GIB
MIR
FRED

fred @ Veröffentlicht am (Update: )

This week I noticed a bunch of Google calendar spam events added to my diary which read “Your iPhone XsMax is ready for PickUp” and contained a link to some external website.

Ok. Somebody added events to my calendar which I did not create. Was I hacked? Obviously I first checked who had access to my Google Account and was relieved there hadn’t been any security breach of sorts (phew!).

However adding a calendar event into my diary is definitely something I would consider a very intrusive move considering that this is a feature I heavily use every single day. My calendar is sync’ed up with my phone – hence every event added to it goes right on my screen. Congratulations! You got my attention!

How this Google Calendar Spam Works

Since I am working in the monetisation space this thing caught my interest right way. How can somebody pull this off without having access to my account? I found this thread on reddit where people seemed to have the same problem.

After reading through it I realised that the concept is strikingly simple. It’s just calendar invites. And apparently this is not even a new thing.

Google Calendar Spam in action: This is what the invites in my spam folder look like.
Event invite emails in my spam folder.

All you need is to send an invite to somebody’s inbox and hope that their client (Google, Office 365, etc.) will hoist the event with on rsvp into the calendar. In case of gmail Google doesn’t seem to differentiate between spam and ham. That’s why even though that email is correctly bucketed into the spam folder it won’t keep it from interacting with your diary. Urgh.

Still I think the idea behind that Google Calendar spam is genius!

The Idea Behind the Exploit isn’t all Bad.

If you think of it your calendar is somewhat of a sacred space. It’s mostly controlled by you and people you interact with. It’s definitely not real estate for advertising – at least not that you would naturally thinking of it being one.

At the same time most people are used to significant events automatically being added to their calendars: Flights, hotel stays, car pickup.. The list of capabilities is long and users know and trust the content parsed from their emails. You would normally not object to hotel check-in or flight departure times displayed in your calendar. For many users this is a clear feature and a very welcome reminder that would otherwise have to be created manually.

For those trust reasons – even though I don’t have access to numbers – I would assume that this spam scheme receives a good amount of clicks. Also the amount of work that needs to be done to invade such great screen estate is very low. So: Chapeau for that idea!

How to Protect your Calendar Against Unwanted Invites

One way of making sure these things do not make it into you calendar would be to disable events being added automatically completely. However I would advise against that: You might miss some important updates. A better way is adding only those event’s to which you have responded.

In order to achieve that, head over to your calendar’s settings. You’ll get there by clicking on the three dots when hovering over your calendar in the list on the left side. This will get you into the settings screen below.

Display only events which I have responded to
Show only events to which you have already responded.

Navigate to event settings and pick choose to view only those events to which you have already responded. Just hit the go back arrow on the top left of your screen to return and apply those settings.

Let’s hope that Google will get smarter when it comes to these quirks. Given how easy it was to invade my calendar it really made me wonder why this hasn’t been disabled yet.

Veröffentlicht am (Update: )
fred @ Veröffentlicht am

Have you ever worked in an environment where making decisions took forever because Manager A had to involve his Super B who in turn involved Stakeholders C, D and E so that your project never took off? Well – then this post is for you.

I’ve had the pleasure to work in a multitude of different work environments over the past 12 years ranging from small single-person businesses (including my own one as well), individual clients over research facilities to Microsoft as one of the biggest global software companies. Right now I’m working for a startup which – ever since I joined three years ago – has impressed me with a tremendous growth.

Over time not only employee numbers skyrocketed but also the organisational direction changed a lot. Things we easily settled by shooting out a single e-mail two years ago were replaced by long discussions and thorough stakeholder meetings. Pespectively the company is changing from a conventional, centralised startup towards a culture that fosters autonomy and self-driven decisions in order to be able to move away from micro-management. „About Communication: Why not Making Tough Decisions is Actually Really Expensive“ weiterlesen

Veröffentlicht am
fred @ Veröffentlicht am

It’s one of the most annoying states your dear OneNote can run into: The infamous “OneNote needs a password to sync this notebook” error. Apparently this is a real issue as you can see here, here and here. It renders your OneNote application essentially useless and drove me almost crazy – especially since it happened to me on my Windows Phone which added another level of complexity to the whole scenario. Nevertheless, I managed to solve it.

„How To Fix: OneNote Needs A Password To Sync This Notebook“ weiterlesen

Veröffentlicht am
fred @ Veröffentlicht am

Es passiert. Am 10. Dezember 2017 zieht Netflix die Preise für seine Abonnements an. Einzig das Basis-Abo wird von der Anpassung verschont bleiben.

Für Netflix war dieser Schritt eher eine Frage der Zeit und musste zwangsläufig geschehen, um sich im aktuellen Streaming-Markt behaupten zu können. „Warum Netflix die Preise ändert.“ weiterlesen

Veröffentlicht am
fred @ Veröffentlicht am

When running a Docker container in some isolated environment (e.g. for testing purposes), one thing you often want to do is to call a service located in some other container running on your host system.

