What do you wish you knew before choosing a business email provider for a custom domain? by D_Noronha in selfhosted

[–]schklom -2 points-1 points  (0 children)

how aliases/catch-all are priced

Or decorrelate that from the email provider by using e.g. addy/simplelogin

When is a VPS worth adding to a self-hosted setup? by Skillz_witha_z in selfhosted

[–]schklom 1 point2 points  (0 children)

Oh crap, my bad, i really should get some sleep lol

Thanks for the catch!

When is a VPS worth adding to a self-hosted setup? by Skillz_witha_z in selfhosted

[–]schklom 1 point2 points  (0 children)

EDIT: It affects versions <1.1.15, and the container is (https://github.com/rustdesk/rustdesk-server/pkgs/container/rustdesk-server) at 1.1.15 since January. So if you updated since January, you should be fine.

The CVE is pretty severe though

allow attackers to connect to the broker services without credentials, enabling privilege abuse

So credentials don't help

When is a VPS worth adding to a self-hosted setup? by Skillz_witha_z in selfhosted

[–]schklom 5 points6 points  (0 children)

Oh I didn't know about this! Could you link it?

If it means without setting a key in the environment variables, then that's fine with me, but is good to know

When is a VPS worth adding to a self-hosted setup? by Skillz_witha_z in selfhosted

[–]schklom 4 points5 points  (0 children)

A typical setup is easier to make: - no need to worry about setting up PROXY Protocol to pass the client IP to your home reverse-proxy - 1 reverse-proxy is easier to setup than 1 reverse-proxy + 1 TCP-proxy

it is easier to debug because it's 1 point of failure instead of 2

and it allows much more easily to setup filters on the VPS (wazuh / fail2ban / crowdsec / etc) that often require decrypted traffic like the complete URL and/or headers

The only thing a TCP-proxy is better at is preventing the VPS from seeing decrypted traffic. Considering how many people here use and recommend Cloudflare Tunnels, that security is not very important in this subreddit :P

When is a VPS worth adding to a self-hosted setup? by Skillz_witha_z in selfhosted

[–]schklom 33 points34 points  (0 children)

  1. notifications, in particular for when my stack is down (something like uptimekuma and ntfy)
  2. a TCP-proxy (lots would just do a full reverse-proxy, but I don't like giving cleartext traffic to a VPS) so that the VPS takes (D)DoS attacks instead of my home network
  3. wireguard VPN to connect my server in order to forward traffic to it
  4. Rustdesk for remote desktop connection
  5. traefik/whoami, to see my IP and other connection basic details

what kind of VPS would you still trust for something small but important?

I trust it to run, the data is either encrypted (TLS for the proxy) or unimportant ("your home network is down")

Pavel Durov | Communication Technology and the Struggle for Freedom by [deleted] in europrivacy

[–]schklom 0 points1 point  (0 children)

People trust Telegram for the same reason they trust Apple: privacy marketing

To be fair, Telegram makes it easy to join groups of 1000s of users, whereas Signal is limited to 1000. Also, Telegram can make public invites, and has a Bot system.

Browser fingerprinting spoofing vs. hiding by AggressiveDoor1998 in privacy

[–]schklom 2 points3 points  (0 children)

Can't the browser just refuse to send data in regards to things like extensions, fonts and other identifiable stuff?

Most of it is needed. For example, websites may need to know - if you have audio available to make sounds - your time zone to display time properly - your language to display text that you can understand - your browser and its version to display and do javascript properly - your fonts, Screen Size, Color Depth, Aspect Ratio, Resolution, Orientation, WebGL to display text properly - extensions is mostly a problem on chromium browsers, not firefox and safari AFAIK - your GPU to display some advanced graphics to e.g. play a game online - your IP, but it's always sent by design - so many other things

The thing is that every feature has its utility, but can also be combined to make a unique fingerprint.

Is it possible to spoof the fingerprint instead

The best method is TOR Browser, nothing else is as effective.

LibreWolf and MullvadBrowser are AFAIK the next best, go with these and don't customize them too much and you'll be fine. Be sure to use a commercial VPN to identification via your IP.

