Mastodawn

deepdive Dec 16, 2023

Does it even make sense to care about privacy?

Does it even make sense to care about privacy? - Lemmy.World

Heyha ! This is probably going to be long take and it’s late here in europe… So for those who bare with me and are ready to read through my broken English, thank you. I’m personally concerned about how my data and my identity is used against my will while surfing the web or using/hosting services. Self-hoster and networking enthousiast, I have some entry/medium security infrastructure. Ranging from self-hosted adblocker, dns, router, vlans, containers, server, firewall, wireguard, VPN… you name it ! I was pretty happy to see all my traffic being encrypted through wireshark and having what I consider a solid homelab. Also having most undesired dns/ads blocked with adguard in firefox with custom configuration, blocking everything, and changing some about:config options: - privacy.resistFingerprinting - privacy.trackingprotection.fingerprinting.enabled - … I though I had some pretty harden security and safe browsing experience, but oh my I was wrong… From pixel tracking, to WebRTC leaking your real ip, fonts fingreprinting, canvas fingreprinting, audio fingerprinting, android default keyboard sending samples, ssl certificate with known vulnerabilities… And most of them are not even some new tracking tech… I mean even firefox 54 was aware of most of these way of fingerprinting the user, and it makes me feel firefox is just another hidden evil-corp hiding with a fancy privacy facade ! Uhhg… And even if you somehow randomize those fingerprint, user-agent and block most of those things, this makes you stand out of the mass and makes you even easier to track or fingerprint. Yeah something I read recently and it actually make sense… the best way to be somehow invisible is actually to blend into the mass… If you stand out, you are pretty sure to be notices and identified (if that makes sense :/) This really makes me depressed right now… It feels like a losing battle where my energy is just being wasted to try to have some privacy and anonimity on the web… While fighting against the new laws ringing on our doors and big tech company always having two steps ahead… I’m really asking myself if it really matters and if it actually make sense to use harden technology or browsers like arkenfox or the tor browser whose end node are mostly intercepted by private institutions and governemental institutions… I’m probably overthinking and falling into a deep hole… But the more i dig into security and privacy, the more I get the feeling that this is an already lost battle against big tech… Some recent source: https://avoidthehack.com/firefox-privacy-config [https://avoidthehack.com/firefox-privacy-config]

deepdive Nov 21, 2023

Selective cookie blocker ? (GitHub)

https://lemmy.world/post/8557717

Selective cookie blocker ? (GitHub) - Lemmy.World

Hi everyone ! Right now I use: - Firefox full protection with everything blocked by default - AdGuard adblocker extension - Adguardhome DNS bloquer - ProtonVPN through wireguard - Selfhosted searxng instance (metasearch engine aggregator). While this gives me reasonable doubt of protection, this blocks me out to interact with FOSS projects on github, which kindda sucks!! I don’t want to accepts GitHub’s long cookie list of tracking and statistics [https://github.com/privacy/cookies/], but not being able too interact and help FOSS project to thrive, improve, get some visibility, will in the long term hurt FOSS projects. I’m aware of GitHub’s cookie management preferences [https://docs.github.com/en/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-user-account-settings/managing-your-cookie-preferences-for-githubs-enterprise-marketing-pages], but I don’t trust them to manage and choose what should be accepted or not ! Firefox only allows to block/accept everything and all extensions are just to delete them. I couldn’t find any related and somehow workaround on this issue. Q: Is there anyway to only accept cookies allowing me to login and interact with repos without accepting those tracking and analytic cookies? If you have any solution/workaround to share, I’m all ears !

deepdive Jul 29, 2023

Backups on Linux seems overwhelmingly complicated...

https://lemmy.world/post/2350957

Backups on Linux seems overwhelmingly complicated... - Lemmy.world

Yeah another post about backups, but hear me out. I read most of the other post here on lemmy, read through the documentation from different backup tools (rsync, Borg, timeshift) but all those backup tools are for “static” files. I mean I have a few docker container with databases, syncthing to sync files between server, Android, Desktop and Mac, a few samba shares between Server, Mac and Desktop. Per say on Borg’s documentation: - Avoid running any programs that might change the files. - Snapshot files, filesystems, container storage volumes, or logical volumes. LVM or ZFS might be useful here. - Dump databases or stop the database servers. - Shut down virtual machines before backing up their images. - Shut down containers before backing up their storage volumes. How I’m supposed to make a complete automated backup of my system if my files are constantly changing ? If I have to stop my containers, shutdown syncthing and my samba shares to make a full backup, that seams a bit to much of friction and prone to errors… Also, nowhere I could find any mention on how to restore a full backup with a LVM partition system on a new installed system. (User creation, filesystem partition…) Maybe, I have a bad understanding on how It works with linux files but doing a full backup this way feels unreliable and prone to corrupted files and backup on a server. VMs are easier to rollback with snapshots and could’t find a similar way on a bare metal server… I hope anyone could point me to the right direction, because right now I have the feeling I can only backup my compose-files and do a full installation and reconfiguration, which is supposed to be the work of a backup… Not having to reconfigure everything ! Thanks

