Implement what you fully understand first. Then figure out the why and how of the next piece for security.
“Hardened kernel with stack protection” doesn’t mean much if you can’t explain why it’s in place, or how it works.
I’ve been in IT 25 years and security for 15 years, and the number one failure of implemented security is doing it because someone said you need it.
For me, the idea is to sync bookmarks between devices.
Yeah, I agree. Not knowing what ports might be open on a single egress shouldn’t happen.
This would encapsulate something like enforced Transport encryption.
Yes, this is what we’re discussing… Are you a bot? Or are you really not following the conversation?
deleted by creator
Most selfhosted projects do not store such private data.
That is patently not true, in the self-hosted space or otherwise.
If you want to take some kind of the security stance on pii or other personal data, you may want to take a look at the app’s workflow first before making declarations of “inadequate security”. There are other considerations than simply slapping a self-signed cert on data in transit (or at rest, for that matter). URL encoding, secrets management, api structure, etc.
If you want to architect the security of your data using this app, it is much easier to simply encapsulate or encrypt the transport yourself. A VPN would be fine. An authentication proxy would be another.
Ultimately, your comments on security here need more and better context to meet a reasonable threshold of confronting the dev on it.
It is no excuse that other services do not follow these state of the art protection measures.
Most projects in the self-hosted space put the load of transport security on the user or another system, including big ones like Immich.
Not sure why you’ve chosen to be indignant about this particular implementation.
So there are 3 power modes in “normal” USB; 500mA, 1A, and 2A, all three of these at 5V. The 6T can only deliver 500MA 5V.
There is also provision in the USB spec over USBC for negotiation of power delivery that allows also changing the voltage to deliver more power. The 6T cannot do this, it lacks the usb PD circuitry.
However, it can do org (change to “target mode” to become storage for, say, a computer to access its storage. The 6T can do this with android, but you’re right, I haven’t been able to get it to work with pmos.
I do a lot of tinkering and development with GPS, and I use a few Blox GPS dongles. These need a bit of power to heat the ceramic antenna and atmo pressure sensor. These work with pmos.
+1 for ansible.There’s a module for almost everything out there.
ZFS is slightly more portable than md and comes with some additional benefits and performance tunables you don’t get with md, so that’s my 0.02.
Note that ZFS can use memory for arc, but it is happy to run on much less than what you have. My nas is a rock 5 SBC with 4GB memory and it’s fine, performance-wise, but I’ve run ZFS on much less and it adapts well to more or less ram.
So… RSS is how sonarr and radarr work. What circumstance would make these not work?
Voting only works if the results are anonymous. That is why Gerrymandering and FBI intervention into election activities is such a big deal.
I know what Fetcharr does and I still don’t understand the need for it… Radarr and Sonarr both have profiles and upgrade policies for this that work fine.
What’s the use case of Fetcharr?
Radicale + client (Thunderbird on desktop, fossify calendar on phone)
Chip fabs need a lot of supporting tech, which is why it’s difficult to set up and more difficult to move.
Yes, you can. Interac and INTUR are technically interoperable.
The oneplus 6t can supply 500mA through USB, it just can’t negotiate usbC power delivery.
Logical IP addressing and physical interfaces are completely separate. One physical interfaces with multiple IPs, many physical interfaces bound together into one logical interface, depends on the situation.
Yep, absolutely the right move to ask here, lots of us learn through conversation. I think youre on the right track.