• 0 Posts
  • 46 Comments
Joined 2 years ago
cake
Cake day: June 9th, 2023

help-circle

  • I choose not to think about it or include it in my mental threat model, the same way I choose to not worry about thermonuclear warheads.

    If there’s some exploitable backdoor and Intel gets owned, we’re all boned and there’s nothing we can really do about it. I don’t have anti-ballistic-missile systems, and I also don’t have the capability to make an entire hardware/firmware/os from scratch.

    So instead focus on the things you can control and are more likely to happen. Don’t plan for doomsday, plan for every day.





  • It’s unlikely but not impossible. I’ve been using PM with a custom domain for about five years now, and never thought too hard about leaving.

    In an ideal world, a company like ProtonMail would be cooperatively owned by the workers and paying users, sort of like a credit union.

    Pragmatically, they’ve done fine stewardship of the service for the last decade or so they’ve been around. A big part of it is that their value proposition depends on stability and trust. But it could be better.



  • In my opinion it points to a more dangerous thing, “continuous delivery” software mindset seeping into safety critical systems.

    It’s fine, good even, that web developers can push updates to “prod” in minutes. But imagine if some dork could push largely untested control system updates to your car’s ECU… it’s one thing for a website site to get a couple errors, but it’s a very bad thing if it makes your steering wheel stop working.

    Unfinished products make more money, and it’s high time a consumer protection law clamped down on this.



  • Not sure how to do that in docker, I’ve run mine as a plain old PHP-FPM site for years and years. It might be something that can be tweaked using config files or environment variables, or might require building a custom image.

    ClamAV is slow and doesn’t catch the nastiest of malware. Its entire approach is stuck in 2008. It’s better than nothing for screening emails, but for a private file store it won’t help much considering that you’ll already have the files on your system somewhere. And most importantly, it slows down file uploads 10x and increases CPU load substantially. The only good reason to use ClamAV for nextcloud is if you will be sued if you don’t!









  • The biggest reason they’ve been tightly coupled historically has been event notifications and invitations. It’s a lot easier for one email client to both create the event in the calendar, and send the event metadata (.ics file) to the invitees.

    Nowadays, it’s honestly much simpler to have them entirely separate, at least for personal use. My partner and I use a shared NextCloud calendar which works well on both iOS and Android using CalDAV. Much simpler than Google/microsoft/icloud’s sharing options.