All Postings (101)


Pseudo Twitter


Happy Dinosaur

Learning to pentest!

Physicist, walking down the stack

The First Search Result

Reverse Engineering


Best of 2017

Working Remotely

Computer Science and IT

Taking stock! Physics

Subversive? Physics?

My Philosophy!

Scripts Beget Scripts


Theoretical Physics. A Hobby.

Self-Referential Poetry

Silent Online Writing

'Are You Still Doing PKI?'

My Philosophy (?)

Impact of physics on my life

Not much happened in 2015




Farewell Posting ...

Hacking away...

Web Project - Status

We Interrupt ...

Poetry from Poetry


Life and Work

Definition: 'Subversive'

2014 in Books

Physics Postings

Engineering Postings

True Expert


2014 - a Good Year

Physics or Engineering?

Engineering Links

What Is Art?



Google's Poetic Talents

Certificates and Heat Pumps

Nr. 5: A Mind-Altering Experience

Technet postings


Pink Spaceship

radices = Roots!

IT Postings

Web Projects

Life, the Universe, and Everything

Uh-oh, No Posting in March

PKI Resources

PKI Issues

Subversive Work

Spam Poetry

A Career 'in Science'


On the Shoulders of Subversive Giants

Search Term Poetry

Facebook Art

2013 in Books


Explain, Evaluate, Utilize


About Life-Form Elke Stangl

elkement and This Site

No. 3: Internet Apocalypso


Newsletter Resurrection


For Free

Subversive Yearly Report

Is My Life a Cliché?

Indulging in Cliché

Torture Turning Trivia

Intermittent Netizen

Knowledge Worker...


Physics on the Fringe

Graduation Speech

The Element is Back!


Physics Links


Not Funny

Calendar and Magic


In Need of a Deflector

About to Change

A Nerd's Awakening

For the Sake of Knowledge


Profession Or True Calling?

No. 2: On Self-Reference

I Have No Clue About Art



The End

No. 1: On Subversion at Large


Emergency Exit

Modern Networker


The Scary Part

Exploring the Work Space


Instead of a CV

Favorite Books


Elke was here

My Articles on IT Security, Monitoring, PKI.

(elkement. Last changed: 2015-11-07. Created: 2014-06-01. Tags: Postings, Blogging, Resources, Links, IT, Monitoring, PKI, Security, X.509, Cryptography. German Version.)

My lecture slides on PKI and security are a bit dated already, I add them for completeness though.

Articles on my blog are targeted to a broader audience - perhaps they are too 'philosophical' for security experts. See the complete list of postings below, after the image.

X.509 Certificate

Ethereal @ hackthebox: Certificate-Related Rabbit Holes (2019-03-16 23:34:30)
This post is related to the ‘insanely’ difficult hackthebox machine Ethereal that was recently retired. Beware – It is not at all a full comprehensive write-up! I zoom in on openssl, X.509 certificates, signing stuff, and related unnecessary rabbit holes …

Certificates and PKI. The Prequel. (2019-02-18 09:26:36)
Some public key infrastructures run quietly in the background since years. They are half forgotten until the life of a signed file has come to an end – but then everything is on fire. In contrast to other seemingly important …

Modbus Server on Raspberry Pi as Babelfish for UVR16x2 (2019-01-18 14:59:27)
Our main data logger is the Control and Monitoring Interface of the freely programmable controller UVR16x2. There are two pieces of hardware you need for logging – the actual control unit and the logger connected to the controller via the …

Unintended 2nd Order SQL Injection (2018-12-15 10:01:28)
Why I am not afraid of the AI / Big Data / Cloud powered robot apocalypse. SQL order injection means to run custom SQL queries through web interfaces because the input to the intended query is not sanitized, like appending …

A Color Box. Lost in Translation (2018-11-18 15:58:02)
It was that time again. The Chief Engineer had rebuilt the technical room from scratch. Each piece of heavy equipment had a new place, each pipe and wire was reborn in a new incarnation (German stories here.) The control system …

Cyber Something (2018-10-14 12:04:41)
You know you have become a dinosaur when you keep using outdated terminology. Everybody else uses the new buzz word, but you just find it odd. But someday it will creep also into your active vocabulary. Then I will use …

Hacking (2018-08-05 15:33:41)
I am joining the ranks of self-proclaimed productivity experts: Do you feel distracted by social media? Do you feel that too much scrolling feeds transforms your mind – in a bad way? Solution: Go find an online platform that will …

