• 1 Post
  • 267 Comments
Joined 1 year ago
cake
Cake day: June 6th, 2023

help-circle
  • Let’s Encrypt is good practice, but IMO if you’re just serving the same static webpage to all users, it doesn’t really matter.

    Given that it’s a tiny raspi, I’d recommend reducing the overhead that WordPress brings and just statically serve a directory with your site. Whether that means using wp static site options, or moving away from wp entirely is up to you.

    The worst case scenario would be someone finding a vulnerability in the services that are publicly exposed (Apache), getting persistence on the device, and using that to pivot to other devices on your network. If possible, you may consider putting it in a routing DMZ. Make sure that the pi can only see the internet and whatever device you plan to maintain it with. That way even if someone somehow owns it completely, they won’t be able to find any other devices to hack.








  • It doesn’t matter if virality is the goal, unless you’re suggesting it be actively prevented, virality is just a natural phenomenon of the internet. The term viral generally implies uncontrolled exponential spread. To this day, stuff goes viral without people intending it to.

    And if you architect the system to scale a p2p network proportional to virality (ex. as people share it, they also self-host) you run into a ton of security and abuse challenges. We’re also stretching the definition of “self-hosting” at this point.


  • Agreed with using keepass. If you’re one person accessing your passwords, there’s no reason you need a service running all the time to access your password db. It’s just an encrypted file that needs to be synced across devices.

    However, if you make frequent use of secure password sharing features of lastpass/bitwarden/etc, then that’s another story. Trying to orchestrate that using separate files would be a headache. Use a service (even if self-hosted).


  • I intended for you to think about it, and if you disagree, offer a thought out response. There’s still time for that, just scroll back up.

    I’m willing to bet I’m older than you.

    Given your responses so far, it’s much less embarrassing for you to say you’re either 15 or a troll bot.

    Regarding the state of the climate, human kind is an ant hill, a game of factorio, a manufacturing pipeline. We’re in a race to generate enough energy to escape the grave of our own making that started over a hundred years before any of us were born. We’ve already crossed the threshold where, if we stopped emitting any greenhouse gasses whatsoever, we will still see a massive population decline due to heat, weather, food shortage, etc, most in poorer countries who are neither responsible for the problem, nor capable if dealing with it.

    Our best bet to save as many lives as possible is to continue research into cutting edge power generation, food production, clean water generation, and sustainable and durable housing/cooling technologies.

    The strategy of telling the wealthy to stop consuming energy cold turkey is no longer a viable strategy, as it’s not beneficial for anyone. It’s also not practical unless you’re a fictional, superhuman character who can zip around and force humankind to your benevolent will (or you have globally powerful military and are willing to enact martial law, but good luck).

    To win the race, to reduce the ensuing death and destruction and minimize unnecessary casualties to the human (and other) species, we need to put as much research as possible into new renewable tech (solar, wind, water, nuclear, and fusion if possible). It’s unclear what AI has to offer, but it is already being used to solve manufacturing challenges that neither a single human capable of, nor a group of humans can effectively abstract and communicate about. If this can be leveraged to develop new sustainable energy or bioengineering solutions that were never before known to be possible, that is how we save the most lives.

    What doesn’t save any lives is rallying behind the same absolutist strategy we’ve tried for over 50 years and making no progress. But I get it, memes travel further and faster than measured thought. That’s also a problem for us.










  • I would agree with you if we’re talking about something like the ability to search a car, where the cop is not allowed to without the owner’s permission (assuming no probable cause or warrant). In that case the cop usually figures out a loophole to manufacture probable cause or manipulate the owner into agreeing to a search. And then there’s nothing a lawyer or judge can do later, because it’s the cop’s word vs yours.

    But if we’re talking about a law that actually says the cop cannot take your phone no matter what, and they do, then any public defender would be able to point it out and the judge would certainly have to enforce it. I can’t think of a way the cop would abuse their power because, in this case they don’t have it.

    I could be convinced based on the actual wording of the law, though.