The IT Blog

  • Stop Reinventing the Wheel – go to Community Events!

    I can only advise everyone in tech: Go to events, meetups, and webinars — talk to people, exchange ideas. We all face similar challenges. You don’t have to solve everything alone. And if an event turns out to be a dud? Well, so be it — at least you might have grabbed some free food.

    Recently, after a long time, I went back to a Meetup from Munich Datageeks e.V., and it reminded me: Just being able to discuss a few half-baked ideas or questions with someone can make a huge difference. Chances are, the other person has already tried some of them — and that alone can save you a ton of time!

    On that particular Meetup I got some practical ideas for work that we’re discussing and where we don’t have a clear solution yet. This other company has tried some things already and confirmed some of my (theoretical) concerns.

    Later on the same event I was just talking about AI assisted coding with some others folks. I simply don’t have the time to try out all tools! Speaking to some real developers – not just looking at Youtubes or listeneing to Podcasts – and hearing their in-life experience is just precious.

    Fediverse reactions

  • One of the most potentially dangerous failure modes of LLM-based coding assistants …

    I really like having Jason Gorman’s blog posts in my RSS reader. Especially when he’s highlighting some critical issues with AI assisted coding.

    This paragraph for example really made me smile:

    For example, a common strategy they use when they’re not able to fix a problem they created is to delete failing tests, or remove testing from the build completely,

    What Makes AI Agents Particularly Dangerous Is “Silent Failure”

    I just had to smile because I probably would have been quite surprised to see that happening.

    But okay. It’s another thing I put onto my mental list to care about when doing AI assisted coding.

    Check out his post: https://codemanship.wordpress.com/2026/02/27/what-makes-ai-agents-particularly-dangerous-is-silent-failure/

  • How to: Utiq Tracking sperren (Tracking via IP & Telefonnummer)

    Ich bin kein großer Fan davon, im Internet ge’tracked zu werden. Bisher dachte ich, Cookies löschen und Pi-Hole wären schon eine recht gute Lösung. — Dass aber noch direkt am Telefonanbieter auch noch ein Unternehmen steckt und cookieless track’ed, hat mich dann doch sehr überrascht.

    (more…)
    Fediverse reactions

  • Agent finops

    The start of this article made me laugh:

    The first time my team shipped an agent into a real SaaS workflow, the product demo looked perfect. The production bill did not.

    FinOps for agents: Loop limits, tool-call caps and the new unit economics of agentic SaaS

    I wasn’t laughing out of malicious joy, but as it’s something that quite a lot of people don’t think about when they start AI / Agentic coding: Whenver you give the program flow the opportunity / ability to make queries on it’s own judgement, think about the case that the thing (I don’t want to call it AI) could run into an infinite loop. And every query to the LLM generates real costs.

    And with “costs” I don’t just mean “a busy CPU” like in traditional infinite loops. More like “costs” in terms of Lambda Horror Stories: Suddenly, every loop querying your LLM provider hit’s your budget.

    And that might get even more interesting in case of vibe coding, where such an infinte loop is burried in thousands of lines of auto-generated code. Oh we have interesting times ahead!

    Check out the article: https://www.infoworld.com/article/4138748/finops-for-agents-loop-limits-tool-call-caps-and-the-new-unit-economics-of-agentic-saas.html

  • AI amplifies DevOps

    DevOps is the backbone of modern software delivery. The latest insights from Developer Tech on Perforce’s AI-driven tools highlight why — again.

    70 percent of the organisations report their DevOps maturity materially affects their success with AI. Rather than replacing established delivery practices, proper foundational workflows serve as the prerequisite for scaling these capabilities.

    Perforce Software: How AI is amplifying DevOps | developer-tech.com

    What’s remarkable out isn’t just the AI integration. It’s how it amplifies DevOps’ core strengths: bridging team gaps, automating repetitive tasks, and ensuring reliability at scale.

    Collaboration, Speed, and Resilience

    DevOps thrives on collaboration, speed, and resilience. AI doesn’t replace these principles — it supercharges them. Perforce’s tools streamline code reviews, predict deployment risks, and optimize workflows. They’re not just upgrades. They’re force multipliers for teams drowning in complexity.

    It’s not an “either or”

    The article also points out that DevOps without AI risks obsolescence. Manual processes become bottlenecks – but AI-driven insights — whether in testing, monitoring, or incident response —turn the huge amount of data into actionable insights.

    That’s not hype. It’s a competitive edge. The future isn’t about choosing between DevOps and AI. It’s about how well you integrate them.

    Check out the article: https://www.developer-tech.com/news/perforce-software-how-ai-is-amplifying-devops/

    Fediverse reactions

  • The Illusion of Smart Home Security – or – the remote controlled WebCam in your Home

    Smart home devices are sold with the promise of convenience: plug-and-play setup, remote control, automatic updates, seamless integration. But the recent DJI robot vacuum breach raises questions we should all be asking.

    What happened?

    Sammy Azdoufal, a software engineer, didn’t even need to “hack” anything. By reverse-engineering DJI’s cloud communication, he discovered that the same credentials for his own device also granted access to 7,000 others. Cameras, microphones, even floor plans — all exposed.

    DJI claims the issue is fixed, but to me the incident raises a fundamental question: Do these devices really need to make cameras and microphones accessible from the internet?

    The Myth of Perfect Security

    Shouldn’t we accept that 100% security is just impossible. Obviously, even companies like DJI, with resources and expertise, aren’t immune. But shouldn’t we acknowledge that breaches will happen?

    What if smart devices stored data locally by default and only synced when explicitly needed? What if users could at least choose between internet exposure and local/VPN-only access?

    Yes, there might be technical challenges. But let’s be honest: Does a vacuum cleaner really need to expose its camera feed and microphone to the internet? For status updates? For remote control?

    And even if we say: okay some users really really want it. Why can’t we just have the option to turn reachability via internet on or off?

    But nowadays the only solution seems to be: just don’t buy devices that are “too” smart.

    Fediverse reactions

  • Rules don’t always work on AI agents

    A recent Mastodon post from @solomonneas highlights an annoying issue: an AI agent pushed to the main branch 12x, despite clear instructions not to.

    […] My agent pushed to main 12 times despite explicit instructions.

    Fix: git pre-push hooks on 39 repos. Agent can’t push code to main because git rejects it. No willpower needed. […]

    Mechanical enforcement > written instructions.

    @solomonneas@infosec.exchange

    The post really speaks for itself:

    • Agent rules are not 100% reliable
    • KISS: Keep it Simple, Stupid. Don’t make it more complex than necessary. (= don’t start fiddling around with additional AI)

  • The Misleading Platform Term

    In the past couple of years, lot’s of companies are providing platforms to their employees. Be it for Data Analytics, Compute, Self-Service-something. – Which is all great. I’ve even been involved in one myself.

    The problem just is: What exactly is a “platform”? At some point, I was frustrated enough to say “Whenever a manager doesn’t know what s’he is talking about, s’he is talking about a platform“. And honestly this was fired by the fact that whenever I started digging into a definition, things became more than fuzzy.

    So, what IS a platform? Gartner defines ist as

    A platform is a product that serves or enables other products or services.

    Platforms […] exist at many levels. They range from high-level platforms that enable a platform business model to low-level platforms that provide a collection of business and/or technology capabilities that other products or services consume to deliver their own business capabilities.

    Defniition of a Platform (Digital Business) – Gartner

    There’s nothing wrong with this definition. But it’s quite fuzzy. Imagine a normal Tech stack in an enterprise, how many platforms are you talking about?

    • The datacenter / cloud providing the hardware.
    • In Enterprises you usually have a central unit providing access to the cloud, they are also providing a plattform by their service.
    • Are you running something like Databricks? It is a platform as well!
    • Are you providing infrastructure service for your unit? You are providing a platform consisting of technical and orginzational boundaries!
    • Do you provide a Code framework that abstracts common tasks? Another platform.
    • And if your developers use that Framework so that others can also do something on their own, they are also providing a platform.

    What stands out here is that the layers are a mix of pure technology but also processes (providing acces e.g).

    But is that really enough?

    To me – in a normal corporate context – a platform definition should go even a step further beyond technology and processes but also include a third element: people.

    You need the technology (of course).
    You want the processes (to ensure security & governance for example, onboarding, maintenance and monitoring, cost control).
    And the mentioned people.

    The people are in multiple roles:

    • the developer community, working with / on the platform, helping each other and ensuring that rules are followed.
    • the platform people enhancing and amintaining the platforms
    • maybe a platform owner who plans the future of the platform and keeps the contact to developers and stakeholders.

    This might make the definition more complex. But to me, it makes the definition ways more clear and understandable. It even does not vialoate Gartner’s definition because the people are part of the “service, that serves or enables other products or services“.

    Pablo Enocc pointed me to an article written by Davine Winer (in 1995!). In this article – “DaveNet: What is a Platform?” – Davine shares an excellent view about platforms as layered elements of APIs, Users, Developers, Commitment and potential. It is definietly worth a read!

    So whenever someone speaks about a platform, it might be worth asking what exactly they see as part of their platform.

  • How an Identy Check is distributing your Biometric Data

    I just came across “I Verified My LinkedIn Identity. Here’s What I Actually Handed Over.” and thought it might be worth sharing

    It’s a story of someone just wanting the “verified checkmark” on LinkedIn. Quite legit, right? Just that – afterwards – he started to check which companies his biometric data are now shared with.

    17 companies with Anthropic, OpenAI, and Groqcloud on the list. And just as I wanted to mention “Usually — as a company — you have enterprise contracts that the data must not be used for training purposes”, the next surprise comes up. Because by using the system you consent to exactly that – well okay, not consent but “Legitimate interest”.

    In the end I agree: the checkmark might not be worth the invest.

    Check out the article: https://thelocalstack.eu/posts/linkedin-identity-verification-privacy/

    Fediverse reactions

  • Nolto.Social is gone, but is has shown the Demand!

    Nolto.social started as a small experiment as a free alternative to LinkedIn. The author wanted to explore ActivityPub and see what could be built. There was no funding, no team, no roadmap. Just an idea and some time.

    Within a few weeks, almost a thousand people signed up. Companies created pages. Articles were posted. Events were shared. I never marketed it. It spread through blogs and word of mout

    Nolto.Social [16.02.2026]

    According to the author, Nolto was never meant to be a polished product. It was one person building something interesting to see what would happen. Now, the author has decided to shut it down.

    Some might dismiss it as another AI project failing. – I see it differently.

    What Nolto Really Proved

    Nolto demonstrated demand. A private project attracted users and companies in record time. It showed that people want this. That companies want this. The author open-sourced the code and had the courage to stop it when it became clear the project was beyond their capacity to maintain.

    What I see here is an opportunity!

    Or as JTensetti writes it:

    Nolto proved something simple:

    You don’t need permission to experiment.You do not need funding to create value.

    And you don’t need to be “approved” to build.

    To everyone who builds, even when it’s uncomfortable — keep going.

    The open web is not defined by gatekeepers.

    It is defined by those who dare to build.

    Nolto.Social (16.02.2026)
    Fediverse reactions