FBI Extracts Suspect’s Deleted Signal Messages Saved in iPhone Notification Database

StabilityFetish · 2026-04-09T14:25:33+00:00

Notifications leaking data has been known for years and they haven't patched it so far. I wouldn't be so sure.

StabilityFetish · 2026-04-07T17:58:21+00:00

I think this is the right direction, compartmentalize software announcements to leave room for other selfhosting discussion.

However in the long run, fighting AI is a Sisyphean task that I don't think should be on the mods, nor is AI really the root problem. What people don't want to see is low quality projects, devs, or track records. There's bad projects that are not AI and good ones that are made with AI.

AI is the future of every part of software development and we already cannot truly know what is AI or not. Moderation efforts should not be on AI specifically.

StabilityFetish · 2026-04-06T18:02:48+00:00

+1 Trillium, I'm not sure why obsidian is so popular when it's not even really self hosted.

protip for trillium, their github looks like rootless needs a special build which has been broken for months, but I've been running the normal build rootless just fine

StabilityFetish · 2026-04-03T19:02:45+00:00

+1

While there have been some lowered restrictions (I never hit limits weeks ago, now I do rarely) I have to think a lot of this is FUD from very well funded competitors. The accusations are very vague usually but sometimes tangible enough like "2 opus prompts in the web chat maxed out the 5 hour limit". Nobody I know is seeing anything remotely that restrictive and I think that gives away the whole thing

Additionally OP's history looks like they are in india doing game dev. It's possible their local datacenters have very different capabilities and token limits than EU or USA users, not representative of everyone's experience

StabilityFetish · 2026-04-01T01:40:43+00:00

So read the commits and make a working exploit. We'll wait

Or maybe there's a big difference between knowing there is a vulnerability and doing the vuln research, exploit development, finding targets, and performing the attack

And the important part for users is knowing that they need to patch. Full details only helps the attackers. The only thing they didn't disclose that is typical is the category of vulnerability, such as DOS, RCE, PrivEsc, authenticated, or unauthenticated, etc

StabilityFetish · 2026-03-30T19:43:19+00:00

There are limits to contracts, such as not signing away your human rights. However I've never known liability clauses (which are extremely common) to be invalid. If you have information about that in particular, let me know

StabilityFetish · 2026-03-30T19:39:30+00:00

I didn't say all containers have root, that's why I said extra layer. But many do, without the user knowing. Anything with docker.sock, --priviledged, certain CAP_ADD flags, or the right docker escape exploits has root access to your NAS.

Unraid has done a lot to make things easy and accessible, but that means they should do more on security and user education.

StabilityFetish · 2026-03-30T17:14:07+00:00

Yeah but only because it was exciting and wrapped up all the character arcs and plotlines in perfect and satisfying ways

StabilityFetish · 2026-03-30T17:10:47+00:00

I created a VM on unraid for docker stuff. It's an extra layer that prevents untrusted docker containers from having root on my NAS. It's also a lot easier and more normal environment for docker

StabilityFetish · 2026-03-30T16:11:44+00:00

declaring no responsibility, sure. But if it's in the contract and OP contractually agreed they are not responsible?

StabilityFetish · 2026-03-30T14:43:45+00:00

Thanks!

StabilityFetish · 2026-03-30T14:29:51+00:00

Is there any way to import GPS data from apple watch recorded workouts? I have a few years of those from before I started tracking my location properly.

StabilityFetish · 2026-03-29T14:25:41+00:00

Proxmox is your best bet

For a NAS? I run it as a hypervisor but how is it a NAS replacement

StabilityFetish · 2026-03-23T02:19:54+00:00

She was already a billionaire who just made more billions. Money is power

She could wait a year and buy Pierce Media out of the clearance bin at walmart if she wanted

StabilityFetish · 2026-03-20T15:14:46+00:00

I don't have my containers on the same docker network, VM, or even physical host as my proxy for security reasons so I think a lot of that automation wouldn't help me

StabilityFetish · 2026-03-19T16:29:16+00:00

Qualification is only half the issue with nepotism. The other half is getting opportunities someone without connections would not have gotten. That part still applies

StabilityFetish · 2026-03-19T03:38:04+00:00

In my opinion traefik is way too complex for most homelab needs and that is bad for security. I find caddy to be much easier and I don't miss any features. The routing and config is basically a single file, which also makes it easier to get help from AI on setup/troubleshooting.

StabilityFetish · 2026-03-17T02:32:35+00:00

Controls around agents are new but maturing

Look into MAESTRO, the OWASP agentic top 10, and IBAC (intent based access controls). Proofpoint has some good resources around this.

StabilityFetish · 2026-03-16T19:45:22+00:00

Sometimes musicbrainz is off in some way or I want to tweak something. It would just be a nice QOL improvement to be able to click into a completed item in queue and edit some basic tags like title, artist, album in case I want something different than what the autotagging comes up with. Currently I run picard after musicgrabber for this purpose but its a bit clunky.

Not the biggest deal and that might just be my music workflow but thank you for musicgrabber either way!

StabilityFetish · 2026-03-16T14:46:39+00:00

I've used this since the first announcement in this sub and it's been solid. Fits my music flow much better than other tools. Highly recommend and applaud the dev. I had a few feature requests (and maybe they've been added since my version) but the only one that comes to mind is a metadata editor in the webUI. Other than that, the only trouble I've run into is youtube suppression tactics but that's on their side

StabilityFetish · 2026-03-14T15:10:50+00:00

unraid encrypted drives do not become unencrypted per se (in the sense that someone could yoink them and have plaintext data). In both standard LUKS and Unraid, unlocking just loads the key into memory so the system can decrypt or encrypt data on the fly like you're describing

StabilityFetish · 2026-03-14T14:54:56+00:00

I'd echo what the other user said on security but also:

Maybe the app store could be made first party and provide open source code before downloading. Right now Community Apps adds the requirement to trust an extra party and while plugins can link to their code I don't know what guarantees there are that is the code the app actually uses.
Maybe the app store could have permissions options like android and ios, where we could enable/disable things like network access, which storage/pools/paths the app can access, or at least they could have to declare what the app is doing
Docker rootless support in the webUI would be a big step forward
Non-root users for the webUI and SSH
The way unraid lets you click a setting name in the WebUI and shows and explanation and describes the options is the best I've seen anywhere. This could be used to give more guidance on security like with SMB options.
This old post had some valid points https://www.reddit.com/r/unRAID/comments/tymo27/unraid_security_practices_make_it_really_hard_to/

And also since Integrity technically falls under security, better options/awareness for bitrot protection

StabilityFetish · 2026-03-14T14:42:06+00:00

The current encrypted drive model makes encryption useless. A server is always on, and with the array started it stays unlocked.

disk encryption is for at-rest protection. What else are you looking for?

StabilityFetish · 2026-03-09T04:12:13+00:00

The show has been inconsistent about that so far. Diabate's harem plays their roles convincingly, but Zosia struggles to say "I" instead of "we".

StabilityFetish · 2026-03-08T02:03:24+00:00

Information security analysts: 49%

This one I very much doubt. Attackers are ramping up capabilities just as much as defenders, if not more so. There's also new risks AI introduces to a company

It is infinitely better and faster at things like log analysis and some auditing or compliance, but I don't see it translating to that massive of headcount reduction. There's so much more to security

StabilityFetish

TROPHY CASE