possiblylinux127
@possiblylinux127@lemmy.zip
- Comment on Poll indicates over 60% of Jews in the US believe Israel has committed war crimes 2 days ago:
The Jewish population is not committing war crimes. That is like saying that all Asian people are loyal to China.
- Comment on Poll indicates over 60% of Jews in the US believe Israel has committed war crimes 3 days ago:
Because people want to blame the Gaza genocide on Jews instead of holding the leaders and soldiers of Israel responsible.
Jewish hate needs to not be tolerated
- Comment on Poll indicates over 60% of Jews in the US believe Israel has committed war crimes 3 days ago:
This is feeding literal antisemitism
The Jewish population is a diverse set of people who may or may not support Israel.
- Comment on Bacteria may kill us entirely, but we will never kill bacteria entirely 6 days ago:
Don’t them ideas
- Comment on Israeli authorities have beaten Greta Thunberg, made her kiss Zionist flag 6 days ago:
That is a terrible thing to experience. I hope Greta will be ok after this.
- Comment on Researchers say Israeli government likely behind AI-generated disinfo campaign in Iran 6 days ago:
Yes 💃
- Comment on This is another implementation of what's possible inside of termux for all you self hosters. 6 days ago:
I think you are legally liable for damages
- Comment on Briar - secure p2p group communications 6 days ago:
I’m never going to recommend something that I can’t get to work reliability. Also the lack of a security audit is a major deal breaker.
Communications is one of those things that needs to be absolutely solid.
- Comment on Briar - secure p2p group communications 1 week ago:
My personal experience
Also they haven’t had a security audit
- Comment on Briar - secure p2p group communications 1 week ago:
Sort of I guess
Why does it matter?
- Comment on Briar - secure p2p group communications 1 week ago:
Don’t use Jami. It is a security nightmare and unreliable.
- Submitted 1 week ago to selfhosted@lemmy.world | 31 comments
- Comment on Using Termux to create a tiny selfhosted hidden chat server with E2EE. 1 week ago:
I honestly would prefer something like Briar
- Comment on What's the real danger of opening ports? 1 week ago:
Docker restricts the permissions of software running in the container. It is hardened by default and you need to manually grant permissions in some rare cases.
- Comment on What's the real danger of opening ports? 1 week ago:
Always good advise
- Comment on What's the real danger of opening ports? 1 week ago:
Yes and no
Breaking out of docker in a real life context would require either a massive misconfiguration or a major security vulnerability. Chances are you aren’t going to have much in the way of lateral movement but it is always good to have defense in depth.
- Comment on What's the real danger of opening ports? 1 week ago:
This is security theater
- Comment on What's the real danger of opening ports? 1 week ago:
To expand on this a bit:
A lot of attacks are automated since the goal is to compromise as many hosts as possible. These hosts are then used in a botnet or sold to people on shader websites to use as proxies.
- Comment on What's the real danger of opening ports? 1 week ago:
IP whitelists are not terribly secure and are quite a hassle.
Instead use a overlay VPN or some sort of extra security layer like mTLS or Authelia
- Comment on What's the real danger of opening ports? 1 week ago:
With SSH it is easier to do key authentication. Certificate authentication is supported but it is a little more hassle. Don’t use password authentication as it is deprecated and not secure.
The key with SSH (openssh specifically) is that it is heavily audited so it is unlikely to have any issues. The problem is when you start exposing self hosted services with lots of attack surface. You need to be very careful when exposing services as web services are very hard to secure and can be the source of a compromise that you may or may not be aware of.
It is much safer to use a overlay VPN or some other frontend for authentication like mTLS or an authenticated reverse proxy.
- Comment on v2.0.0: Stable Release of Immich (complete with Merch and DVD) 1 week ago:
Two nodes doesn’t provide quorum
- Comment on v2.0.0: Stable Release of Immich (complete with Merch and DVD) 1 week ago:
Ok boomer
- Comment on How to manage docker compose apps? 1 week ago:
Autoupdate is fine for personal stuff. Just set a specific date so that you know if something breaks. Rollbacks are easy and very rarely needed.
- Comment on How to manage docker compose apps? 1 week ago:
Kubernetes is the Arch of Containers except way more confusing
- Comment on How to manage docker compose apps? 1 week ago:
Why wouldn’t you just use Docker compose? It has NFS support build in and there are Ansible playbooks for it
- Comment on How can I optimize my jellyfin, specifically transcoding and the CPU usage involved? I'm running it off a mini pc so resources are everything 1 week ago:
Downloading from where?
You get the content from blurays typically (you surely aren’t talking about piracy)
- Comment on How can I optimize my jellyfin, specifically transcoding and the CPU usage involved? I'm running it off a mini pc so resources are everything 1 week ago:
Is it Intel?
If so I would use GPU acceleration
- Comment on [deleted] 1 week ago:
BSD was good at one point
These days however…
- Comment on [deleted] 1 week ago:
I wouldn’t recommend that as it doesn’t do a lot to protect data. Instead go ZFS or Btrfs.
- Comment on [deleted] 1 week ago:
Why would you go from Arch to unraid?
With all due respect, Arch isn’t good for servers. That isn’t to say Arch is bad but it isn’t designed for long term stability.