• 0 Posts
  • 10 Comments
Joined 1 year ago
cake
Cake day: June 13th, 2023

help-circle
  • No, they’re not, but Google won’t get them (unless, as you state, they use google’s messaging app) Less Google, more better, in my opinion.

    MMS hasn’t been a thing at my provider for years now, so want to send me an image? Use Signal or whatsapp (begrudgingly). I already rarely receive or send SMS, so not enabling RCS isn’t a big loss for me, I don’t get added to Google’s statistics (which they are so very proud off), and I won’t really miss any of its features.





  • Wireguard (which is what tailscale is built on) doesn’t even require you to open ports on both sides.

    Set up wireguard on a vps first, where it is accessible, then set it up from within your network. It’ll traverse NAT and everything, and you don’t have to open a port on your network.

    Tailscale is the exact same thing, just easier because it does everything for you (key generation, routing, …). Their service replaces your vps, up to you if you think that’s acceptable or not. IMHO, wireguard is worth learning at least. I eventually (partially) switched to tailscale because I’m lazy, and all services I host have authentication anyway, with vpn just being a second layer.




  • The difference being that when you’re 10 billion into a renewables project, you usually have SOME generation already, whereas your nuclear reactor isn’t doing shit until it’s fully completed.

    I don’t mind nuclear, but the fact is that the reactors take decades to build, whereas renewables can be deployed far quicker. Going all-in on nuclear, and then twiddling your thumbs for 10-15 years while the reactors are built doesn’t sound like a great idea.


  • I don’t think programming language is a good metric for security. I assume everything I host has issues, and then try to mitigate from there.

    IMHO, a better approach is to vet the project beforehand, looking at whether it is still actively maintained. I usually use things like commits, issues, etc to try and gauge whether a piece of software is actively maintained so that when an issue arises, it can be fixed.

    You can mitigate much of the risk by using some basic best practices, like isolating all apps from each other (using docker, for example), using a reverse proxy, tools like fail2ban or a web application firewall, using proper database permissions for each app, etc

    What I also do is add another layer by making certain applications accessible only over vpn. That won’t work for some tools, obviously, but also reduces the risk for tools you are only using yourself.