On this page you can see the latest blog updates. For further articles, please use the search bar or navigate through the blue tags.
My recommendations are pim, privacy, or security.
If you're, for example, contributing to a reddit thread about something which is irrelevant or anything with only a short-term relevance, this article does not apply to you right now.
However, as soon as you're helping somebody solving an interesting issue, summarize your experiences with something or write anything that might be cool to be around in a couple of years as well, you do provide potential high-value content. My message to all those authors is: don't use web-based forums.
In late 2023, I got the opportunity to give a talk at the 37C3 by the CCC in Hamburg. This talk was not recorded but overlaps in most parts with the recorded talk above.
TL;DR: all of the content of closed, centralized services will be lost in the long run. Choose the platform you contribute to wisely now instead of learning through more large data loss events later-on.
Ihr habt die letzten Episoden überlegt, wie es mit dem verstorbenen Podcast-Forum weitergeht, da die alte Wordpress-Instanz sowieso einen Neustart gebraucht hätte. Ihr sucht nach Hilfe, da ihr die technischen und organisatorischen Herausforderungen nicht mehr alleine stemmen wollt.
Verständlich.
Ich hätte da einen vielleicht etwas unkonventionellen Vorschlag.
Allerdings hat mein unkonventioneller Vorschlag aus meiner Perspektive sehr viele Vorteile für euch:
Das mag jetzt seltsam klingen aber ich denke, das ist absolut praxistauglich. Let me explain anhand eines Serviervorschlages für die beiden Perspektiven: das minkorrekt Team als auch die der Hörer:innen.
Klarerweise bleibt hierbei noch offen, wie man die Webseite an sich mit Artikeln befüllt. Allerdings zu diesem Teil des Problems gibt es sehr viele andere Möglichkeiten, wie beispielsweise die Klasse von statischer Webseitengeneratoren. Das aus meiner Sicht spannendere Problem ist daher, wie man die Interaktion mit den Hörer:innen gestaltet.
Ich war beim Podcast Methodisch inkorrekt! in Episode 239 mit einen Audiokommentar on air, wo ich etwas zu den Themen "Wie man eine Authentifizierungs-App auswählt" und Passwortsicherheit im Allgemeinen sagen durfte. Der bezog sich auf die Diskussion zum Thema "Google" der Podcast-Episode 238 "Mö Mö", wo Reini einen etwas saloppen Kommentar zu der Thematik geäußert hat.
In diesem Artikel möchte ich den Teil mit den Tipps zum Umgang mit Passwörtern und Zweifaktorauthentifizierung (2FA) beschreiben.
Ausschließlich sichere Passwörter verwenden
Niemals ein Passwort bei mehr als einem Dienst verwenden
Vertrauenswürdigen Passwort-Manager verwenden
Wenn wo 2FA angeboten wird, immer 2FA nutzen
Natürlich gibt es hier im Detail noch interessante Dinge zu betrachten. Deshalb gehe ich in den folgenden Kapiteln auf die wesentlichen Fallstricke und Hintergründe etwas näher ein. Falls es phasenweise etwas trocken wird empfehle ich trotzdem, da zumindest einmal durchzusteigen, da die Sicherheit all deiner Daten und auch deines Geldes davon abhängt.
2024-07-13: Added censorship which causes narrow bubbles and
hate.
2026-02-13: Added a quote from the Tech Oversight Report on teen
addiction as a "top priority" goal for big tech
The Fediverse is an umbrella term for a federated set of social networking services that are able to exchange messages among each other.
You already know another federated Internet service: email. With your business email account, you can exchange mails with people using other email providers such as GMail, yahoo, hotmail, and so forth. It does not matter if your email partner is hosted on the very same email server as you. This is because both email services are able to talk to each other via an open standard.
Same as with email, you can decide to run your own server for a Fediverse service. Those servers are also called "instances". For instance, the instance graz.social (disclaimer: I'm affiliated) is running a few Fediverse services for our local community.
