ShortN0te

joined 1 year ago
[–] [email protected] 2 points 2 days ago

That’s simply bad software practice, which was fixed once pointed out. Fact is that if they had done this on purpose, they wouldn’t have changed it and instead, would’ve came up with an excuse to keep it the same way.

This is not correct. While they have removed it from being installed on newer installs/updates, the certificate remains on the system that ran the corresponding version installer/upgrade unless it will be manually removed by the few percent that got the news.

[–] [email protected] 5 points 3 days ago

I am talking about it in general. If you trust it or not depends on you. I am just saying that the argument that it is OS or that you can host the server yourself does not automatically mean that it is safe. That applies to any software.

[–] [email protected] -1 points 3 days ago (2 children)

It could install software that transmits the data some time else. Basically something virus would do. The code can be hidden somewhere or loaded from somewhere with simple code.

Those are basic tactics used for years by malware. If just simply monitoring would be enough to protect against malware then we would have way less problems.

You should never run untrusted code or code by untrusted ppl.

[–] [email protected] 4 points 3 days ago (4 children)

You are not running the software cause you do not trust the ppl running it? So you do host the software anyway? Just because it is OS and just because you can run it on your own hardware does not mean you can blindly trust it.

[–] [email protected] 11 points 4 days ago

You have clearly not understood what it does. It basically acts as a basic WAF by blocking the access to various paths that are required by the default sharing feature but not by this "proxy".

[–] [email protected] 2 points 5 days ago

I mean you have the current image cached on the local server when you use it.

[–] [email protected] 2 points 5 days ago

1 GB of RAM for every TB of storage is recommended but you can do with way less for ZFS.

[–] [email protected] 5 points 1 week ago (1 children)

What do you mean with encryption? Does it need to be transport encrypted, end to end encrypted or is encryption at rest (when the server is offline) good enough?

[–] [email protected] 2 points 1 week ago

It is not about the drivers, framework has most likely not the capability to develop drivers for their Laptops, it is the manufacturer's job. All framework can do is selecting parts that are already supported by the kernel. Also a driver can take several years until it actually gets into a not rolling release distro like Ubuntu or mint since they do not use the newest kernel.

This collab is more about making sure, that when you install those distros everything works out of the box which is not a given, depending on the compile flags for the kernel they used or what packages are coming installed by default.

[–] [email protected] 10 points 1 week ago

Open standards are the first step of a functional transition to an open government. From there Open Source Software can compete against commercial software, once the ppl see that the FOSS offers the same features then the proprietary paid software they can easily switch to it. With open standards they only need to train the users, no data to migrate etc.

[–] [email protected] 18 points 1 week ago (2 children)

Focus instead on enforcing standards' compliance so i can open a .docx with any program and be usable anywhere.

That's an impossible task. Not even Microsoft manages that. Do not want to count how often i used libreOffice to repair or convert an older MSOffice file so it can be opend with modern Versions of MSOffice.

Once there was a 500MB Excel Sheet with lime 500-1000 used Cells, opened and saved it to.a xlsx file using libreOffice and reduced it to a few MB while still being fully functional.

[–] [email protected] 2 points 1 week ago

Yes i do i and you do you. But advertising those things as security measures while not adding any real security is just snake oil and can result in neglecting real security measures.

As i said, the whole internet can be port scanned within seconds, so your services will be discovered, what is the risk you assume to have when your IP address is known and the fact that you host a service with it? The service has the same vulnerabilities if it is hosted via cloudflare tunnels or directly via port forwarding on the router. So you assume that your router is not secure? Then unplug it, cause it is already connected to the router.

Geoblocking is useless for any threat actor. You can get access to VPN services or a VPS for very very very little money.

view more: next ›