Cloudy Troubleshooting (2) (2018-06-25 14:34:38)
Unrelated to part 1 – but the same genre. Actors this time: File Cloud: A cloud service for syncing and sharing files. We won’t drop a brand name, will we? Client: Another user of File Cloud. [Redacted]: Once known for reliability and as The …

Infinite Loop: Theory and Practice Revisited. (2018-06-10 11:56:55)
I’ve unlocked a new achievement as a blogger, or a new milestone as a life-form. As a dinosaur telling the same old stories over and over again. I started drafting a blog post, as I always do since a while: …

Where Are the Files? [Winsol – UVR16x2] (2018-05-28 20:10:13)
Recently somebody has asked me where the log files are stored. This question is more interesting then it seems. We are using the freely programmable controller UVR16x2 (and its predecessor) UVR1611) … .. and their Control and Monitoring Interface – …

Cloudy Troubleshooting (2018-05-13 11:46:48)
Actors: Cloud: Service provider delivering an application over the internet. Client: Business using the Cloud Telco: Service provider operating part of the network infrastructure connecting them. elkement: Somebody who always ends up playing intermediary. ~ Client: Cloud logs us off …

Logging Fun with UVR16x2: Photovoltaic Generator – Modbus – CAN Bus (2018-04-24 11:20:37)
The Data Kraken wants to grow new tentacles. I am playing with the CMI – Control and Monitoring Interface – the logger / ‘ethernet gateway’ connected to our control units (UVR1611, UVR16x2) via CAN bus. The CMI has become a …

Let Your Hyperlinks Live Forever! (2018-03-18 13:01:13)
It is the the duty of a Webmaster to allocate URIs which you will be able to stand by in 2 years, in 20 years, in 200 years. This needs thought, and organization, and commitment. ( Joel Spolsky did it: …

Reverse Engineering Fun (2017-12-05 11:23:12)
Recently I read a lot about reverse engineering –  in relation to malware research. I for one simply wanted to get ancient and hardly documented HVAC engineering software to work. The software in question should have shown a photo of …

Simulating Life-Forms (2): Cooling Energy (2017-11-28 16:09:55)
I found this comprehensive research report: Energy Use in the Australian Residential Sector 1986–2020 (June 2008) (several PDFs for download, click the link Energy Use… to display them) There are many interesting results – and the level of detail is …

The Orphaned Internet Domain Risk (2017-10-21 11:59:11)
I have clicked on company websites of social media acquaintances, and something is not right: Slight errors in formatting, encoding errors for special German characters. Then I notice that some of the pages contain links to other websites that advertize …

Data for the Heat Pump System: Heating Season 2016-2017 (2017-10-12 09:58:29)
I update the documentation of measurement data [PDF] about twice a year. This post is to provide a quick overview for the past season. The PDF also contains the technical configuration and sizing data. Based on typical questions from an …

Computers, Science, and History Thereof (2017-09-29 15:38:40)
I am reading three online resources in parallel – on the history and the basics of computing, computer science, software engineering, and the related culture and ‘philosophy’. An accidental combination I find most enjoyable. Joel on Software: Joel Spolsky’s blog – …

Heat Transport: What I Wrote So Far. (2017-07-14 09:15:49)
Don’t worry, The Subversive Elkement will publish the usual silly summer posting soon! Now am just tying up loose ends. In the next months I will keep writing about heat transport: Detailed simulations versus maverick’s rules of thumb, numerical solutions …

Other People Have Lives – I Have Domains (2017-06-06 22:17:47)
These are just some boring update notifications from the elkemental Webiverse. The elkement blog has recently celebrated its fifth anniversary, and the punktwissen blog will turn five in December. Time to celebrate this – with new domain names that says …

Earth, Air, Water, and Ice. (2017-02-05 11:48:33)
In my attempts at Ice Storage Heat Source popularization I have been facing one big challenge: How can you – succinctly, using pictures – answer questions like: How much energy does the collector harvest? or What’s the contribution of ground? …

My Data Kraken – a Shapeshifter (2016-12-22 10:53:56)
I wonder if Data Kraken is only used by German speakers who translate our hackneyed Datenkrake – is it a word like eigenvector? Anyway, I need this animal metaphor, despite this post is not about facebook or Google. It’s about …

Give the ‘Thing’ a Subnet of Its Own! (2016-11-20 11:44:44)
To my surprise, the most clicked post ever on this blog is this: Network Sniffing for Everyone: Getting to Know Your Things (As in Internet of Things) … a step-by-step guide to sniff the network traffic of your ‘things’ contacting …