The most prominent Fediverse service is called Mastodon which is similar to X/Twitter. There are other Fediverse services you can imagine as free alternatives to some commercial networks:
I think that you definitely should start using free Social Network services from the Fediverse. Maybe as an additional network for starters. But then you really should think of stopping to use the commercial ones for multiple reasons.
And this is the story why this would be a very wise decision by you in the long run:
The Main Arguments in Short
… for the impatient
Downsides of Typical Commercial Social Networks
… and why Mastodon is an improvement (or not)
Downsides of Mastodon
… let's be honest
Things You Don't Get Elsewhere That Easily
… just to give you some ideas
Summary
It's a long article. But you are free to skip sections that are not of interest to you right now. This article is not - and will never be - a complete guide for beginners. The main goal of this article is to express my arguments why it is a good idea to use Mastodon as your main social network and probably stop using all the others as they are unhealthy and manipulative.
mit Interesse habe ich Ihren Artikel zu sozialen Medien in Ausgabe 6/26 gelesen. Die kritische Auseinandersetzung mit Endless Scrolling und süchtigmachenden Algorithmen war wichtig und überfällig – gerade weil diese Mechanismen nicht nur Kinder und Jugendliche betreffen, sondern uns alle. Während über Social-Media-Verbote für Minderjährige diskutiert wird, bleiben Erwachsene denselben manipulativen Designs ausgesetzt.
Was mir jedoch fehlte, war eine Recherche zu Alternativen, die bereits existieren und ohne diese problematischen Mechanismen auskommen. Das Fediverse – ein dezentrales Netzwerk mit Mastodon als bekanntestem Vertreter – zählt mittlerweile etliche Dutzend Millionen Nutzer:innen besonders im deutschsprachigen Raum. Hier gibt es keine Algorithmen, die uns in Filterblasen drängen, keinen endlosen Feed, der uns die Zeit stiehlt, und keine Konzerne, die unsere Daten monetarisieren.
Gerade jetzt erlebt das Fediverse durch Initiativen wie di.day einen bemerkenswerten Aufschwung. Diese Entwicklung verdient journalistische Aufmerksamkeit – nicht nur als technische Randnotiz, sondern als gesellschaftlich relevante Alternative. Es geht um digitale Souveränität Europas, um die Unabhängigkeit und Privatsphäre unserer Daten, um die psychische Gesundheit unserer Kinder und um unsere eigene.
Ich würde mich freuen, wenn der Falter in Zukunft auch diese konstruktiven Ansätze beleuchten würde. Kritik ist wichtig, aber das Aufzeigen von Auswegen macht sie erst wirklich wirksam.
Here's another real world comparison, although they are often problematic when you take those comparisons too seriously or you did not think it through properly. They always do have their problems when it comes to details, of course.
As I've stated already in Emacs is Not Just An Editor, I don't think that those editor wars do serve any useful purpose. I'm using both, vim and Emacs, for decades on a daily basis.
(Please note that I'm using "vim" as a term for the whole family of editors: vi, vim, neovim, ...)
I got the impression that most users of vim do not have the full picture when they complain about alleged downsides of the Emacs platform. And not every argument is meant in a jokingly fashion.
The earliest point in time where I myself was able to grasp the fundamental difference of Emacs to basically any other software, not just vim as a text editor, was only a couple years(!) before I started to embrace it. Some people will be faster in understanding all the impact, I'm sure. Unfortunately, from my experience most users of vim never got near that point in time.
Therefore, I think that comparisons from real world scenarios may be able to help to bridge this gap a bit. Let's try this one using a bicycle metaphor.
Disclaimer: ich bin kein Experte in dem Gebiet, kann auch die Theorien dahinter nicht so genau einordnen und fand die erwähnten Inhalte prinzipiell mal interessant, da sie eine mir logisch erscheindende Alternative zum gängigen Erklärmodell liefert, das auch für mich noch nie so richtig Sinn ergeben hat.
Wenn Herr Runge-Segelhorst deiner Meinung nach Blödsinn erzählt hat, dann freue ich mich über einen Kommentar, wo auch Quellen zitiert werden, wo man nachlesen kann, weswegen das Erwähnte nicht korrekt sein sollte.
