Daniel Thiele IT - daniel@dproject.de

We get plenty of cyber news in Germany. That’s why I focus on my area. Still, afaik we don’t get everything covered — or at least I don’t see everything all the time. But since the big blackout in Berlin a few weeks ago, I expect everyone to know that our infrastructure is built on thin ice. Cyberattacks, on the other hand, are still somewhat more niche, I feel. However, we do get frequent news and official warnings about ransomware attacks, like this one from earlier this month: https://www1.wdr.de/nachrichten/westfalen-lippe/cybersicherheit-handwerk-owl-100.html#:~:text=Der%20deutsche%20Mittelstand%20ist%20nur%20schlecht%20auf,kann%20den%20Weg%20f%C3%BCr%20Hacker%20in%20jeden In other news, something I see personally on my Google News feed is trading and investment ads about AI and other trading apps. As a 40-year-old who grew up with IT and who is “in the market” (financial markets), I see these ads regularly and I know how much fake stuff is going on. I mean, I even get emails fr...

The certificates I get are actually very theoretical. They are just to put them in a pdf and send that out along with my other references from school, uni and work. You can — and I did — install VMs and simulate stuff in Packet Tracer and the like for learning and practice, but a lot of it is just memorization of commands, terminology, and workflow steps on top of everything else. However, in order to memorize, learn, and demonstrate things better, I do have my homelab, documentation, Anki cards (flashcards), and whiteboards filled with notes and graphic-facilitation-style images. These are basically visual anchors and memory palaces that use the Loci and Major methods in ways I haven’t seen before. I record audio, do practice tests, use ChatGPT and NotebookLM, bought online programs — and if I were to show all of that, I would probably just confuse you, or it would take a lot of time to structure it and turn it into something you can read up on or watch as a YouTube video. I also pr...

 The German tax government seems to be advancing in ways that are quite alright IMHO. I think that ELSTER-Online and the use of AI and algorithms in processing the data is just fine and shows how the government can do things right and make progress in their "digitization" endeavors. Bielefeld is facilitating new AI enhanced workflows: https://www.radioguetersloh.de/nachrichten/kreis-guetersloh/finanzamt-bielefeld-testet-ki-einsatz.html I live in Gütersloh though, so I might not be processed by their AI, but I contacted the tax office in Bielefeld for an internship and maybe I will get some more info about the matter.

It was a lot tougher than what I expected. A lot tougher than my programming classes at the university even... A lot tougher than actual programming with assembler. Not because of math or logic stuff. Simply because of so many tools and options and paths to memorize. I guess if you have work experience in Linux for a couple of years it's a lot easier though.  Anyways I got some great "learnings" and learning techniques implemented which should help me now with the second part.

 A gas and energy provider close to where I live got attacked recently. Just because they unknowingly shared stuff publicly they were not supposed to. Using Censys Internet Map, Heise shows in their article that it was easy to access files via HTTP and network share.   https://www.heise.de/news/Stadtwerke-Detmold-nach-IT-Vorfall-offline-11082906.html As a "junior IT guy" who is just following the news about cybersecurity a bit, I am happy there is a need for professional help, obviously, but at the same time, when I read the comments from more advanced members of the community, I am getting afraid about how deeply rooted the problem is, including a false sense of security by government and community. https://www.heise.de/forum/heise-online/Kommentare/IT-Vorfall-Stadtwerke-Detmold-nicht-mehr-erreichbar/Was-will-man-auch-erwarten/posting-45741595/show/ The commenter here says that critical infrastructure is not "critical" enough to be secured properly. The standards a...

Here’s a cleaned, tighter version that keeps your voice—direct, first-person, no fluff. As I mentioned, I’m currently involved with a company called Helferline and I was also in contact with the Red Cross. Both asked me for a Führungszeugnis —so I got one. Given the current state of society and my experience with different companies in various ways, I’ve been thinking about implementing a kind of Zero Trust mindset in life.  Zero trust means "never trust (nobody, even myself), always verify". That means I want some verification that I can be trusted...as a person.  With that certificate, I’m adding a new “security layer.” In networking/security terms, you’d call this: Certificate-based authentication (and authorization) , built on a Public Key Infrastructure (PKI) . If both sides verify each other with certificates (client and server), that’s mutual TLS (mTLS) . This is my way to show you that I can be trusted and my record is clean. Now—do you have something simi...

The truth is: it depends on who is asking. What do you need? What are you looking for in an administrator? Interface skills I studied Media Systems, which sits between media technology and IT. That gave me a broad foundation across fields and terminology. Even though I worked in graphics and management in the entertainment industry, I always had the IT basics with me. That helps me see both sides, communicate both, and do both. IaC (Infrastructure as Code) I have professional experience with Git, markup languages, scripting, and versioning. Even when I sat inside Art and Design departments, the work was usually part of software development for real products used by customers—and sometimes even architecture. Documentation Floor plans and graphics work (e.g., logical diagrams in draw.io) are part of my toolkit. I’ve done documentation and asset management. In games, “assets” are different from physical hardware, but the discipline is similar: we organized and managed thou...