Internet of Things. Yet Another Gloomy Post. (2016-09-30 21:18:41)
Technically, I work with Things, as in the Internet of Things. As outlined in Everything as a Service many formerly ‘dumb’ products – such as heating systems – become part of service offerings. A vital component of the new services …

Hacking My Heat Pump – Part 2: Logging Energy Values (2016-08-24 09:52:12)
In the last post, I showed how to use Raspberry Pi as CAN bus logger – using a test bus connected to control unit UVR1611. Now I have connected it to my heat pump’s bus. Credits for software and instructions: …

Hacking My Heat Pump – Part 1: CAN Bus Testing with UVR1611 (2016-08-03 10:04:39)
In the old times, measuring data manually sometimes meant braving the elements: Now, nearly all measurements are automated: In order to calculate the seasonal performance factor of the heat pump system we have still used the ‘official’ energy reading provided …

Have I Seen the End of E-Mail? (2016-06-10 09:46:03)
Not that I desire it, but my recent encounters of ransomware make me wonder. Some people in say, accounting or HR departments are forced to use e-mail with utmost paranoia. Hackers send alarmingly professional e-mails that look like invoices, job …

Photovoltaic Generator and Heat Pump: Daily Power Generation and Consumption (2016-06-01 12:21:02)
You can generate electrical power at home but you cannot manufacture your own natural gas, oil, or wood. (I exempt the minority of people owning forestry). This is often an argument for the combination of heat pump and photovoltaic generator. …

Everything as a Service (2016-05-19 13:57:08)
Three years ago I found a research paper that proposed a combination of distributed computing and heating as a service: A cloud provider company like Google or Amazon would install computers in users’ homes – as black-boxes providing heat to …

Alien Energy (2016-04-15 17:03:12)
I am sure it protects us not only from lightning but also from alien attacks and EMP guns … So I wrote about our lightning protection, installed together with our photovoltaic generator. Now our PV generator is operational for 11 …

Anniversary 4 (4 Me): “Life Ends Despite Increasing Energy” (2016-03-18 18:05:32)
I published my first post on this blog on March 24, 2012. Back then its title and tagline were: Theory and Practice of Trying to Combine Just Anything Physics versus engineering off-the-wall geek humor versus existential questions IT versus the …

Half a Year of Solar Power and Smart Metering (2015-12-07 11:11:53)
Our PV generator and new metering setup is now operational for half a year; this is my next wall of figures. For the first time I am combining data from all our loggers (PV inverter, smart meter for consumption, and …

The Impact of Ambient Temperature on the Output Power of Solar Panels (2015-11-13 09:21:38)
I have noticed the impact of traversing clouds on solar power output: Immediately after a cloud has passed, power surges to a record value. This can be attributed to the focusing effect of the surrounding clouds and/or cooling of the …

Shortest Post Ever (2015-11-07 18:17:44)
… self-indulgent though, but just to add an update on the previous post. My new personal website is  live: I have already redirected the root URLs of the precursor sites, and Now I am waiting for …

Random Things I Have Learned from My Web Development Project (2015-10-29 15:06:33)
It’s nearly done (previous episode here). I have copied all the content from my personal websites, painstakingly disentangling snippets of different ‘posts’ that were physically contained in the same ‘web page’, re-assigning existing images to them, adding tags, consolidating information …

My Flat-File Database (2015-09-18 10:35:10)
A brief update on my web programming project. I have preferred to create online text by editing simple text files; so I only need a text editor and an FTP client as management tool. My ‘old’ personal and business web …

Interrupting Regularly Scheduled Programming … (2015-08-17 19:09:41)
(… for programming.) Playing with websites has been a hobby of mine since nearly two decades. What has intrigued me was the combination of different tasks, appealing to different moods – or modes: Designing the user interface and organizing content. …

Solar Power: Some Data for the First Month. (2015-06-17 12:04:07)
On May 4, 2015, we started up our photovoltaic generator. Here are some numbers and plots for the first month – and what I plan to do next. Our generator has a rated power of 4,77 kWp (kilowatt peak), one …

Watching TV Is Dangerous (2015-05-07 20:33:41)
I am not talking about humans. But TV-sets might threaten other devices in the smart home; this was a recent puzzle submitted by a blog reader. Two unrelated devices / services met on the user’s local computer network: IP-TV provided …

