Ephemeral diffie-hellman is exactly that, it’s part of TLS since I think 1.2

At some point there was a browser extension to support DANE (and Perspectives and similar approaches against centralization) but since then, browser vendors fixed that security flaw.

No, but I have a link showing how ISPs and CAs colluded to do a MITM https://notes.valdikss.org.ru/jabber.ru-mitm/

Shorter cert lifespan would not prevent this.

Or just meet and maintain that friendship

Haha, server grade hardware. Impressive, actually, that it survived so many years. I have a similar one in my car and it’s 10+ years old and works okay, but another one that’s permanently sticked in my server with an emergency boot image died when it was needed the most.

I started with Navidrome, then looked at the disk space occupied by my library and it occured to me that 1TB MicroSD cards are a thing now, and I can listen to all my library offline.

If resource usage was low, it could also be an X11 problem solved by a wayland distro

Calendar sync? I learned that Nextcloud went to shit again when I missed an event added by my spouse to the shared calendar. Pretty important to me.

It’s that part of (every other) year!

Have you found any interesting clients or just “filezilla but for webdav” style ones?

It looks like a desktop program from the screenshots but I can’t read corporate good enough to learn if it is one

Cool! Securing the component supply chain is a buzzword managers may find familiar

The FOSS vtuber community is not far from that

Glad that they added it, it wasn’t there when I tested them. Why does such a simple thing require a browser extension though

But the part about a nice email still applies. I’m not in it for the money, no positive feedback can be discouraging - typically I deal with issues where someone has a problem.

Yeah, I felt a little uneasy putting my data on something which could be broken into. Still do, having seen my share of hacked websites at work.

If it helps you, I host everything in subdirectories with non obvious names, so bots only hit 404 pages.

Nextcloud.bonk.xyz -> nope Bonk.xyz/nextcloud -> nope Bonk.xyz/bonkcirrostratus -> good luck guessing that

Yeah, I felt a little uneasy putting my data on something which could be broken into. Still do, having seen my share of hacked websites at work.

If it helps you, I host everything in subdirectories with non obvious names, so bots only hit 404 pages.

Nextcloud.bonk.xyz -> nope Bonk.xyz/nextcloud -> nope Bonk.xyz/bonkcirrostratus -> good luck guessing that

A search company which requires an account with your actual email? And doesn’t accept anonymous payments?

It’s fine as one of the options, but if there’s no option for tokenized identity (that’s easy to change when the plan runs out) and anonymous payments, it’s a data collecting operation like any other.

See Mullvad and PPQ for how it’s done correctly.

Yup, it worked for me, no incidents. Add mod_security if you’re worried, and of course keep Apache up to date.

I now moved Apache to a separate VLAN on the private side, and have strict firewall rules on traffic from that VLAN only to services it’s supposed to be proxying.

There’s also Matthias but try finding any of these videos with just search. Youtube is against authenticity now.

https://www.youtube.com/watch?v=0_4o5ZlsRMk