I don’t get why they say that? Sure, maybe the attackers don’t know that I’m on Ubuntu 21.2 but if they come across https://paperless.myproxy.com and the Paperless-NGX website opens, I’m pretty sure they know they just visited a Paperless install and can try the exploits they know. Yes, the last part was a bit snarky, but I am truly curious how it can help? Since I’ve looked at proxies multiple times to use it for my selfhosted stuff but I never saw really practical examples of what to do and how to set it up to add an safety/security layer so I always fall back to my VPN and leave it at that.

Leaning on Google’s expertise in privacy and security

Lol. Google’s expertise on privacy. Yeah, they probably know really well how to circumnavigate all those pesky privacy rules.

Got my head straight to this short (sorry, it’s Youtube): hehe

I don’t think so. I do have a keychron keyboard, but that’s just USB C I believe.

Going to try both. Someone else mentioned the dummy HDMI plug as well, so I got good hopes for that. Also going to look into Incuss. Never heard of it before.

Thanks, going to do this as well. I had it on a monitor for a while and all looked fine while logged in on the console. Would be a bummer though if this would be true.

Hmm, this does sound like it makes sense. I got the feeling that as soon as I removed the monitor it would stop working in a couple of minutes. But I thought that couldn’t be. Thanks for the tip! Going to see if that helps and I’m going to update the BIOS.

Thanks, will do.

On macOS you need to do that quite a couple of times. Changing settings, installing stuff to run in the background, install stuff to open open login, etc. So it is there. Furthermore a lot of programs and guides for linux are written to make it easy so they use sudo but you don’t always have to run it as root. But not doing so usually requires more steps. So linux is more restricting but to circumvent that, people use sudo a bit too much.

Blocking outgoing traffic isn’t needed. But was mere a headsup if that is something you’ve alread setup. What router do you have? Usually when you open a port there is a dropdown menu or checkboxes for what kind of connection the port opening is allowed.

If your forgejo host needs to connect to the outside world, you can open the port for incomming traffic only for related and established traffic. That way when somebody wants to connect to your port as a new connection it will fail. So when somebody has bad intentions, it will not work unless you’ve already connected to them in the first place. You need to permit outgoing traffic from forgejo if you block outgoing traffic.

Good to know it doesn’t have all the functions. Feels more and more that they would like to make money out of it. Which is fine, but then I feel less inclined to help them serve the fediverse.

Ah, that’s what my guess was. It couldn’t be that people just gave up on hosting it.

That’s funny I just looked at your site and vacancies today. I do not qualify for any of those spots though. You’ve got an impressive amount of services build up. Keep up the good work!

Thanks, I was also doubting about Hugo but came about writefreely as well.

I had a task running which would scan all incoming calls on all SIM cards. It then checked the numbers for known contacts and if they are unknown it would check if they called multiple times. I made it because I was bothered by a lot of spam/scam callers. This task would block all notifications, vibrations and ringtones. So it didn’t bother me at all that they called.

Indeed. The front ends could be less or more “secure”/private. And by that I mean that I don’t know how the app themselves are with access and your data. So I don’t know if they collect and share any data and how reliable the developers are.

Indeed. Or otherwise Island as an alternative. Don’t know how those two compare on the security and privacy front.

You can put it in a work profile and trust that Android is protective enough to keep your data safe and access limited. Otherwise buy a second phone just to put WeChat on it. Don’t know how WeChat works, but if it’s like Whatsapp then you don’t need to bother with a secondary number.

In that case, enjoy! It’s a great feeling when you get it working.

If you’re going to do it on your synology, see if you need to fix the TUN error. Also, you need to add ip routes to your synology to have the IP’s from your VPN on docker forwarded to docker. Make sure these are persistent or added on every startup.

Make sure you allow the VPN to work by adding it to the synology firewall.

You need to setup port forwarding on your router. It needs to point to your synology to the port which is linked to the docker container. You also need to add the route to your router to be able to access your network. For instance, if your VPN has 10.0.3.* and your LAN uses 10.0.0., your LAN/router won’t know where to send the response packets to the VPN network. So when connected to your VPN you will never be able to load stuff. If you add that 10.0.3. needs to route to your synology, and your synology knows that range needs to be routed to the Docker VPN container everybody knows where it needs to go.