It’s so old it’s not called self-hosted.
It’s so old it’s not called self-hosted.
Moneydance https://moneydance.com/
Started using it close to twenty years ago and keep using it because it seems fine.
At one time there were browser extensions that allowed you to comment on any web page and allowed other extension users to see your comments.
The comments were hosted through the extension and not on the pages themselves.
Something like that would be possible but I don’t know anyone offering it now. I presume no one wants to moderate that.
Good example. It’s true that an even a GET request not designed to mutate data might still fail to validate input, allowing a SQL injection attack or other attack that escalates to the privileges that the running app has.
Immich has a whole set of end-to-end automated tests to ensure they don’t accidentally make public any URLs they went to be private:
https://github.com/immich-app/immich/tree/main/e2e/src/api/specs
As a popular open source project, that would be e glaring security hole.
Using this proxy puts the trust in a far less popular project with fewer eyeballs on it, and introduces new risks that the author’s Github account is hacked or there’s vulnerability in he supply chain of this docker container.
It’s also not true that you “never need to touch it again” . It’s based on Node whose security update expire every two years. New image should be built at least every two years to keep to update with the latest Node security updates, which have often been in their HTTP/HTTPS protocol implementations, so they affect a range of Node apps directly exposed to the internet.
Yes, there are broken uses of the HTTP protocol verbs where filtering to GET won’t work.
A simpler way to protect a private service with a reverse proxy is to only forward HTTP GET requests and only for specific paths.
It’s extremely difficult to attack a service with only GET requests.
The security of which URLS are accessible without authentication would be up to immich.
Although, If I have my own Amazon referral link in my blog post and they replace the referral code in their feed, I would not be happy about that.
They could be injecting their own ads or affiliate links into the content.
For example, if a post links to Amazon.
I have not looked at the source code.
Watching history repeat itself.
Date pickers that assume you have a 5 digit birth year.
Ironically, the part of Perl that looks most cursing is the regular expressions, and that’s the feature that so many modern languages have borrowed from Perl directly.
Have you tried doing CAD work on a phone or iPad over a Remote Desktop connection?
Seems unpleasant enough to drive someone to buy a proper laptop to travel with.
If you don’t have a proper computer, how will you access this remote server to do your CAD work?
I imagine BitWarden is sufficiently good. The big leap in security comes from having no password manager to a decent password manager.
LastPass does not seem as serious about security so it doesn’t meet my personal bar for decency.
LastPass doesn’t have your password, so it can’t be stolen during a breach.
But 1Password goes a step further, also requiring a “secret key”, which also can’t be stolen.
https://support.1password.com/secret-key-security/
Even if an attacker manages to steal your encrypted data from 1Password and also guess your master password, they still can’t access your data without a secret key.
For that reason, your 1Password account is more likely to compromised through your own device, not their server. And if your own devices are thoroughly compromised, no password manager can save you— the attacker can potentially grab all you type and see all you see.
I evaluated both BitWarden and 1Password for work and 1Password generally won across the board.
If you host yourself make sure backups are rock solid and regularly monitored and tested. Have a plan for your infrastructure being down or compromised.
1Password’s security model guards against this. Even if they are breached, your passwords cannot be decrypted.
You are more likely to screw up your own backups and hosting security than they are.
You could likely have a free initial meeting with a lawyer to confirm a law had been broken and get a general idea of their fees and your odds of success.
Sounds like it would be your brother’s word against the public defenders. Sounds tough.
Yes, you could file paperwork for a lawsuit. Affording the legal help and winning the suit are different matters.
We had two female black cats named Midnight and Luna,
When guests would come over ask about our young children about the cats, a child would explain to the adult guests that Midnight and Luna were our ladies of the night, explaining that Luna means moon.
This went on for years.