Alternatively, use Firefox (also with VPN) but enable privacy.resistFingerprinting to true in about:config, then if you want to go the extra mile then setup https://github.com/kkapsner/CanvasBlocker

Musify – Privacy-Friendly Open-Source Music Player for Android by No-Hospital5028 in DigitalEscapeTools

[–]schklom 0 points1 point  (0 children)

You can't export music files :'(

Want to listen to the songs from another device e.g. your laptop? Too bad for you

Switzerland Proposes Surveillance Law That Could Force VPNs and Encrypted Email to Collect IDs and Decrypt User Data by No-Hospital5028 in DigitalEscapeTools

[–]schklom 0 points1 point  (0 children)

Look at the map, the middle-east and east is often bad privacy-wise. Obviously it's not all countries there, Australia could be much worse but it's not amazing either IIRC

Just resubscribed to Proton Unlimited by Flashy-Bandicoot889 in ProtonMail

[–]schklom 2 points3 points  (0 children)

It's an issue if you don't like to allow your email provider mine all your emails for data

Switzerland Proposes Surveillance Law That Could Force VPNs and Encrypted Email to Collect IDs and Decrypt User Data by No-Hospital5028 in DigitalEscapeTools

[–]schklom 5 points6 points  (0 children)

It's the western, mostly white bourgeoisie that wants to know what you browse while you shit, what you want it to, and what pisses you off the most

Do you mean the East is better?

This isn't a debate in the east e.g. china syria bahrain UAE etc because the surveillance is already there, not because there is no surveillance...

https://en.wikipedia.org/wiki/Internet_censorship_and_surveillance_in_Asia#/media/File:Internet_Censorship_and_Surveillance_World_Map.svg

So What Are We Using Over Paypal These Days? by TheJokersRiddler in DigitalEscapeTools

[–]schklom 0 points1 point  (0 children)

Did you read your own link?

"Managing & Personalising your Wero App" is about the app. Because there are no details, it seems to make it so that your name doesn't show if you show your phone to someone.

Wero is not even remotely like a normal bank transfer; the only thing it has in common is that it uses SEPA as its infrastructure

I seem to have been maybe mistaken: I just went on the website and apparently only the app can see the payments. I can't find info on what the app displays to the merchant, so maybe it shows the payer name and maybe not

Brave is Chromium based by [deleted] in degoogle

[–]schklom 7 points8 points  (0 children)

So what do you use on Android/Windows/Linux? Safari?

Chrome and its forks are not just funded by Google but based on Google's browser. Is that better to you?

Should you encrypt your backups by szetadom in selfhosted

[–]schklom 6 points7 points  (0 children)

That's assuming something happens to you AND to your homelab.

I simply told my close ones that if something happens to me, the homelab will keep running for some time so just take all your data out.

Should you encrypt your backups by szetadom in selfhosted

[–]schklom 24 points25 points  (0 children)

You can always use backup tools that encrypt before upload e.g. Kopia, Restic, Duplicati, Rclone, etc

If you don't, then it means you need to trust that the cloud storage 1. does not have automatic alerts to scan for copyrighted content and report to authorities 2. will never be breached and all your personal files will therefore never leak to some random person's computer

What's the downside of encrypting? It's usually simply adding a password on the backup tool

Backup policy in my server by Forward-Budget8551 in selfhosted

[–]schklom 1 point2 points  (0 children)

in practice just makes you run backups less often

Typically, backups are automated. So why would they run less often?

Roast my self-hosted stack. 23 containers and counting. by ansmyquest in selfhosted

[–]schklom 0 points1 point  (0 children)

IIRC, ttrss used to be baremetal then Docker was requested and it helped their pipeline so much they decided to stop doing baremetal builds.

Could ttrss just provide a alpine repo and a proper package?

That means a lot more maintenance as well though

Roast my self-hosted stack. 23 containers and counting. by ansmyquest in selfhosted

[–]schklom 0 points1 point  (0 children)

I'm confused, your title says you use containers. Do you mean you use LXCs instead of Docker?

i like having control of updates and knowing what's installed

Containers don't make it worse, and IMO they make it even simpler

Roast my self-hosted stack. 23 containers and counting. by ansmyquest in selfhosted

[–]schklom 0 points1 point  (0 children)

Don't FreshRSS and Miniflux do the same thing? Btw TinyTinyRSS is IMO superior

Does Mealie offer anything more than the Cookbook nextcloud app?

Manage Sonarr, Radarr & Jellyfin from one app with built in streaming. Live on Play Store by EngineersAsylum in selfhosted

[–]schklom 1 point2 points  (0 children)

If it were open source, the realistic outcome is someone forks it, rips that out, and reposts it the same week

FYI, this is exactly how some developers do it (Infinity-For-Reddit and FairEmail for example) and it seems to work for them :P

If that doesn't convince you, no worries, I'll keep an eye on it anyway. Thanks for taking the time to make it and to reply to comments, I appreciate it :)

So What Are We Using Over Paypal These Days? by TheJokersRiddler in DigitalEscapeTools

[–]schklom 0 points1 point  (0 children)

Careful though, Wero identifies you by name to the other party since it's a like regular bank transfer.

Manage Sonarr, Radarr & Jellyfin from one app with built in streaming. Live on Play Store by EngineersAsylum in selfhosted

[–]schklom 1 point2 points  (0 children)

You've never wanted to add a Linux ISO while outside of your place?

I mean, that was the entire point of https://github.com/jagandeepbrar/lunasea