soon
"I refuse to say anything without another lawyer present."
soon
"I refuse to say anything without another lawyer present."
that... actually works...
They didn't say how fast it stopped rotating and whether the moon flew out of orbit awhile back.
Bog if true!
Do note, because it's using email, the recipient and sender are not private, along with the time, and probably the relative size of the messages.
The specific content of each message should be private as long as the encryption is done well. I haven't looked at it so I don't know if it implemnts safeguards to verify who you're messaging with (besides using the email address) and I don't know if it uses PFS (Perfect Forward Secrecy) to protect against a key getting compromised.
https://github.com/rsmsctr/vaultwardenGuide
It doesn't cover backups though. It uses Caddy instead of NGINX, and it uses DuckDNS to point a subdomain to your private IP address of your Vaultwarden server, so it will only be accessible in your LAN.
Maybe surprisingly, it is actually a technique to limit interruptions, specifically because you are only working on your current task for 25 minutes. It makes it much easier to not switch tasks in the middle because your next time to switch tasks is less than 25 minutes away. For example, if you're in a task writing a report and you remember that you were supposed to send an email, you write down the email task to do later and don't worry about it because if it's important than you will pick it for your next pomodoro. This allows you to stay focused on the report you're writing for this pomodoro.
I've been researching zero-trust for my homelab recently and I'm considering OpenZiti instead of Cloudflare since I think it can all be self-hosted. The BrowZer from OpenZiti is especially interesting to me. The fact that I'm behind CGNAT is a hurdle though.
It ends up being a lot like FIDO or Passkeys but without having to store a separate key for each site. Each key is derived from your master key and the domain so they are all unique, to prevent tracking, but you still don't have to save a separate private key blob for each site. There is also a recovery key built into the spec so that if your master key somehow gets out, you can use your recovery key to prove you're the real person and regain your account to change the signin public key.
https://xkcd.com/2827/