Without some sort of service discovery these are invisible to the container itself. What you need in this case is the IP address of the host system so that it can be reached from within the container. I myself recently had that problem when I locally needed to test how two services directly interact with one another.

Googling the issue I found out that it is highly sought after although the solution is stunningly simple. Get a list of your network interfaces in the shell of your choice:

1
2
3
ipconfig // on windows
iwconfig // linux
ifconfig // linux

The output should be somewhat similar to what you’re seeing in the picture above. Try to track down the docker network interdace et voila: here’s the IP you were looking for.

That being said: On Windows it’s most probably always 10.0.75.1.

Veröffentlicht am
fred @ Veröffentlicht am

In a normal production environment monitoring your application’s output inside a running container should be very straightforward. Logs are usually collected from stdout and made visible in Kibana and your metrics are safely pushed to some time-based storage  (such as Graphite) and then accessible via tools like Grafana.

So far goes the theory – and then there is real life. Remember this one dynamic machine you’re qa’ing on or a shadow instance that you quickly set up a week ago? And all over sudden you find yourself in the situation where you have to debug running code. „In Situ Debugging in k8s & docker Environments“ weiterlesen

Veröffentlicht am
fred @ Veröffentlicht am

Ich habe neulich schon darüber geschrieben, dass es gar nicht so übel ist, klassische Musik mal in neuer Form zugänglich zu machen. Diesmal hat sich unsere BVG freundlicherweise dazu bereit erklärt, die Arie der Königin der Nacht aus der Zauberflöte neu zu vertonen.

Die Melodie ist ja ohnehin ein fieser Ohrwurm und die Verkehrsbetriebe lassen natürlich wieder ausreichend Selbstironie blicken. Ich hatte die Arie selbst schon einmal wochenlang im Kopf (..und genug Mühe damit sie wieder loszuwerden..), weswegen ich davon ausgehe, dass in den nächsten Tagen und Wochen viele Berliner in U-Bahnen durch die Gegend fahren und innerlich singen: “Wenn du doch nur so pünktlich wie schmutzig wärst”.

Veröffentlicht am
fred @ Veröffentlicht am (Update: )

Neulich passierte es im Büro: Einer unserer Italiener holte etwas aus der Mikrowelle, das nicht nur verboten gut roch, sondern – nach seinem Bekunden – auch noch ein echter Klassiker von “Mama” war. Parmigiana di Melanzane, Auberginen in einer dicken Tomatensauce gespickt mit Mozzarella und überbacken mit Parmesan. Eine wahnsinnig leckere vegetarische Geschmacksbombe, die ich unbedingt auf meinem eigenen Tisch haben wollte. Am Ende hat es so gut geschmeckt, dass ich zwar ein Bild vor dem Ofen haben, aber keines danach, weil ich alles direkt aufgegessen habe.

„Rezept: Parmigiana di Melanzane – Mamma Mia!“ weiterlesen

Veröffentlicht am (Update: )
fred @ Veröffentlicht am

Diese Pizza ist eines meiner Lieblingsgerichte, wenn es schnell gehen muss. Sie ist nicht authentisch, aber dafür lecker und schneller als jeder Lieferdienst. Sie ist außerdem perfekt, um den Kühlschrank leer zu kriegen und alle Dinge loszuwerden, die sich irgendwie überbacken lassen.

„Die schnellste Pizza der Welt“ weiterlesen

Veröffentlicht am
fred @ Veröffentlicht am (Update: )

Um acht ist die Nacht vorbei. Lech und seine Frau schlagen sich zuerst ins Bad, ich folge zehn Minuten später zum Frühstück. Es gibt viel Obst, gehacktes Ei mit Mayonnaise (brrrr), Brot, Marmelade und einen sehr leckeren Saft. Die Beiden beteiligen sich großzügiger als von mir gewollt an den Ausgaben – im Gegenzug leite ich ihre Fragen auf Spanisch zu unserer Casa-Mutter Gisella weiter. Gegen neun verabschieden wir uns und verlassen alle das Haus. Ich ziehe Richtung Parque Central los, um von dort aus die Stadt zu erkunden. Havanna ist noch nicht wach, ich setze mich auf eine Bank und nutze die Zeit, um erstmal in meinen Reiseführern zu lesen.

Langsam kommt Leben in die Stadt. Eskortiert von der Polizei rennt eine bunte Menge die Straße hinunter – wohl die bunteste, die ich bei einem Lauf je gesehen habe. Mit Sportbekleidung und ohne, Kinder, Alte, sogar ein Mann mit einem Bein ist dabei. Das Spektakel dauert 20 Minuten und ich wende mich wieder der Planung zu. „Das echte Kuba – Tag 1 – Havanna kennenlernen“ weiterlesen

Veröffentlicht am (Update: )