🚨 🚨 🚨
Heads up folks - has a couple of CRITICAL security vulnerabilities (10/10), one of which could allow for complete account hijacking without any user interaction. That's, uh, not great.

Fortunately we have fixes for all of these vulns; you just need to be sure the updates get applied in your environment.

Go do it. NOW.

about.gitlab.com/releases/2024

I am once again urging you not to use `thingadmin` as the password to secure your `thing` account.

And pls pls pls pls pls pls pls enable MFA - even SMS-based MFA is still better than no MFA.

doublepulsar.com/how-50-of-tel

I've deployed several new-to-me self-hosted services over the past few days:
- miniflux.app/ for
- immich.app/ for
- github.com/sissbruecker/linkdi for and link sharing

What else am I missing?
/

Anyone have a favorite self-hosted aggregator thing?

I'm playing a bit with miniflux.app/ and like it so far, but wondering if there's another killer app I'm not aware of.

I threw together a quick Salt state to streamline deploying netdata and proxying it with Tailscale Serve on all of my systems:

runtimeterror.dev/salt-state-n

It's not particularly robust or elegant, but it did the trick for configuring my dozen-or-so minions at once.

I put together some quick notes on using some of my favorite features: SSH, Serve, and Funnel.

runtimeterror.dev/tailscale-ss

I just recently discovered netdata (github.com/netdata/netdata) and have started using it for lightweight local monitoring of some of my systems.

It's really slick!

I've been using for a few months now, and I can't imagine going back to life before Cloaked. Quickly spawning a new identity (working email and phone number along with the usual username+password stuff) for each online account or interaction is liberating. Cloaked lets me control the effective blast radius of my personal data.

Anyhoo, you can currently save a whopping 75% on an annual subscription with the code CYBERCLOAK.

your.cloaked.app/auth/register

Ooh, this is handy - easily connect to / interact with nodes right from the comfort of your window:

marketplace.visualstudio.com/i

/nosanitize

Cloudflare is having _a time_ and I can't WAIT to read the after-action blog post!

"Cloudflare is assessing a loss of power impacting data centres while simultaneously failing over services."

cloudflarestatus.com/incidents

I've been using Cloaked for a few weeks and have been hugely impressed by the product. Being able to create complete identities on the fly for online accounts, signing up for rewards programs, or just establishing contact with new people and companies is kind of liberating. It's awesome having control over who has what information about me. The team really embraces "Privacy by Default" and it's great to see.

techcrunch.com/2023/10/03/cloa

In case you ever find yourself trapped inside a vim session, here are some simple tips:

github.com/hakluke/how-to-exit

is now , the free open-source fork of :

opentofu.org/

I sense a new `tofoyolo` alias in my shell's future...

πŸ‘ Don't πŸ‘ sync πŸ‘ MFA πŸ‘ secrets πŸ‘ to πŸ‘ the πŸ‘ cloud πŸ‘

- Don't put them in your password manager, no matter how convenient that may be. In the unlikely event that someone gets into your PW DB you *don't* want to also give them all your MFAs.

- Don't sync them with a third-party app/service, which automatically becomes a priority target.

- And DEFINITELY don't sync them in an already-high-value account, like your Google account.

retool.com/blog/mfa-isnt-mfa/

I put together some quick notes on how I set up a self-hosted instance of ntfy.sh and started using it for easy push notifications from my various servers and other systems.

I'm really impressed by how easy it was to configure and how well and reliably it works. I'll definitely be setting up a gratuitous number of notification hooks for everything I can think of now.

runtimeterror.dev/easy-push-no

Show more

John

CounterSocial is the first Social Network Platform to take a zero-tolerance stance to hostile nations, bot accounts and trolls who are weaponizing OUR social media platforms and freedoms to engage in influence operations against us. And we're here to counter it.