• 0 Posts
  • 18 Comments
Joined 1 year ago
cake
Cake day: June 17th, 2023

help-circle



  • Chobbes@lemmy.worldtoSelfhosted@lemmy.worldGoogle Photos Alternative
    link
    fedilink
    English
    arrow-up
    9
    arrow-down
    1
    ·
    edit-2
    10 months ago

    I want all data to be encrypted before it even reaches the server. Yes, I don’t want to trust even my own server for my image backups :), particularly since I would want to use something like Immich to provide photo backups for friends and family and I don’t even want to technically have access to their unencrypted photos unless they explicitly share them. I kind of want the attack surface for my photos to be as small as practical too. It’s almost certainly worse to have them available on my device unencrypted than a dedicated server, but it’s worse to have them unencrypted on both (and I want photos available on device so, thems the breaks).

    I get that a lot of people won’t care about this and that they’d rather be able to run the image recognition features of Immich on the server and stuff, but I don’t think it’s entirely unreasonable to want encryption for this. If nothing else I’d love to be able to back up photos for friends and family and legitimately be able to tell them that it’s encrypted and I can’t see any of it. It’d be even sweeter if they could do image recognition on device and sync that metadata (encrypted) to the server as well.



  • The abysmal adoption of DNSSEC is just embarrassing, and I haven’t heard any good arguments for why we shouldn’t do it. There’s one blog post that gets passed around as justification for not adopting DNSSEC, but it doesn’t really go into any technical detail and is mostly just the author saying “I’m scared of governments and TLDs”… which is maybe fair, but you still have to trust them for regular CA certs and everything, so why not make thr base secure?

    Honestly, I might care slightly more about DNSSEC than IPv6 adoption… IPv4 exhaustion and NATing everywhere sucks, but the fact that you can’t trust DNS is like… insane.


  • DNS setups can get fairly complicated with enterprise VPNs and stuff, but the main thing is probably just that DNS is built entirely around caching, so when something does go wrong or you’re trying to update something it’s easy for there to be a stale value somewhere. It’s also really fundamental, so when it breaks it can break anything.

    Overall, though, DNS isn’t terribly complex. It’s mostly just a key-value store with some caching. Running your own nameservers is pretty cool and will give you a much better understanding of how it all fits together and scales.



  • I’ve got bad news for you…

    Sometimes your place of work might have electronics recycling bins or something, but for the most part you’re expected to go to a special eco centre to recycle large electronics and batteries and stuff like this. Often you even have to pay a fee for them to take these items, which seems incredibly stupid to me because it just encourages everybody to throw them out with the normal trash.

    You may find some stores in some places that will take this stuff, but as far as I know this is not commonplace in much of North America. There are also some services where you can pay a fee for somebody to collect an item. We did that for a swollen lithium cell recently.


  • I feel almost entirely the opposite about this. I feel like adding a display or inputs is fine, but if you want to say you have Doom running on a toaster then it damn well better be running on a chip that’s actually in the toaster! If you just stuff a Pi in a toaster then it’s not really the toaster running Doom at all, it’s a Raspberry Pi in a toaster suit. I feel like “can it run Doom” is interesting when it shows that common devices have more powerful chips in them than you realize and that somebody hacked it to run arbitrary code. It’s sort of an interesting metric to show how far we’ve come with computers, and how optimized Doom can be… I personally don’t find it that interesting if you’re just shoving a single board computer into a weird form factor, and it always just feels like clickbait to me.



  • I think it’s totally fair that people would want to stick with what they know and would find a new operating system intimidating. But, I think some of this push back is kind of warranted since people act like you can’t play any games on Linux or that the Steam Deck is stupid because it has Linux and isn’t compatible with absolutely every game, and I think that’s sort of misguided. An astonishing amount of stuff just works these days, and while I wouldn’t say a Windows user should switch to Linux unless they have a good reason to, I think some people might be doing themselves a disservice if they’re avoiding the Steam Deck because they think it won’t play their games (with caveats about anti-cheat and multiplayer of course!)




  • AM transmitters / receivers are far easier to construct than FM ones, though. If I was in an emergency situation where I couldn’t communicate with anybody I think I might be able to at least make an AM receiver, even if there aren’t very many components around… But I would need a reference to have any clue how to approach an FM one, and you’d definitely need more components available. Frequency modulation is quite a bit more complicated. If you want to transmit, CW is probably your best hope?

    Realistically, though, almost anybody in an emergency situation is doomed if the only thing that would save them is building any kind of radio. It’s not a skill set that most people have… Which I guess is why you might advocate for everybody’s phones to be able to act as FM receivers in case that’s the best way to get an emergency broadcast, because then they would have a device that’s capable of it on hand. You’re probably better off if you have a dedicated emergency radio, especially if you might lose power for an extended period of time, though.


  • It’s not necessarily clear cut for one being more reliable than the other. FM broadcasts are analog and more likely to be subject to interference (interference will directly impact what you hear, but not as badly as with AM radio) and as the signal falls off it will be harder to hear. Digital radio will be perfectly clear as long as you get a signal, but may become distorted or just cut out if the signal is weak and there are too many errors in the data being received. There will be error correction for digital radio signals, but eventually you won’t be able to receive reliably enough that it will fail. If I had to guess, assuming all of the equipment is working, digital is probably going to be more reliable than analog radio in more conditions and over a longer distance, and it probably needs less bandwidth in general because you could compress the stream.


  • These days almost every mail server will send mail over tls, but it’s not a guarantee which is a little unfortunate. Like you say there’s always privacy concerns with email, unfortunately.

    I think in terms of privacy it really depends what you care about and what you’re using it for. If you care about Google reading your inbox, then self hosting can in theory help (at least for emails where the other party isn’t on Google or whatever)… Personally I like the idea of Google not knowing every company that I have an account with and everything I order online, which is information that’s definitely in your inbox. If you care about obscuring who you are to services that you sign up for with email, then arguably self hosting is not ideal because you’ll be the only one using that domain for email, and you might be better obscuring yourself through something like Apple’s “hide my email” service (which of course means you trust Apple to see those emails instead).

    If you have more serious concerns and are having conversations that you don’t want anybody other than the recipient to know about email is probably the wrong choice for that conversation, but PGP is a decent option in these cases, albeit too clunky for most people. You may consider other services like protonmail or tutanota, but there are concerns with these services as well (eg, protonmail gets some flack for not encrypting metadata like message subjects, which is a big deal) and again there aren’t necessarily good guarantees for anybody you’re talking to on gmail or whatever.

    Personally I like self hosting my email because of the flexibility that it offers and the price. It’s nice to be able to have as many email accounts as I want and it’s cheap to host, and I enjoyed learning about it and setting it up. My personal inbox is out of the hands of giants, but obviously if I’m emailing normal people it’s probably going to be available in the clear to Google or Microsoft (which is likely the case regardless of your solution). That’s not ideal, but it’s the reality right now with email. I kind of think of email more like a Twitter account or something at this point. It’s a semi-public way for random people to get in touch with you and a lot of conversations might be kind of explicitly public like on mailing lists, or something more akin to talking to a colleague in a public space — not super private, but a convenience, I guess?

    I’d still recommend that people do try to self host their email if they’re thinking about this. Independent mail servers seem like a healthy thing for the web and learning more about it will give you a better sense of how secure / private your emails really are. Things like protonmail seem to have some advantages, but I also get some weird vibes from them and I’m not sure how much of a privacy increase they really give if you aren’t talking to other protonmail users and stuff anyway.