To: drahtesel@argus.or.at
Cc: argus.steiermark@radlobby.at, hannes.friedrich@radlobby.at
Subject: Bitte keine Unterstützung für Geldmacherei mit wirkungslosem Schwurbel
Guten Tag,
Leider musste ich in der Drahtesel-Ausgabe 4/2025 auf Seite 11 feststellen, dass sie eine meiner Meinung nach unzureichend als Anzeige zu erkennende Seite platziert haben, wo Sie Werbung für überteuerte Produkte machen lassen, die nachweislich wirkungslos sind und mehrfach als Schwurbelei aufdeckt wurden.
Here is a list of tasks I do on my computers and the software I am using for accomplishing these tasks. The first column also links corresponding workflow descriptions with further information on how I am doing things which should be our focus, not the tool. At the very bottom, there are links to more workflow descriptions.
For all the Emacs people visiting this page: here, I just list a few Emacs packages. For more details on which packages I'm using for my workflows, please do visit my online Emacs config and check out the first chapters explaining my setup.
Update 2025-12-04: Added reference to Clarke's Second Law
I love to watch someone doing stuff on computers. Partly this is because I am able to learn new things. Partly this is because I love to help people getting more efficient. Not because I want to show them how great I am. I do this because of my general aversion to spending time on things that can be done faster or avoiding things that are not worth the time at all. Additionally, I have so much fun when I am able to help people making their (IT) world a bit more enjoyable.
When I do give advice, I sometimes suggest a different tool which I do think might be better for the job. Sometimes I suggest a slightly different method to achieve the same or even a better result.
However, Many times I hear the phrase "it's OK, it's good enough for me" when I try to give advice on personal information management in general. I do think that in many cases, this is just an excuse.
Here's a neat trick that might be handy for some of us. Imagine, you'd like to add something to your upcoming meetings. Since you've got lots of weekly meetings, this task would be tedious to do.
It's not that easy to explain so let me try it using an example from my personal work life.
2025-07-18: solution for Debian 13 with Gnome and Wayland
2025-11-13: KDE Plasma (and Wayland)
Here is a neat little PIM improvement which has a great impact on my personal way on how to deal with Virtual Desktops and windows on my GNU/Linux systems. After using it for a few months, I do find this method brilliant and therefore, I need to blog about it.
Working with many application windows on different Virtual Desktops comes with a burden. In most setups, you have to manually switch desktop before you can see the corresponding windows and switch to them. However, in my usual work I know exactly to what window I'm going to jump to, independent of my current Virtual Desktop.
Same as with using a (local) search engine to "teleport" to a specific web site, computer file or start an application, I introduced myself to a method to teleport to any open window on my computer.
In combination with the Firefox add-on "window-titler", I may switch to arbitrary windows by simply invoking a custom keyboard combination, enter a search term (if it's unique with few letters, it's really quick), press Enter and my focus is switched to the Virtual Desktop and the window of choice.
This is an article describing my KDE setup. It gets updated on new changes.
Brief background: I've been using the XFCE desktop environment for more than 15 years until 2025-08 when I wanted to try out something new with some additional armenities and better styling. Then I set up a new GNOME desktop environment with GNOME 48 of Debian 13 (Trixie).
However, I've face some issues I could not fix over a couple of months. So I tested Debian 13 Live KDE on 2025-10-26 and found out that most things I had to add GNOME extensions and manual workarounds were built-in with KDE 6. So I migrated to KDE and this is my system configuration just like I did with my GNOME setup before.
With the switch to KDE, I also started with a dotfile management tool called chezmoi. In particular for KDE ini file management, I also installed chezmoi_modify_manager. The latter allows for ignoring KDE ini file settings that are host/user-specific and should not be synchronized across hosts. My settings for chezmoi+chezmoi_modify_manager will not be public as they contain too much personal settings where I don't want to spend too much effort for obfuscating before publishing. So far, I really, really like this kind of dotfile management concept.
It got complicated. In my opinion, we do need an overview, what information is visible/exposed/known to/by whom when using the Signal messenger software.