Finally Mobile-Friendly! (How I Made Googlebot Happy) (2015-04-29 17:27:30)
Not this blog of course – it had been responsive already. But I gave in to Google’s nagging and did not ignore messages in Google Webmaster Tools any longer. All my home-grown websites had a fixed width of the content …

Data Logging with UVR1611 – FAQ (2015-03-18 15:10:40)
I have received several questions related to my article on data logging on this blog, or to my postings on monitoring and control on our German blog. Thus I have decided to write the article I would have wanted to read …

All My Theories Have Been Wrong. Fortunately! (2015-01-23 10:16:09)
I apologize to Google. They still like my blog. This blog’s numbers plummeted as per Webmaster Tools, here and here you find everything you never wanted to know about it. I finally figured that my blog was a victim of …

Looking for Patterns (2015-01-09 15:31:02)
Scott Adams, of Dilbert Fame, has a lot of useful advice in his autobiographical book How to Fail at Almost Everything and Still Win Big. He recommends looking for patterns in your life, without attempting to theorize about cause and …

Waging a Battle against Sinister Algorithms (2014-12-20 20:50:54)
I have felt a disturbance of the force. As you might expect from a blog about anything, this one has a weird collection of unrelated top pages and posts. My WordPress Blog Stats tell me I am obviously an internet …

Google and Heating Systems (2) (2014-11-15 16:24:46)
I googled our company name. Then I found this: Auftrag means order and the obfuscated parts contain our full company name, the Chief Engineer’s name, the URL of a vendor we ordered material from recently, invoice total, and a comment …

When I Did Social Engineering without Recognizing It (2014-08-05 11:32:33)
I planned to read something about history this summer. Then I picked the history of hacking. My favorite was Kevin Mitnick’s autobiography – the very definition of a page-turner. The book is free of hardcore technical jargon and written for …

5 Years Anniversary: When My Phone Got Hacked (2014-07-18 11:32:04)
I like to play with phones. 5 years ago my cell phone decided it wanted to play on its own. It did participate in a TV voting – so the provider said and the itemized bill proved. This was for …

What Learning about Feynman’s Path Integrals Was Good for (2014-07-03 14:08:07)
I have gone to great lengths on this blog in order to explain how and why a degree in physics prepares you for seemingly different careers, or at least does not hurt. But it would have been so simple. I …

Network Sniffing for Everyone – Getting to Know Your Things (As in Internet of Things) (2014-06-05 15:45:13)
Simple Sniffing without Hubs or Port Mirroring for the Curious Windows User [Jump to instructions and skip intro] Your science-fiction-style new refrigerator might go online to download the latest offers or order more pizza after checking your calendar and noticing …

Diffusion of iTechnology in Corporations (or: Certificates for iPhones) (2014-05-11 13:00:58)
[Jump to technical stuff] Some clichés are true. One I found confirmed often is about how technologies are adopted within organizations: One manager meets another manager at a conference / business meeting / CIO event. Manager X show off the …

The Strange World of Public Key Infrastructure and Certificates (2014-03-12 10:47:21)
An e-mail discussion related to my recent post on IT security has motivated me to ponder about issues with Public Key Infrastructure once more. So I attempt – most likely in vain – to merge a pop-sci introduction to certificates …

What I Never Wanted to Know about Security but Found Extremely Entertaining to Read (2014-02-13 00:03:01)
This is in praise of Peter Gutmann‘s book draft Engineering Security, and the title is inspired by his talk Everything You Never Wanted to Know about PKI but were Forced to Find Out. Chances are high that any non-geek reader is already …

Cyber Security Satire? (2013-05-19 13:59:49)
I am a science fiction fan. In particular, I am a fan of movies featuring Those Lonesome Nerds who are capable of controlling this planet’s critical infrastructure – from their gloomy basements. But is it science fiction? In the year …

My Google Searches Might Heat Your Home (2013-02-18 19:22:36)
Sorry, but this is not about Search Term Poetry! Rather the contrary: Imagine your search terms could be utilized for something down-to-earth, for something useful. Google states: See more comparisons for Google services here! (Though I am disappointed they did …

Trading in IT Security for Heat Pumps? Seriously? (2013-01-22 18:45:21)
Astute analysts of science, technology and the world at large noticed that my resume reads like a character from The Big Bang Theory. After all, an important tag used with this blog is cliché, and I am dead serious about theory and …

Personal website of Elke Stangl, Zagersdorf, Austria, c/o punktwissen.
elkement [at] subversiv [dot] at. Contact