Well, doing none of the many chores to transform his pedo club into something socially acceptable, and instead killing his boredom by holding talks about a topic that has neither anything to do with church nor is he remotely qualified to say anything about, is on a whole other level of disrespect, isn't it?

As far as I understand, in this case opaque binary test data was gradually added to the repository. Also the built binaries did not correspond 1:1 with the code in the repo due to some buildchain reasons. Stuff like this makes it difficult to spot deliberately placed bugs or backdors.

I think some measures can be:

• establish reproducible builds in CI/CD pipelines
• ban opaque data from the repository. I read some people expressing justification for this test-data being opaque, but that is nonsense. There's no reason why you couldn't compress+decompress a lengthy creative commons text, or for binary data encrypt that text with a public password, or use a sequence from a pseudo random number generator with a known seed, or a past compiled binary of this very software, or ... or ... or ...
• establish technologies that make it hard to place integer overflows or deliberately miss array ends. That would make it a lot harder to plant a misbehavement in the code without it being so obvious that others note easily. Rust, Linters, Valgrind etc. would be useful things for that.

So I think from a technical perspective there are ways to at least give attackers a hard time when trying to place covert backdoors. The larger problem is likely who does the work, because scalability is just such a hard problem with open source. Ultimately I think we need to come together globally and bear this work with many shoulders. For example the "prossimo" project by the Internet Security Research Group (the organisation behind Let's Encrypt) is working on bringing memory safety to critical projects: https://www.memorysafety.org/ I also sincerely hope the german Sovereign Tech Fund ( https://www.sovereigntechfund.de/ ) takes this incident as a new angle to the outstanding work they're doing. And ultimately, we need many more such organisations and initiatives from both private companies as well as the public sector to protect the technology that runs our societies together.

A colleague of mine had a (non externally reachable) raspberry pi with default credentials being hijacked for a botnet by a infected windows computer in the home network. I guess you'll always have people come over with their devices you do not know the security condition of. So I've started to consider the home network insecure too, and one of the things I want to set up is an internal ssh honeypot with notifications, so that I get informed about devices trying to hijack others. So for this purpose that tool seems a possibilty, hopefully it is possible to set up some monitoring and notification via uptime kuma.

And they believe all employees actually remember so many wildly different and long passwords, and change them regularly to wildly different ones? All this leads to is a single password that barely makes it over the minimum requirements, and a suffix for the stage (like 1 for boot, 2 for bitlocker etc), and then another suffix for the month they changed it. All of that then on sticky notes on the screen.

This simply tells you that the Railway app is open source, i.e. not proprietary. And you can easily build it yourself if you want to, just fetch the manifest and feed it to flatpak-builder.

that doesn't require I keep a full local copy of all the data

If you don't do that, the place that you call "backup" is the only place where it is stored - that is not a Backup. A backup is an additional place where it is stored, for the case when your primary storage gets destroyed.

Weil hier auch Wacker Chemie steht: die Transformation in der Chemieindustrie ist nicht das als was sie sich verkauft. Dazu gabs vor zwei Wochen einen Vortrag am Chaos Communication Congress https://m.youtube.com/watch?v=us2ps12oXZc&

Yes, if it was as object based as it claims, Get-WmiObject would subtract WmiObject from Get. Instead it is like having all the clutchy drawbacks from being object based without reaping any of the potential bemefits.

If you want anything that actually is object based, just use xon.sh - sane and familiar syntax with insane amounts of power just like that

Because the seemingly great choice of Webbrowsers in reality boils down to a risky monoculture of chromium (/its webengine). The only real alternative is Firefox/Blink. Risky, because the main driver behind Chrome-/ium (Google) is not acting on behalf of the public interest towards a free, open and privacy preserving internet. Instead they're working on a privacy exploiting one that gets locked down using DRM technologies. Them being a vendor of major parts of the internet as well as the browser to use it makes this a lethal combination. Firefox will definitely exist for as long as Google exists, because its their tool to defy claims of a monopoly, but they will do everything to keep it the small and mostly irrelevant "competitor" it is currently. Therefore, stand against Googles evil play and help Mozilla to gain some actual indipendence and leverage for keeping the internet free (as in freedom), open and privacy preserving.

We recently moved away from Trello and settled on GitLab. Might sound a weird decision at first glance, but you can just create an empty repo, create issues instead of cards and visualize them in den "Boards" view.

Key drivers for doing so were that we rely heavily on GitLab already, and that we wanted a trustworthy solution in terms of data privacy. But I guess you'd have a bit of a hard time selling this to an audience that has no experience with GitLab, so decide for yourself if its viable in your case

Du könnstest mal in openstreetmap nachsehen. Man kann Treppen recht detailiert kartiern (Anzahl der Stufen etwa), ich weiß aber nicht wie flächendeckend das zumindest für außergewöhnliche Treppen eingetragen ist.

Never mind the space, tools and time required anyway