Until a few years ago, the situation was somewhat simple: there was your phone number, E2E encrypted content and some meta-data on the conversation and list of contacts. There were some analysis by Signal and external parties. All fine.
However, in the meantime, we've got additional features that complicated the situation in a way that even security savvy people don't know the details.
2025-10-11: Example on how SilverBullet deals with MD
downsides.
2026-01-11:
Article listed on Hacker News but comments are mostly missing the
whole point of this article (see section "Related Point Of Views").
Comment by Max and my response.
This is a — hopefully qualified — rant about the use of Markdown as a Lightweight Markup Language (LML) instead of other LMLs that are more qualified to do the very same job.
I'm very well aware that Markdown is the most widely used syntax for that purpose at this moment. It's so widespread that most people do think that Markdown is the only LML there is.
My point is that Markdown is a bad syntax choice for LML applications. I think I have good arguments for my point. I also mention better designed LMLs that you should use instead in order to simplify your personal digital life as well as the digital life of so many others that are about to learn their main LML.
I am trying to explain everything from the basics as well. Furthermore, I try to explain everything within that context in order to address people who are not tech-savvy. If you know, e.g., what file formats are, you may skip sections, of course.
Why Do I Bother?
Why You Should Bother?
What You Are Going to Learn Here
What Is an LML?
Orgdown as an Alternative LML
I Still Don't Know What You Mean by an LML
The Main Characteristics of an LML
OK, what now?
The Origins of Markdown
Markdown Flavors
Orgdown Compared to the Original Markdown
Markdown Is Easy to Read by Humans
Markdown Is Not Easy to Learn by Humans
Markdown Is Not Easy to Type by Humans
Markdown Is Not Easy to Process by Tools
You Can't Fix Markdown
What Are the Alternatives?
Orgdown as One of the Alternatives
Summary
Related Point Of Views
(TL;DR: Among other Markdown design issues, Markdown with its zoo of different flavors has too many practical issues to deal with that better designed LMLs offer much better alternatives with almost similar tool support. So you don't have to get rid of your workflows, just switch to a better syntax.)
Test If Issue Relates to HW or SW → issue sticks to SSD when
switched → it's a software bug
done: gdctl comparison
done: Compare BIOS settings
done: Compare GRUB settings
still: different "Capabilities" listed by lspci -v are probably the hottest candidate to
the solution.
2025-10-05: found and solve the issue
Problem description: Lenovo x13 2-in-1 Gen 5 with Debian 13 GNOME 48: I can't select the native screen resolution for the external 34" TFT which is 2560x1080. Hostname = Cosmo.
In the GNOME screen configuration dialog, I may only choose a resolution (among others) that is similar but not correct: 2560x1440
2025-10-05: TL;DR: For some particular package, I needed testing/unstable Debian sources on Jackson and pinned this package to testing or unstable. Somehow, Jackson took all packages from Debian unstable. So I got a newer kernel than Debian 13 stable/trixie on Jackson without realizing but not on Cosmo. It seems to be the case that the stable kernel from Debian 13 is not able to properly recognize the external TFT. By installing the newer kernel to Cosmo, the external TFT now works with its native resolution. I still need to figure out how to define the unstable package exception for the kernel only. This could have been much easier when I would have checked the kernel version right away.
2025-09-03 IMPORTANT UPDATE: it seems to be the
case that the TU Graz has cancelled almost all "Freifächer" (elective
course, optional subject) without a catalog a couple weeks before they
were supposed to start again. As long as I don't find a way to get into
a "Wahlfächerkatalog" (elective course catalogue) or similar, my lecture
is in question. If you're interested in the lecture
(wherever I may be able to conduct it), please drop me a line
via email at pimlvinfo@ (+the domain of this blog) and
I'll contact you if this changes somehow. I'm truly sorry. Maybe I'll be
able to realize my lecture together with Uni Graz or one of the FHs in
Graz. If you do have connections, please do let me know.
For the TU lecture, I had the pleasure of being able to extend the content as it covers two hours a week (2 SMS or 2 ECTS).
I am proud to report that I always had excellent student feedback.
