Xamarin – eine gute Wahl?

Wer eine mobile App entwickeln möchte, muss sich zu Beginn für eine Technologie entscheiden. Bei einer Vielzahl unterschiedlicher Frameworks und Sprachen ist dies kein leichtes Unterfangen, zumal alle Technologien dem stetigen Wandel unterliegen. Eine grundsätzliche Aussage über die beste Wahl für alle Problemdomänen ist nahezu unmöglich, denn dabei spielen sehr viele unterschiedliche Faktoren eine Rolle.Mit […]
Thomas Münzl
comment icon 0 17.08.2021

Kafka Producer and Consumer in Java

In the last part of the series I showed you how to setup a Kafka cluster for development with Docker. This time it’s all about producing and consuming messages with good ol‘ Java.Shall we? Create a new projectI’m going to use IntelliJ IDEA, but you can use Eclipse, Netbeans, VS Code, or even a plain […]
Sascha Müller
comment icon 0 30.07.2021

Kafka Cluster Setup with Docker and Docker Compose

Today I’m going to show you how to setup a local Apache Kafka cluster for development using Docker and Docker Compose.I assume you have a basic understanding of Docker and Docker Compose and already got it installed. So let’s get started. What is Apache Kafka?Kafka was initially developed at LinkedIn as a messaging queue. It […]
Sascha Müller
comment icon 0 20.05.2021

How to train your transformer

In this blogpost I describe a transformer project, how I proceeded, the results, the pitfalls and more. At the end of the post I will repeat all salient points in a TL;DR, so if you are short of time, just skip ahead. The transformer is currently the hottest Deep Learning model. Introduced in 2017, it […]
Dr. Philipp Bongartz
comment icon 0 27.04.2021

Security advisory for path traversal in pixx.io

Path traversal is a security vulnerability (CWE-23: Relative Path Traversal), that can be abused by attackers to get unauthorized access to files.Web applications often include or offer downloading files that are stored on the web server. These files can be referenced by a relative or absolute path. For example, an URL with a reference to […]
Florian Weller
comment icon 0 26.04.2021

Customize react-leaflet-draw

You are using React? You want to implement the functionality to draw on a map? You are already using react-leaflet-draw, but want to customize some things?When your answer to the first two questions is yes, the next section of this article will give you advice which possibilities react-leaflet-draw and leaflet-draw offer you, but other frameworks […]
Christian Zielke
comment icon 0 27.01.2021

Security advisory for open redirect in Vodafone components

Open redirect is a security vulnerability (CWE-601: URL redirection to untrusted site), that can be abused by attackers to forward users to dangerous pages.A web application receives a query parameter with a location, which is normally some kind of internal resource or URL, and sends a HTTP response with status code 301 or 302 with […]
Sebastian Schwegler
comment icon 1 21.01.2021

Warum selbst das beste Tool einen echten Penetrationstest nicht ersetzen kann

Beim Durchführen von Penetrationstests erlebt man immer wieder Überraschungen und findet Fehler, die man sich in seinen kühnsten Träumen nicht vorstellen kann. So auch bei einem eigentlich ganz normalen Penetrationstest für einen Kunden.Zu testen war eine digitale Plattform, die einen Produktpreis sowie einen Rabattfaktor mit vertretungsberechtigten Personen verknüpft, sodass diese Personen dann mit den verknüpften […]
Sebastian Schwegler
comment icon 1 03.11.2020

Memory leaks from CDI

The usual way of dependency injection with CDI using @Inject offers an extremely efficient mechanism to supply an object with its dependencies. However, there are scenarios where a dynamic version of dependency injection is required. For those cases, CDI offers javax.enterprise.inject.Instance, an interface that allows for the dynamic injection of new instances at runtime on […]
Fabian König
comment icon 0 19.06.2020

Statische Codeanalyse: Xanitizer und RIPS im Vergleich

SAST, was für static application security testing steht, ist eine Phase im Software Development Lifecycle (SDL). Ziel dieser Phase ist es, frühzeitig Sicherheitslücken in Softwarecode zu erkennen, sodass diese gar nicht erst in nachgelagerte Systeme gelangen. Neben der statischen Analyse wird auch noch die dynamische Analyse praktiziert, diese setzt jedoch ein lauffähiges Programm voraus.SAST ist […]
Sebastian Schwegler
comment icon 0 17.06.2020

Why does the Covid-19 fatality rate vary so much between countries?

by Jakob Schröder and Dr. Philipp Bongartz This blog post is a data exploration in the context of an internship. We will apply data science methods to Covid-19 data to give a little insight into both data science and the Covid-epidemic. We will present some simple methods and encounter some typical pitfalls – and hopefully […]
Dr. Philipp Bongartz
comment icon 0 10.06.2020

A peek into Automated Machine Learning

A typical Machine Learning (ML) problem is about prediction such as in Forecasting for data-driven decision making or Credit Risk Analysis Using Machine Learning. If the predicted value is a real number, we use regression. For discrete labels (like TRUE and FALSE or WARM and COLD) we use classification. In order to train a machine […]
Felix Kaus
comment icon 0 21.01.2020

Credit Risk Analysis Using Machine Learning

Approving loans without proper scientific evaluation increases the risk of default. This can lead to bankruptcy of lending agencies and consequently the destabilization of the banking system. This is what happened in the 2008 financial crisis which affected the world economy adversely. Three components decide the amount of loss that a firm faces as a […]
Dr. Dibyajyoti Dutta
comment icon 0 10.12.2019