Best Practices for Encrypted Search
https://lemmy.world/post/42321301
Best Practices for Encrypted Search - Lemmy.World
Task I’m working on my final project for school, we are supposed to make a web
app of our choosing and there has to be specific features in it. One of it is
all data must be encrypted, and the other is that we have to have a search
functionality. My app (A customer support framework) has a ticket functionality
where customers can submit help request tickets, the contents of these tickets
need to be encrypted at rest, at the same time admins need to be able to search
contents of tickets. Current Plan My current plan is to store an AES-256
encrypted copy of the message message.content to meet the encrypted requirement,
and also store a tokenized and hashed version of the message message.hashed to
meet the searchability requirement. The tokenization/hashing method will be: -
strip the message to alphanumeric + whitespace ([a-zA-Z0-9 ]) - tokenize by
splitting the message by whitespace, - SHA-256 each token, - rejoin all the
hashed tokens into a space seperated string and stored in the message.hashed
field. Thus this is a test string becomes <hash of this> <hash of is> <hash of
a> <hash of test> <hash of string> When the user searches their search string
goes through all of the steps in the tokenization/hashing method, then we query
the message table for message.hashed LIKE %%<hashed string>%% and if my thinking
is right, we should be able to find it. Concerns - Statistical analysis of
hashed tokens - I really don’t see a way around this, to make the string
searchable the hashing needs to be predictable. - message.hashed field could
potentially be huge, if each word is getting a SHA256 hash, a large message
could result in a very large hash string - maybe we just store the last 4 of the
hash? - This would increase collisions, but the likelihood of multiple last 4’s
colliding in a given search string should be pretty dang small, and any
collisions would likely not be valid language. I’m interested in hearing
everyone’s thoughts, am I being logical in my reasoning?
Government Surveillance on Chinese vs US made phones
https://lemmy.world/post/42209814
Government Surveillance on Chinese vs US made phones - Lemmy.World
Question that I’ve been mulling over recently: My threat model dictates that I’m
more likely to be surveilled by the US government than by the Chinese
government. We can also assume that the Chinese government is not going to
cooperate with the US government in any investigations of potential activist
activity. Would it not be best, then, to use a Chinese-made phone that, even
though we know that information is going to China, we can also assume that any
backdoors in the system are unknown to the US Gov? I’m interested in everyone’s
take on this.
A little learning project for me, a Role Based Access Control library in Go
https://lemmy.world/post/26267130
A little learning project for me, a Role Based Access Control library in Go - Lemmy.World
I would love any comments/criticism as this is the first project I’ve written
where I actually felt comfortable with what I was doing Thanks!
Recommendations on Linux Friendly PDF Software
https://lemmy.world/post/23153456
Recommendations on Linux Friendly PDF Software - Lemmy.World
Hey all, My father’s business requires him to work a lot with PDF forms, combine
PDF files, convert scanned pictures to files, etc. I’ve found Master PDF editor,
but I’ve found it to be buggy – specifically when trying to create a new PDF
from multiple files the program errors out saying it can’t create the file. I’ve
also tried running Foxxit PDF editor through WINE but that’s abysmal. Any
recommendations on Linux native software paid or FOSS, that can fill forms,
create/combine PDFs, and do basic edition (rotating pages, etc) that my 70 year
old dad can learn to use? I moved him away from Windows with the Windows 11
debacle, and he’s liked Linux so far except for this one issue Thanks all for
your help?
I've never gotten an SMS scan like this one
https://lemmy.world/post/21233323
I've never gotten an SMS scan like this one - Lemmy.World
I’m assuming they’re mass sending these to people in a specific area code and
hoping to steal credit card info. Obviously don’t go to the URL in the picture
Local NetBird Network for Zero Trust network, accessible from WAN
https://lemmy.world/post/20605609
Local NetBird Network for Zero Trust network, accessible from WAN - Lemmy.World
I’m re-setting up my HomeLab and one of the things I’m trying to learn about on
this go-around is Zero Trust networking. To accomplish this I am planning on
using NetBird’s mesh overlay network. I would like all of my services to use the
NetBird mesh network at all times, whether they are communicating within my
homelab’s LAN or I am accessing them from outside via the greater internet. I
have successfully set up the NetBird management interface on a Hetzner VPS,
however the issue I run into is if I lose internet access at home, none of my
services are able to function as they can no longer reach the management
interface. However, if I self host the management interface in my homelab, I am
unable to access it from outside my home LAN. I’ve identified 2 solutions that
could solve this: 1. Self host the management interface and set up a Cloudflare
tunnel to the management interface, which would allow access from outside my
home network. 2. Self host the management interface, then set up a wireguard
proxy/tunnel on a VPS that forwards traffic to my management interface (Similar
in my mind to option 1, but not relying on Cloudflare) What are your thoughts?
Any other ideas? I appreciate your comments/criticisms!
Proxmox running TrueNAS and NextCloud or Nextcloud on TrueNAS via Docker?
https://lemmy.world/post/7853663
Proxmox running TrueNAS and NextCloud or Nextcloud on TrueNAS via Docker? - Lemmy.World
As the title states, how would you set it up? I’ve got an HP EliteDesk G5, what
are the strengths and weaknesses of either: - ProxMox with one VM running
TrueNAS and another VM running Nextcloud - TrueNAS on bare metal with Nextcloud
running in docker - Some other setup I’d like to be able to easily expand and
backup the storage available to Nextcloud as needed and I’d also like the
ability to add additional VMs/containers/services as needed
What do you use to manage operating system images for installation on new laptops and workstations?
https://lemmy.world/post/4643192
What do you use to manage operating system images for installation on new laptops and workstations? - Lemmy.world
I’m wanting to create a centralized repository to keep base images of operating
systems to be installed on new laptops or workstations bought/used in my
household with my local CA already installed, configured to authenticate with my
local FreeIPA instance, network configurations already configured, etc. What do
you all use to accomplish this? I’m only free/libre/open source software for my
home lab, so that’s a requirement as well. Ideally I’d like to be able to buy a
computer, flash the latest and greatest from my repository onto a bootable thumb
drive, install onto the computer, and be ready to go without any further
configuration.
Installing NIC in HP EliteDesk 800 G3 Mini
https://lemmy.world/post/3047990
Installing NIC in HP EliteDesk 800 G3 Mini - Lemmy.world
I recently bought a refurbished HP EliteDesk mini to act as a server in my
homelab. It, unfortunately, only has 1 Ethernet port. Does anyone have any
experience in adding another Ethernet port to this system? It has 3 Display
ports, which I definitely don’t need, so space-wise I was thinking of replacing
a couple of them, but I’m not familiar with the process. Any advice? Is this
even doable?
Should I? - Lemmy.world
It would be blasphemy not to
