thelittleblackbird

joined 1 year ago
[–] thelittleblackbird@lemmy.world 7 points 2 days ago (2 children)

No idea at all, but I am highly interested in your experience. So it would be great if you could came here back to share it with us

Yes, it will be enough if your services are not exposed via port forwarding , tailscale / zerotier are super convenient for this.

Honestly, if I were you I would start thinking in having a small computer just to act like a proxy / firewall of you synology, or even better, just run the applications on that computer and let the nas only serve files and data.

It is much easier to support, maintain and hardening a debain with a minimal intallation than nay synology box just because the amount of resources available to do so. In this easy way you could extent the life of your nas far beyond the end of life of the Sw

I use the tchapi docker image for the caldav server (die to the LDAP support for the user Auth) and davx5 for the android integration.

In Desktop thunderbird already have a native integration and with iPhone is also working fine.

No problems so far in almost a year, they work reliable and smooth. The only point I somehow miss is the lack of push notifications from the server to the devices, but it is not a deal breaker from me

[–] thelittleblackbird@lemmy.world 3 points 5 days ago (2 children)

Another one selfhosting contacts, calendar, notes and so on with that non-interoperable protocol.

And for the shake of honesty I need to say that while doable it is true that the situation could be highly improved with a lot of non standard stuff that private apps are implementing outside of the standard compliance

[–] thelittleblackbird@lemmy.world 8 points 5 days ago (5 children)

Don't make it available from internet. This will solve the issue.

If it is not possible, once the cve is published and properly described, perhaps there is another way to secure it via an external proxy or even a waf.

If you have unsupported Sw, it is always a pain in the ass to keep them secure so try to figure out always the first point

Can someone be so kind to explain me what I am seeing?

Because it seems like I am not celvee enough to get it

[–] thelittleblackbird@lemmy.world 5 points 1 week ago (2 children)

The answer is mTLS.

But you will run into the key distribution problem. But if your number of devices is manageable, it could be the solution

[–] thelittleblackbird@lemmy.world 8 points 1 week ago (7 children)

This thing reduces the attack surface of the inmich installation.

If it is good, or bad or fitting to your security model can only be said by you. But honestly it sounds like a sensible thing to do

Even if you have a valid point, modern fingerprinting technics usually is done through your data and the connection dependencies of them (which accounts are activated from the sane computer and so on).

Selfhosting remove some links between your data set like the files you store in drive, the people who appear in your photos, your contact list, to whom you email... Etc etc

Suddenly all this data is vanishing from the big techs, so, in theory it would be possible to make that association process more difficult

Then follow that path, once you are comfortable with the approach you can start hosting more and more services,to the point that you can selfhost your own messenger services or ms teams services.

Once you are in that situation, you can think in accounts rotation and/or burner identities to address the services you can not pull from the big techs

[–] thelittleblackbird@lemmy.world 1 points 1 month ago (1 children)

OK, thanks for the feedback. Perhaps I am doing something terrible wrong with it.

I will recheck the system again.

Thanks

 

Hello,

Small question to this incredible community.

Does anybody have a good suggestion about a link manager with plug-ins for different browsers?

If it could also support Samsung browser would be an incredible plus.

In my use case I intent to (easily) save some links for reading later and the integration with a mobile browser is fundamental to make the things easy.

Thanks in advance!!

 

Hi all,

I need to exposs an iscsi disk to be used as a main disk in a vm. Because I am pretty new in this solution I would like to ask some tips and good practices to avoid making rookie mistakes that can really hit the performance or availability.

What are the common things I should take into account before deploying everything?

Thanks in advance

 

Hi all,

I drop this question here to see if somebody is already facing the same problem.

As a catastrophic recovery plan of my password manager I keep an encrypted copy of the database + some portable apps in a Dropbox account. The idea is that if one day I am suffering a big problem with my Handy and I am away of my computer (or just awoken naked in the middle of the forest) I can recover my digital identities so I can send t least an email.

I was using Dropbox but recently I discovered that sometimes they send a confirmation email when they think something suspicious is going on.

Can anybody recommend a storage provider without those annoying confirmation emails?? If they accept weak password in this case it would be a plus

 

Hi all,

I recent times my ds918 is marking a hdd as critical because it went to a full identification cycle. It only failed once and smart attributes, including the long ones, are always showing a healthy hdd.

The point is that synology is re issuing the alert every day and I cannot manually mark it as no problematic.

So, how seriously should I take this warning and if there is any way to reset this status once for all????

Regards

 

hi all,

i have joined recently the world of the usenets but it looks like everything is dominated by the english with little to nothing to other languages

I am looking for a usenet server with good content of media in non-english, preferrably german, spanish or french (i am from europe)

can anybody suggest something for an usenet noob? it is not important if the content is behind a pay wall, but if the server needs invitation it would be good if a good samaritan can spare one :)

thanks in advance

view more: next ›