   I became immediately nostalgic  when I sow that it starts with 2003, the acquisition of GeCAD by Microsoft. I was there when this happened! For those who don’t know, I started my career in cybersecurity in 1999 at RAV Antivirus, produced until 2003 by GeCAD. I was in the industry when all these M&A happened and I was actually working with some of them when they were acquired. I am still working with some of them. 😉 Of course, the most interesting one was Avira being acquired twice in 12 months. I was no longer working as an employee of Avira, but I was working with Avira in 2020, when it was first acquired. I don’t know if these acquisitions are the only ones that happened in the AV industry, but this list it is for sure the most complete…


Cyber Monday – enjoy the discounts safe !

Today is Cyber Monday , a day when all webshops (and not only)  give big discounts to many products they sell. Even if the discount campaigns of some webshops are incredible and too good to let it go, you should think twice before giving the order: the discount is for a product that everybody wants and seems very hard to find. Think of PS5, latest XBOX, etc…. the discount is waaaaayyy too big to miss you haven’t seen that website/webshop before you haven’t bought from that webshop before you haven’t seen on the Internet any review about that webshop you are being requested to give your personal details, card or bank PIN number If you answered YES to at least one, then STOP right here, right NOW. As a rule of thumb If something is too good to be true, then probably it isn’t!   How can you recognize if a webshop is fake or fraud? Transform the 5 statements above in questions and ask yourself. Is the discount for a product that everybody wants and seems very hard to find? Why would any shop (online or offline) exactly the product that everybody wants at almost any price, reduce it…



BSI: Die Lage der IT-Sicherheit in Deutschland (German)

Quelle: https://www.bsi.bund.de/DE/Service-Navi/Publikationen/Lagebericht/lagebericht_node.html   Malwarelage: Das vergangene Jahr war geprägt von einer deutlichen Ausweitung cyber-krimineller Erpressungsmethoden. Nicht nur die Anzahl der Schadprogramm-Varianten stieg zeitweise rasant an – mit bis zu 553.000 neuen Varianten pro Tag der höchste jemals gemessene Wert (siehe Kapitel Neue Schadprogramm-Varianten, Seite 11). Auch die Qualität der Angriffe nahm weiterhin beträchtlich zu. https://multimedia.gsb.bund.de/BSI/Video/Lagebericht/2021/lagebericht-1-Schadprogramm-Varianten.mp4   Die Hauptbedrohungen: Cyber-Erpressungen entwickeln sich zur größten Bedrohung (Ransomware) https://multimedia.gsb.bund.de/BSI/Video/Lagebericht/2021/lagebericht-2-Ransomware.mp4   Schwachstellen https://multimedia.gsb.bund.de/BSI/Video/Lagebericht/2021/Lagebericht-3-MS-Exchange-Schwachstellen.mp4 Der Faktor „Mensch”     Mehr in dem PDF Dokument von BSI hier: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/Lageberichte/Lagebericht2021.pdf?__blob=publicationFile&v=3


No Image

Twitter is strange when it comes to business accounts

I created my company’s Twitter account, called  @EndpointCS . Obviously, I tried to add the birth date of the company: 1.1.2015. Well, imagine what happened next with my brand new account: it got locked because the owner of the account must be at least 13 years old. And my company is only 6 years old. I had to submit a photo of my ID in order to get it unlocked. Fortunately, and very surprisingly for me, the process took a few minutes. Did they automatize it ? I think so… otherwise it couldn’t have been so fast.   So, Twitter, get your processes straight. In  case you’re wondering, there is no official way to set up a business account. You still need a person to create it and mark it as such. And that person must be 13 years or older. 🙂  


A post about searching a software developer on LinkedIn that didn’t go as planned

I was and still am in need of a freelance Android developer with experience in Java. After trying all other possibilities (my own network) I decided to post the job on LinkedIn. Due to the special requirements of the project, I needed a very close and good cooperation between myself, the customer and the developer. For this reason, I asked in my post on LinkedIn to be contacted by freelancers in the CET +/- 2 Timezone. Now, if you look on a map, this means approximately until Turkey in East and Portugal in West. I did not mention restrictions on nations because I have no prejudices with whom I work. I work now and have worked in the past with people from all around the world and I can really work with anybody. I published it on Thursday the 18.2.2021, on Friday I closed the comments, and finally I erased it on Saturday 20.2.2021 in the evening.   Let’s have a closer look on the post.   I wrote specifically : I need an experienced freelancer PM me only if you meet this requirement… “Companies are excluded”, because I want to build a long-term relationship with that person.    Let’s…


Facebook advertising at its best

It is known that the Facebook advertising is very aggressive sometimes and that it very often fails. Very often I find strange ads and I click on the details in order to to see why was it displayed to me. If you click on Hide Ad: And then, for example, click on “Irrelevant”:   Then, you can click on “Why did I see this ad?”. I found very strange to see one ad for some kind of sales training and process improving (?!). To my surprise, I’ve seen that the ad was targeting “Star Wars” fans… :))   The other two requirements are always the same: – 18+ – location Germany     So, is this intended and there is actually some study that shows that Star Wars fans are more inclined to buy consulting for improving sales ? What do you think ?    


“Your Site Has Been Hacked” ransomware email campaign in the wild

I was actually not expecting this kind of ransomware… I am used by now with “You’re hacked”, “You’re infected”… and others alike , but this one with the website is actually really interesting. What I find very disturbing is the fact that there are 5 transactions. A few were for tests, I think, but there is at least one who paid. They do use the a correct website of mine. PS: Of course that my site hasn’t been hacked :))   Here are some of the headers: Return-Path: <hacker@autoservistoth.cz> Received: from autoservistoth.cz ([213.157.59.58]) by mx.google.com with ESMTP id ce7si16117485edb.534.2020.04.17.03.08.14 for <sorin@mustaca.com>; Fri, 17 Apr 2020 03:08:23 -0700 (PDT) Received-SPF: neutral (google.com: 213.157.59.58 is neither permitted nor denied by best guess record for domain of hacker@autoservistoth.cz) client-ip=213.157.59.58; Authentication-Results: mx.google.com; spf=neutral (google.com: 213.157.59.58 is neither permitted nor denied by best guess record for domain of hacker@autoservistoth.cz) smtp.mailfrom=hacker@autoservistoth.cz X-AntiVirus: Checked by Dr.Web [version: 11.1.11.04270, engine: 11.1.9.04170, virus records: 6152810, updated: 8.05.2017] Return-path: <postmaster@thehomebase.top> From: “Hacker” <hacker@autoservistoth.cz> To: sorin@mustaca.com   For indexing better, this is the body of the email. PLEASE FORWARD THIS EMAIL TO SOMEONE IN YOUR COMPANY WHO IS ALLOWED TO MAKE IMPORTANT DECISIONS! We have hacked your website http://www.xxxxxx.com and extracted…


%d bloggers like this: