This article is IMO factually wrong. Just take one example:

Passkeys only solve one use case - phishing where the user inputs their password and MFA into a fake site.

Passkeys solve a few issues:

• Phishing resistent
• Unique per site (e.g. protection against credential stuffing)
• Immune against brute force attacks
• And offer an (optional) way to log in with biometrics

This tech is clearly not perfect, but not as bad as this article suggests.

Also, you can store passkeys in a password vault like bitwarden and have it available on all your devices.

This is super interesting. I did not expext a non-steamOS linux gaming handheld.

I mostly try to read the docs, but sadly good documentation is pretty rare.

I’m currently following this guide to setup caddy reverse proxy with coraza web app firewall.

But be warned, this whole rabbit hole of WAF isn’t trivial, some protections don’t work well with some apps (e.g. portainer triggers some rules about system command execution) and it needs some tuning. I personally set it up to learn more about WAFs because I believe it will help me in my career, but I would not blindly recommend it to everyone.

Approaches like crowdsec and fail2ban seem much more suitable for selfhosters – and keep your server software updated.

Great idea. Would be even better if we turned lemmy into an AI only social network. Thousands of bots will create content, vote and comment. And all this could be done without user interaction.

Finally, even the super niche communities will have hundreds of bot comment per day, and all human lemmy users will leave voluntarily (thus reducing the need for moderation).

I doubt using secret managers is popular among self hosters. These products are targeted at larger deployments, not homelabs.

I’ve installed coraza web app firewall with OWASP ruleset this weekend. I must admit that it wasn’t as easy as I expected it, but it now (mostly) works. I had to give up with nextcloud though.

I don’t really get why datacenters want more nuclear power. Hinkley Point C is now under construction for 8 years and will take at least 6 more years. By then, the whole current AI hype will long have flattened off.

Trump’s comments mark a significant departure from his warm words about the European Commission’s president last week, in which he praised Ursula von der Leyen as “fantastic,” adding he hoped that the two would meet soon.

This man is just a walking contradiction.

RClone to a cloud storage (hetzner in my case). Rclone is easy to configure and offers full encryption, even for the file names.

As the data is only uploaded once, a daily backup uploads only the added or changed files.

Just as a side note: make sure you can retrieve your data even in case your main system fails. Make sure you have all the passwords/crypto keys available.

It also doesn’t even make sense to buy up all the possible domains. It would just be a waste of money, and surely someone could come up with a domain name that you didn’t think of (fediverse-network.com).

“web” would have sounded nice and clear, we also didn’t name FTP the World Wide File Transfer Protocol (WWFTP).

It annoys me how www. is pronounced in english. Really, double-u double-u double-u dot example dot com?

Usage requires less computer knowledge than answered

Oh no!!

I would prefer to read “Why unique passwords matter more than ever”. Most online services have rate limits established, e.g. you only have a few tries on your password before google blocks further login attempts.

But if you use the same (or very slightly altered) password for many services, there is a real risk that one of the services gets hacked, your password leaked and attackers use this against your other services.

But of course, the suggestions in the article (password manager + MFA) are still valid and useful.

They currently operate 26 airbus, as of their website. This is about 5% of their fleet.

Store important telephone numbers on your phone. No need to do a google search everytime you call your doctor/dentist/mechanic/whoever.

To be fair, there are multiple companies that would make chrome worse, e.g. Oracle

I’m currently comparing Authentik and Authelia. For me, Authentik was extremely easy to get into. Authelia with its text-based configuration is clearly not as easy for beginners.

You‘re supposed to host this yourself.