Hi, I’m Max.

M.Sc., Software Engineer. Munich, Germany.

Digital Hygiene

Recently, we met up with some extended family who told us about a targeted phishing and hacking attack that led to their bank accounts being hijacked. Some of the questions they had while we talked were about how I handle my personal security. I was quite confident about how I handled my online security at that point, but it got me thinking where I could do better. And around the same time I came across a blog post by Andrej Karpathy that triggered some actions. ...

Re: Why NetNewsWire Is Not a Web App

Apple removing apps from the App Store and being in control of what we can and cannot install on our little pocket computers is and has always been wrong.

I totally agree with what Brent Simmons outlined as reasons for why NetNewsWire is not a web app. Especially this paragraph resonates with me:

My computer is not a terminal. It’s a world I get to control, and I can use — and, especially, make — whatever I want. I’m not stuck using just what’s provided to me on some other machines elsewhere: I’m not dialing into a mainframe or doing the modern equivalent of using only websites that other people control.

Yet it still made me wonder. Isn‘t it possible to create something like this as web app? Certainly not this nice and polished with all the features we‘d expect. A static HTML file that contains the JavaScript. Using localStorage for state.

Yeah, let’s just hope it never comes to that.

Reference: Why NetNewsWire Is Not a Web App in response to Complying With ‘Demand’ From Trump Administration, Apple Removes ICEBlock From App Store

Re: A deep dive into Cloudflare’s API outage

Even at Cloudflare scale, an invalid useEffect dependency can bring everything down.

The gist of this article is that a bad dependency array of a useEffect caused excessive API calls which led to an outage. Reading about their strategies for mitigating this I was wondering why there is no mention regarding catching the original issue. It’s all about scaling better and rolling back. But why not also handle such invalid useEffect arrays. One idea I recently stumbled upon was this eslint plugin (react-you-might-not-need-an-effect). Great name btw!

Reference: A deep dive into Cloudflare’s September 12, 2025 dashboard and API outage

grain.social

TIL about @grain.social – great project! Just posted my first gallery grain.social/profile/max….

Posting from Obsidian using a separate vault

The trick to posting directly to a Hugo blog from Obsidian is to use a custom vault that is pointing to the content folder of the hugo git repository. Then just use the Obsidian Git plugin to commit and push. Github actions or Gitlab CI will then automatically publish after pushing to git.

Reference: Steph Ango - How I use Obsidian

Vehicle Motion Cues on macOS

TIL: macOS also has the vehicle motion cues accessibility feature. Nice! Oh and in case you’ve wondered… yes they show up in screenshots 😅

Photo of MacBook on lap while seated in the passenger seat on a car

Screenshot showing vehicle motion cues in macOS

Hello world.

Why start a blog in 2025? For me, it’s simple. I love writing code, and I have a feeling I’m going to enjoy writing about it too. Programming and Tools Coding is one of my greatest passions. With AI reshaping how we develop and use tools, we’re in a fascinating period of change. This blog is where I’ll be sharing my journey through it. Software and Beyond I also plan to write about the software I use and love. I’ve always been drawn to software over hardware. To me, software is malleable, something I can shape with my thoughts alone. Hardware, in comparison, feels static and less approachable for a creator. ...