firmly of the belief that guitars are real

  • 0 Posts
  • 12 Comments
Joined 2 years ago
Cake day: August 16th, 2023
  • guitars are real@sh.itjust.workstoOpen Source@lemmy.mlThoughts on Post-Open Source?English
    19·
    1 year ago

    Open source is just another commons, and companies have a way of uncontrollably exploiting common resources until they collapse.

    In the case of open source, it’s healthy in the sense that money is flowing, we have companies sponsoring projects, tons of code is available for inspection and reuse, etc. Very nice. But if you go back to the original concepts of free software, in many cases we struggle with actually exercising the four freedoms. Red Hat has engineered an EULA that basically lets them ban practices that had been thought protected by the GPL for at least a generation, and so on and so forth. So is the open source community healthy or dying? Doesn’t the answer to that depend on your priorities?

    I think it would make a lot of sense to try to create an economic model that can fund open source software development without relying on corporate injections of cash. It’s not that they don’t pay for it ever, they just pay for it to the bare minimum extent. IE, the heartbleed fiasco – tons of companies were freeloading off one guy and like half the Internet’s security got fucked for it. Imagine if OpenSSL had had some kind of economic support structure in place to allow for, uh, more than one guy to manage the encryption library for like half the Internet before something insanely stupid and predictable like that happened. Well, we can never have that with corporate-controlled open source.

  • guitars are real@sh.itjust.workstoSelfhosted@lemmy.worldHow should I secure my data on Nextcloud against physical attackers?English
    8·
    1 year ago

    Encrypting your disk only provides at-rest protection, meaning there are entire swathes of physical attacks it provides zero protection against. Tons of stuff a malicious actor can do during runtime with physical access that you’d never notice. it quite literally only protects against thugs smashing your door in and physically walking away with the disk.

    So if you’ve painted yourself into a corner with a baby’s first config, what you can do to step up your level of data protection (until you can redo your setup properly) is creating an encrypted filesystem or filesystem image (use fallocate to create a large empty file, then connect it to a loopback device, encrypt with LUKS, and use it as a virtual filesystem), rsync your data directory to it, and then unlock/mount it at boot under the directory where Nextcloud is configured to store your data. It’s god-awful, but this should be more or less transparent to Nextcloud if you do it right, and then at least your data directory gets at-rest encryption, and tbqh if someone is smash and grabbing your hard drive they are probably more interested in your data than they are your OS config.

    I wouldn’t say this is an acceptable or preferable alternative to FDE, but it sounds like you’re still figuring out the best ways to set these things up, and this will get you more protection than none. But, realistically, you should probably not worry about it too much and should think about the security of your setup as a learning exercise/study in best practices.

  • guitars are real@sh.itjust.workstoSelfhosted@lemmy.worldYou just finished setting up all your services and it works fine - how do you now prepare for eventual drive failure?English
    4·
    1 year ago

    The most useful philosophy I’ve come across is “make the OS instance disposable.” That means an almost backups-first approach. Everything of importance to me is thoroughly backed up so once main box goes kaput, I just have to pull the most recent copy of the dataset and provision it on a new OS, maybe new hardware if needed. These days, it’s not that difficult. Docker makes scripting backups easy as pie. You write your docker-compose so all config and program state lives in a single directory. Back up the directory, and all you need to get up and running again with your services is access to Docker Hub to fetch the application code.

    Some downsides with this approach (Docker’s security model sorta assumes you can secure/segment your home network better than most people are actually able to), but honestly, for throwing up a small local service quickly it’s kind of fantastic. Also, if you decide to move away from Docker the experience will give you insight into what amounts to program state for the applications you use which will make doing the same thing without Docker that much easier.

  • guitars are real@sh.itjust.workstoSelfhosted@lemmy.worldI Built a NAS: One Year Later. EVERYTHING I Learned and the MistakesEnglish
    22·
    1 year ago

    Watching videos is like an order of magnitude easier than reading for large swathes of the population. Fully 18% of the US adult population is functionally illiterate – they can pass a reading test, but their reading level is so low it hardly matters. These folks can still watch YouTube/Dystopian Vine (sorry, TikTok).

    Also, this much is just my own speculation, but A/V media is a lot easier to push people’s emotional buttons with because it’s much, much faster and easier to consume content via video and we’re likely hardwired to pay more attention to audio/visual stimuli than abstract imagery in our heads. A video+audio track of an explosion is always going to hit people harder than a careful description of the same explosion, and if people expect it to be easier and to provide a larger emotional impact, they’re more likely to go for the thing that makes them feel something more easily.

    We are all governed by dopamine more than we like to admit.