The short summary is:
Through self-enabled,
tool-independent requirement engineering and
objective market exploration,
attendees of this lecture should be able to
decide on well-suited solutions in terms of workflows/processes and
tools for Personal Information Management.
FIDO2 und Passkeys sind sich recht ähnlich und werden oft auch verwechselt oder über einen Kamm geschert. Es gibt meiner Meinung nach auch keine genaue Definition von "Passkeys".
Für alle Menschen, die ein wenig mehr über die Unterschiede und jeweiligen Vor- und Nachteile lernen wollen, ist dieser Artikel geschrieben:
Ablauf von FIDO2-Authentifizierung "in a nutshell"
Ablauf von Passkeys-Authentifizierung "in a nutshell"
Standards und technische Bausteine
Passkeys und das dafür notwendige Vertrauen in die Konzerne
Nutzung von Passkeys mittels FIDO2-Hardware-Tokens
FIDO2 Hardware-Tokens
Phishing-Schutz
Passkeys oder FIDO2 - was soll ich nun nutzen?
FAQs
Diverse Links zum Thema
Feedback
TL;DR: Zwei moderne FIDO2 Hardware-Token kaufen, die auch mit Passkeys umgehen können. Primär FIDO2 nutzen, wo es geht und ansonsten Passkeys oder mit niedrigerer Priorität auch andere Mehrfachauthentifizierungsmethoden.
Falls ich wo etwas falsch aufgefasst haben sollte oder wenn sich etwas an der beschriebenen Sachlage ändert, freue ich mich über Feedback (unten).
Vor einigen Tagen sah ich in Graz ein Plakat für einen Vortrag im Steirischen Volksbildungswerk von einem bekannten Hausarzt, der meiner Interpretation nach entgegen seines Eides Schwachsinn in Form von Schwurbel in die Bevölkerung trägt.
Ich finde diese Entwicklung sehr bedenklich und möchte hier etwas zur Aufklärung beitragen, um andere Menschen vor finanziellen und immateriellem Schaden zu warnen.
On this page, I collect my public/media appearances of any kind.
I do have a separate press information page with my bio in German and English, summary of my academic work and photographs to download. Drop me a line via email in order to get the URL.
Most recent updates of the last years:
2024-02-16: 37C3 talk
2024-05-23: BarCamp Graz, PIM lecture TUG WS2024
2024-09-15: my three contributions to: Håck ma's 2024
2024-12-16: added my PIM lectures
2025-05-02: GLT25 talk
2025-05-19: barcamp Graz 2025
2025-09-07: Lispy gopher climate technology live podcast
2025-09-17: Podcast "Captain it's Wednesday" about Orgdown
2025-12-14: Brief interview related to the new train tracks between
Graz and Klagenfurt
Some of them are available in German language only.
2015-08-08: Request from comments below: Added description why I am
using a timer switch at all.
2025-09-14: Method doesn't work for battery charge limits.
Many smartphone owners seems to live with a constant fear that their smartphone might die. A clear sign that you might be affected as well could be that you find yourself in a situation where you desperately need to charge your phone during the day.
In German, this is called Eberraute but it's inofficial German name is the more fun here: "Cola-Kraut". If you find it in nature, you need to smell it: it will remind you of Cola.
2025-09-07 Update: see DIY Cola (Part 2) for a different recipe using Cola herbs.
I somehow stumbled over a video on how to make soft drinks with a simplified recipe yourself. To my surprise, the recipes were really simple and effort was small. That got me hooked: does this really end up with soft drinks that taste like the commercial ones we all know?
There is only one way to find out.
My primary focus was the DIY Sprite. I was curious about the taste of the DIY Cola especially after seeing the rather short list of ingredients. And my wife was interested in DIY Fanta. So I had to make all three of them myself.
In 2023, I started to use NixOS. Please do read about the linked article in order to learn about my motivation, my background and my hopes for NixOS back then.
This article covers my issues with NixOS and I also briefly summarize my reasons to choose Debian 13 Trixie as a replacement.
Subscribe to one of my feeds:
