Menü

ONWERK BLOG

Jahresarchiv: 2016

23.12.2016

Jahresrückblick 2016

Liebe Kunden, liebe Partner, liebe Agenturfreunde,   in wenigen Tagen wird 2016 vorbei sein. Für das Onwerk-Team war es ein besonders bewegtes Jahr, mit aufregenden, zeitweise traurigen und auch sehr viele freudige Momenten. Wir haben viele spannende Projekte umgesetzt, neue Mitarbeiter begrüßen dürfen, neue Technologien gelernt.   Einige interne Strukturen haben sich in den letzten Monaten bereits geändert, dieser Prozess wird im nächsten Jahr weitergehen. Wir haben große Pläne für 2017 und freuen uns schon sehr darauf; auch Sie dürfen gespannt sein!   Nicht allen Menschen ging es 2016 gut, deswegen verzichten wir auch dieses Jahr auf Karten und Geschenke […]
Android Robot Logo

21.12.2016

(Incomplete) List of Android app permissions requiring a privacy policy

„Your app has an apk with version code xyz that requests the following permission(s): …. Apps using these permissions in an APK are required to have a privacy policy set.“     This is a notification display in the Google Play Developer Console, when an Android app is requesting one or more certain permissions. Google states that every app that „handles personal or sensitive user data (including personally identifiable information, financial and payment information, authentication information, phonebook or contact data, microphone and camera sensor data, and sensitive device data)“ is required to have a „privacy policy in both the designated […]

02.12.2016

Configure nginx for SSL

When setting up nginx to use HTTPS we checked the site with the SSL Server Test of Qualys. The result page showed several hints to improve security.   SSL Configuration   Key Exchange / DHE (Ephemeral Diffie-Hellman) parameters The default nginx configuration will use a key that is too weak. To generate and use a stronger key, first generate a stronger DHE parameter:   sudo openssl dhparam -out /etc/ssl/private/dhparams.pem 2048   This will create a new file dhparams.pem in /etc/ssl/private/, containing the new key. The key file can be reference in the nginx configuration with the ssl_dhparam configuration parameter.   […]

23.11.2016

.NET Framework: Directory- and File-methods trim paths

A generic error occurred in GDI+, that was the very generic error message when using System.Drawing.Image.Save to save an image to a previously created directory.   Further investigations showed that it actually was not an error with Image.Save, which in fact was behaving correctly (let aside the cryptic error message). The „error“ was not an error per se, but more an unexpected behaviour of the method used to create the directory: Directory.CreateDirectory.   This method has been called erroneously with a path having a space character at the end of one of path specification parts: private static void Test(Image newImage) […]

23.11.2016

Docker Security: Check file checksum before you add an apt-key

If you’re adding additional sources for apt-get in your Dockerfile you should make sure that the correct key is added, otherwise the integrity of your Docker image may be violated. You can do so by using sha256sum to generate the checksum of the downloaded file and compare it to a given checksum. That checksum could be listed on the web page where you download the file from or you can create it by yourself with sha256sum: $:~/Docker-apt-key-security$ sha256sum archive.key 191f801a17273f25b781c580c2900d2fd58064554220ad6e18698aeb3c3afe70 archive.key In that case "191f801a17273f25b781c580c2900d2fd58064554220ad6e18698aeb3c3afe70" is the checksum of the file archive.key. Use that checksum in your Dockerfile, once the […]

05.11.2016

With Docker in 5 minutes from developer to test server

An on-premise „Docker Cloud“-like workflow from repository to Jenkins to test server   As a software company for individual software solutions we are developing software in highly diverse settings, in means of programming languages, databases and environments: Node.JS, PHP, C#, MySQL, MongoDB, MS SQL, Windows, Ubuntu, Debian, you name it. That makes it a challenging task to provide test servers or acceptance test servers for fellow developers, project managers and customers. We used to solve this by spinning up multiple virtual machines or cloud servers. This became more and more complicated, extensive to maintain and resource consuming. Furthermore, it had […]
Nach oben
Zur Desktop-Version