TL;DR: you could adopt good programming practices like “don’t shadow mutable state” and “put constants first in a comparison” or you can pay us money so we show you obscure attempts to exploit your bad programming in code review … maybe …
This project is so necessary, we really need a modern, open browser engine that’s not going down the path of enshitification.
In case you didn’t know, this is the project Mozilla dropped by the developers Mozilla fired. So if you feel like at the end of the year you have some money left over, maybe consider joining the crowdfunding effort. (I am not affiliated)
I have tailscale, which is great for ssh-ing onto my Nas from the outside world. But to access my services, is a VPN the best way to do it?
The main point about Tailscale that I see people on here often get wrong is that they compare it to a “classic” hub-and-spoke VPN, when in fact it is an end-to-end zero trust encrypted mesh network. End-to-end does not mean machine-to-machine, it means user to service. So in your case, you should place one tailscale node in each pod (collection of containers that make up one service) as a sidekick. That way, a user need to authenticate in order to even open a network connection for a specific service, which is a very secure solution.
Maybe Fossil might be something for you.
If you like pass, you might want to look into passage
The main downside of docker images is app developers don’t tend to play a lot of attention to the images that they produce beyond shipping their app. While software installed via your distribution benefits from meticulous scrutiny of security teams making sure security issues are fixed in a timely fashion, those fixes rarely trickle down the chain of images that your container ultimately depends on. While your distributions package manager sets up a cron job to install fixes from the security channel automatically, with Docker you are back to keeping track of this by yourself, hoping that the app developer takes this serious enough to supply new images in a timely fashion. This multies by number of images, so you are always only as secure as the least well maintained image.
Most images, including latest, are piss pour quality from a security standpoint. Because of that, professionals do not tend to grab “off the shelve” images from random sources of the internet. If they do, they pay extra attention to ensure that these containers run in sufficient isolated environment.
Self hosting communities do not often pay attention to this. You’ll have to decide for yourself how relevant this is for you.
Syncthing uses inotify to watch for changes, so it’s pretty much instant
Yeah, and for that reason, I opted for syncthing instead of Git for this use case.
Never had merge conflicts I take it 😄
You probably wouldn’t. The main difference is that protobuf is structured while fleece is unstructured, so you would use it in places where you don’t want to (or can’t) tie yourself to a schema outright.
Does not have great UX on phones though.
I ran a funnel test and yes it works, but still have to use the ts.net
Out of curiosity, why is that a deal breaker for you?
Cloudflare can decrypt the data before it hits my site before it encrypts it
Give Tailscale funnel a try, it provides similar functionality but does not need to terminate yout TLS to do it.
Precisely. Except there is no “Tailscale manage them for you”.
So you could summarize your answer as " Tailscale certificates work like let encrypt".
That’s just not true. When you run an nginx proxy on a tailscale node, that nginx will terminate the TLS. There is no “gap” between your browser and that server.
Both CF and Tailscale play MITM with your HTTPS connection
That’s not correct, tailscale does not intercept the traffic, TLS is terminated on the node. Tailscale mandates HTTPS / TLS with ts.net certificates so it can route traffic to the correct node in your tailnet.
Except you can condense that whole thread into
Programming has very low hardware requirements, much lower than web browsing. Just don’t get sucket into the whole maelstrom of people trying to convince you that you need a bunch of complicated tools. If you are just stating out, Gedit or equivalent will work out just fine.
In terms of operating systems, if given the choice professionals tend to congregate around Linux and MacOS as the development experience historicaly has been much better due to having access to a proper terminal. This is something you want to familiarize yourself with if you haven’t already. Other factors may apply, especially in professional environments, where clients / employers mandate the use of Windows or something else, but this probably does not apply to you.
Universities usually have their curriculum, which is rather narrow in the beginning and widens in later terms, especially in masters classes. When it comes to teaching fundamentals, language and tools really does not matter much. It’s more about keeping things manageable for the teacher.
It’s a very good lesson- to the point where I wouldn’t be surprised if the teacher is deliberately putting an arbitrary restriction on the assignment.
It’s not arbitrary. When you start out on a profession, the first thing a good instructor does is make you unlearn the things you already think you know before teaching you the things you need to know. Think of it this way: When you pick up a golf club and start hitting the ball, you’ll drive it left and right. First thing you’ll be taught is to only hit straight. Even if you think you should try to drive a curve ball, a good teacher will not allow you. Only when you have mastered the basics will he teach you to drive curved balls. So ignore your teachers advice at your own peril, but it will most likely set you up for an expert beginners career.
As a closer, I can tell you this much: I received the same advice almost 20 years ago and now, after being a professional developer for two decades, I can not recall more than five times when a break statement actually made more sense than to rethink the algorithm.
GDPR does not apply to individuals.