deepdive Jul 19, 2023

[Question] Debian sudoers and user best practice

https://lemmy.world/post/1776252

[Question] Debian sudoers and user best practice - Lemmy.world

Hi everyone 🙂 #### TLDR How do you work with debian and su permission and what’s the best way to do it for better security? - Add an user in the sudoers? - Give special permissions to a group? User? - Always connect to su - (default root)? - Add users to a group? — The story is unrelated to the question, but is a direct cause This is rookie question even though I use linux (ubuntu and recently debian) regularly and have alot of selfhosted docker containers on an old spare laptop. While this is probably one of the basics you need to know right away when playing arround with sudo or su I wasn’t aware of how you can f#ck everything up with a single command chmod -R xxx /home/$USER chown -R … Why would you do that? Because I’m stupid and how sometimes no idea what I’m doin? I was actually trying to change some permission to create a samba share (that’s another story xD). Trying to revert everything, alot of my docker containers, certificates and special files were unreadable, unexecutable… That broke my nextcloud instance, synchthing functionalities, linkding http shortcut… With that big incident, I learned how users, root, sudo/su permission work and recently found out you can add users to groups, like docker so you don’t have to ‘sudo docker’ everytime. My question How do you work with debian and su permission and what’s the best way to do it for better security? - Add an user in the sudoers? - Give special permissions to a group? User? - Always connect to su - (default root)? - Add users to a group? Because this is in a homelab environment, there is a minimal risk compared to exposed instances, but I’m interested to learn the best practice right away ! Thank you 😊

deepdive Jun 24, 2023

Traefik, yaml format and backticks...

https://lemmy.world/post/532260

Traefik, yaml format and backticks... - Lemmy.world

Hi everyone ! I just learned the hardway how important it is to make the difference between and ' ... Tried for 1 whole day to figure out why I got a stupid error in traefik with rule=host(hostname). While the logs weren't clear about what was raising the error: error while parsing rule Host(‘vaultwarden.home.lab’): 1:6: illegal rune literal ` I tried alot of different things, from changing the self signed certs, wildcards, adguard DNS rewrite, changing network add some wired traefik rules… To finally compare 2 different yaml files and having that “ahhh…” feeling… Bit depressing but finally happy to have my own self signed local domain names.

deepdive Jun 18, 2023

Linkding/searxng selfhosters: Linkding injector extension !

https://lemmy.world/post/272767

Linkding/searxng selfhosters: Linkding injector extension ! - Lemmy.world

For those selfhosting linkding and searxng (or using google, duckduckgo, brave) there is a very cool and useful extension: linkding injector [https://github.com/Fivefold/linkding-injector] ! It’s documented in the linkding readme, but it’s worth mentioning for those who didn’t knew about it ! It works great with selfhosted searxNG instances and is very useful to search through your bookmarks. linkding [https://github.com/sissbruecker/linkding] — selfhosted bookmark manager searxNG [https://github.com/searxng/searxng] — selfhosted meta search engine

deepdive Jun 15, 2023

Selfhosted or alternative privacy driven google calendar?

https://lemmy.world/post/155774

Selfhosted or alternative privacy driven google calendar? - Lemmy.world

Hi everybody ! While I really like the simple and sleek google calendar web GUI and functionalities, I’m more and more concerned about my data and privacy. Even if I have nothing to hide, I don’t agree anymore to sell freely and consciously my data to any GAFAM. Has anyone any alternative to google calendar? - Free and if possible, open source? It can have some discret sponsors/ads. As long as it isn’t to intrusive. - Todoist integration - Sync between devices - GUI doesn’t have to be PERFECT, but a bare minimum for my candy eyes ! - Can be API, Web… doesn’t matter as long as it syncs between devices (android, mac, windows, linux) I already searched through the web, but couldn’t find any conclusive alternative, maybe someone knows some hidden gem :) Thank you !

deepdive Jun 12, 2023

What's an easy way to edit a multiline bash command?

https://lemmy.world/post/74644

What's an easy way to edit a multiline bash command? - Lemmy.world

Hello there :) As far as I know (searched through the web), editing/navigating a multiline in bash is not possible and opening nano, pasting and editing is to much friction I want to get rid off. Do you have any way to speed up the process? example of multiline: echo deb [arch=“$(dpkg --print-architecture)” signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian [https://download.docker.com/linux/debian] “$(. /etc/os-release && echo “$VERSION_CODENAME”)” stable" | Thank you :)