For bookmarking: https://raindrop.io/
But it’s not self-hosted and I’m not sure it supports offline reading.
- 0 Posts
- 22 Comments
Joined 2 years ago
Cake day: June 17th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
8·2 months agoIt isn’t hard when every works perfectly but there is a tremendous amount of complexity in some of these apps and a huge range of quality, documentation and required env vars and mounts.
And so, so many ways for things to break.
You still have manage upgrades due security vulns in all the features you are ignoring.
Yes. DMZ on router 1 exposes router 2 IP to internet.
No, this is all happening in the browser, there are no other image manipulation tools being called.
I just tested the new release. Consider defaulting PNGs to convert to JPEGs unless they have a PNG-specific feature like transparency. Lots of screenshots are initially PNGs, but not because they need any PNG-specific features. Consider: In a test screenshot, it compressed 3.4% with the default 80% setting and PNG->PNG, but for PNG->JPG, it compressed 84.6%.
MCP sounds like a standardized way for AI clients to connect to data sources, the Model Context Protocol.
https://www.anthropic.com/news/model-context-protocol
It sounds like it may compete some with Google’s A2A protocol, which is for AI agent to agent communication.
Both share the same goal of making services easier for AI to consume.
Do you have a source to cite for the literal 99%?
The top-rated answer to this question on the Security StackExhange is “not really”. https://security.stackexchange.com/questions/189726/does-it-improve-security-to-use-obscure-port-numbers
On Serverfault, the top answer is that random SSH ports provide “no serious defense” https://serverfault.com/questions/316516/does-changing-default-port-number-actually-increase-security
Or the answer here, highlighting that scanners check a whole range ports and all the pitfalls of changing the port. Concluding: “Often times it is simply easier to just configure your firewall to only allow access to 22 from specific hosts, as opposed to the whole Internet.” https://security.stackexchange.com/questions/32308/should-i-change-the-default-ssh-port-on-linux-servers
Using a nonstandard port doesn’t get you much, especially popular nonstandard ports like 2222.
I used that port once and just as much junk traffic and ultimately regretted bothering.
I’m glad to have some competition for the Frost Oven Squoosh, which is being lightly maintained. I opened some issues in the Mazanoke issue tracker for some features to consider.
One feature I started on for that project but got stuck on was implementing a STDIN / STDOUT CLI workflow.
https://github.com/frostoven/Squoosh-with-CLI/issues/10
As I said there, the goal was a workflow where I take a screenshot, annotate it, optimize it, copy it and paste it into my blog… without creating any intermediate temp files.
At least on Linux, all the the steps of the pipeline are solved, except for a CLI image compressor that could accept an image STDIN and produce a compressed image on STDOUT.
Sounds like an oversight. Consider filing a bug with them.
Nice. I use Squoosh for this, which is also free and runs in the browser.
Https give you encryption in transit. The files you view will be accesible to the host.
Same idea with email.
Not true that most incoming email will plaintext. It’s the opposite:
“Most of today’s email services, including Gmail, employ transport layer security (TLS) to protect emails in transit”
Ref: https://umatechnology.org/gmails-new-encryption-can-make-email-safer-heres-why-you-should-use-it/
nobody should have to deal with kubernetes when it comes to vehicle maintenance.
Until it gets a security audit, I’ll stick with Signal.
Tried it a couple times. Went back to the CLI.
If you know the CLI or are willing to learn, the GUI is yet-another layer for bugs to exist.
Immich has a whole set of end-to-end automated tests to ensure they don’t accidentally make public any URLs they went to be private:
https://github.com/immich-app/immich/tree/main/e2e/src/api/specs
As a popular open source project, that would be e glaring security hole.
Using this proxy puts the trust in a far less popular project with fewer eyeballs on it, and introduces new risks that the author’s Github account is hacked or there’s vulnerability in he supply chain of this docker container.
It’s also not true that you “never need to touch it again” . It’s based on Node whose security update expire every two years. New image should be built at least every two years to keep to update with the latest Node security updates, which have often been in their HTTP/HTTPS protocol implementations, so they affect a range of Node apps directly exposed to the internet.
Simple means different things to different people.
I self-host Ghost and find it pleasant to use and low maintenance. It is a single Docker container plus MySQL. I recommend a reverse proxy in front of it like Nginx. There are importers from many other blog formats.