Hi, I recently acquired a pretty solid VPS for a good price, and right now I use it to run Caddy for two personal sites. When I moved to Lemmy I found about this awesome community and it got me really interested in selfhosting. I won’t be asking for tips on what to selfhost (but feel free to add what you use), there’s a lot...
The difference is that you need way more interaction. Expose a webserver on the internet and check how many requests you get from just bots.
You can control what you navigate and how to interact with the outside world, but you can’t control how the outside world will interact with your services.
I am looking for a low profile keyboard compatible with the choc switches. I plan to put the choc sunset on it. I was looking for something similar to the Corne, just without the ergo-split thing. A standard 65-75% would work....
Perhaps images, video, font etc. rendering could be compromised?
Yes, it already happen in the past. Also the Wi-Fi and Bluetooth stack got exploited, like multiple kernel drivers.
But it shouldn’t be a matter of “in the past was X exploited?” but more on having a correct security posture.
Honestly if you are arguing about wasting a “perfectly working phone” you should blame it on the vendor, especially Android devices vendors have this let’s say “defect” of dropping the support after 4/5 years.
Also not going to talk about custom ROMs (with the super rare exclusion of some) managed by god knows who, without any security team behind.
Since even the NFC and Cellular Network stack got vulnerabilities the only way you would consider an old phone “safe” to use is just turning it into the equivalent of a local ARM server.
Also pretty fun seeing the replies in the original post talking about how Google Play store shouldn’t have malware on it.
I believe the risk of running outdated software is super inflated and mediatic, 99% of people would be absolutely fine running a version of Android from 3 years ago or Windows 8.
That’s the same thing people running windows XP on internet were thinking in 2017.
Then WannaCry arrived and they got their data encrypted :)
WannaCry targeted hospitals, businesses and similar machines.
WannaCry targeted everything with SMB exposed, blindly.
Also, you should read more about security through obscurity, the fact that “no one will target you because you are a low-value target” is a false sense of security.
Ahaha I had this exact same experience. Locked out because bitwarden didn’t get the code correctly. “Luckily” the jwt token never expires so I was able to log back in without the 2FA.
For the record, I fully support what the remaining mod team is doing, they are a wonderful group and I trust them completely. I don’t regret the choices I made, only that my actions got a few other mods shit canned in the process.
I was thinking about that just today, I have something like 30+ services running on a single compose file and maintenance is slowly becoming hard. Probably moving to multiple compose file.
I wonder if people when talking about AI just ignore the fact that it’s software and has the same issues and vulnerabilities related to that… recently I see a lot of posts talking about “AI security” and in the end are stuff known since 1995…
I will soon start a new job where I expect to receive significantly more emails than I do currently. So far, I haven’t had a system in place, except for marking emails as unread until I respond and occasionally using flags....
How is the situation of nix/nix-darwin/home-manager on macOS?
Used nix last year but dropped it after home-manager decided to unlink the apps from the Applications directory....
A few questions about selfhosting from a newbie
Hi, I recently acquired a pretty solid VPS for a good price, and right now I use it to run Caddy for two personal sites. When I moved to Lemmy I found about this awesome community and it got me really interested in selfhosting. I won’t be asking for tips on what to selfhost (but feel free to add what you use), there’s a lot...
DIY nas (infosec.pub)
https://infosec.pub/pictrs/image/6fc9bec0-6fea-4c50-82c4-eba63611e465.jpeg...
Low profile keyboard compatible with choc switches
I am looking for a low profile keyboard compatible with the choc switches. I plan to put the choc sunset on it. I was looking for something similar to the Corne, just without the ergo-split thing. A standard 65-75% would work....
X-post: Better understanding and mitigating the risks of using a phone that no longer receives system updates (lemmy.ca)
Crosspost of an ongoing thread over at !android...
Recreating Government Security Standards at Home (Hardened iPhone) [8:58] (youtu.be)
and here’s how that channel recommends hardening an android phone: youtu.be/mlW6I5Kuj6c
anytype — decentralized, p2p, e2ee 'Notion' like app (anytype.io)
CVE-2023-2033: Chrome [0-day] JIT optimisation issue (bugs.chromium.org)
Please don’t enable 2FA
2FA in lemmy doesn’t work reliably yet. Please don’t enable it or you will almost certainly get locked out....
With my recent de-modding and ban from the DnDMemes sub, I now have plenty of time to touch grass and help grow this community/instance. AMA I guess? (ttrpg.network)
For the record, I fully support what the remaining mod team is doing, they are a wonderful group and I trust them completely. I don’t regret the choices I made, only that my actions got a few other mods shit canned in the process.
Should I use one docker-compose.yml for all my services?
Hi,...
PoisonGPT: How we hid a lobotomized LLM on Hugging Face to spread fake news (blog.mithrilsecurity.io)
a battle that will end up in flames (lemmy.world)
How do I manage my inbox?
I will soon start a new job where I expect to receive significantly more emails than I do currently. So far, I haven’t had a system in place, except for marking emails as unread until I respond and occasionally using flags....