• 0 Posts
  • 7 Comments
Joined 1 year ago
cake
Cake day: November 2nd, 2023

help-circle
  • yes, there are professional third party cybersecurity auditors you can hire, but I doubt anyone here would ever need them.

    Please people, stop being paranoid about your security. close up all unnecessary ports, and that’s what you can do on your end. whatever else, if the service binding to an open port has security vulnerabilities you don’t know, the project team may very well be unaware of it either, and there’s nothing you could do.

    also, if you have multiple users using your service, then it’s their password strength that you should be worrying the most, not your infrastructure.


  • From my point of view, most things related to software config is hierachical, meaning that a tree like structure is the most intuitive in understanding them. YAML is tree based, while TOML is section based. I find YAML much easier to keep track of. And I have great experience with Python, so the indentation is pretty straight forward for me.

    But I’m not picking sides and defying the other. It’s purely personal mind set related. Actually I do find some workflow very suited for TOML, like build systems, where each task is in its own section, shouting clear cut domain and dependency boundaries.






  • people are not getting the risks of exposing services correctly. think about it again. even you lock everything behind a password protection, if the password is weak, it is still not anything better than no protection. The chain is only as strong as the weakest link. Your tech illiterate family members may very likely setup something like 88888888, then they are effectively making the entire server naked. It is best to use device specific authentication apps like wireguard. If they can’t even use such app, then only expose apps that support webauthn (or oidc, and setup an oidc provider that supports webauthn or nopass), where they can use fingerprint readers on their phone to login.