Sign up to save your podcasts
Or
Share Ep 8 Commit2Quit or as much as you can
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Ep 8 Commit2Quit or as much as you can
At the time of this posting Fediverse.blog (where I post the full show notes) is down. I will edit this on Anchor when I get a solution.
Housekeeping
It seems that this podcasts goal has already been achieved. It has inspired 2 people to start self hosting. I got a couple of notifications on Mastodon that one is researching on how to self host on bsd and the other actually installed Yunohost! Thats frickin AWESOME!
CONGRATS TO BOTH OF YOU! And I sincerely hope it works out for each your situations. Especially the one doing it on bsd. I want to know how you end up doing it!
Keep in mind If you aint root, you dont own it.
Own your shit!
Additional Security points from a Yunohost Dev
Alek, one of the main dev/contributor on Yunohost's core and project managment team sent me some additional points to remember about security. The emphasis is mine.
>- **One of the key point of security is to limit the attack surface**. Don't install apps just for fun or give access to the user "because it's convenient and might be useful later"
>- Don't get too crazy about using the top-notch security ciphers with 4096bit keys or whatever. It doesn't matter. Usually the weak link of the security is elsewhere - either human or technical.
>- Last but not least, there is no such thing as "being secure".** Security is a process, and is always a tradeoff with usability**.
>
>For ex, in the context of Yunohost, we have fail2ban configured to ban after 5 failed auth attempt. We see that it triggers a lot of false positive (legitimate users trying to login and getting banned for misc reasons).
>
>**But point is, even if you get to some perfect "technical" security, the human part of security is not to be neglected **
I know that this is'nt something new. Framasoft and other people have already launched a similar campaign a year or so ago. So I admit that I am riding the coat tails of some big peeps. But since I've joined the Fediverse and really embraced it and the whole "control your data" movement I've noticed that there are an awful lot of, I dont know what you call them, bot accounts? It looks like its a bot that is just reposting crap from Twitter accounts on Mastodon. Somebody is prolly just being lazy and wrote a script that will copy/paste something to Mastodon. But I ask why? Why stay on Twitter and bitch about Twitter? Why stay of Facebook and bitch about Facebook?
So far I have deleted all Instagram, Twitter, Apple, Amazon and Microsoft accounts. I have 1 google and 1 facebook remaining.
View all episodes
By Ryan RidenourAt the time of this posting Fediverse.blog (where I post the full show notes) is down. I will edit this on Anchor when I get a solution.
Housekeeping
It seems that this podcasts goal has already been achieved. It has inspired 2 people to start self hosting. I got a couple of notifications on Mastodon that one is researching on how to self host on bsd and the other actually installed Yunohost! Thats frickin AWESOME!
CONGRATS TO BOTH OF YOU! And I sincerely hope it works out for each your situations. Especially the one doing it on bsd. I want to know how you end up doing it!
Keep in mind If you aint root, you dont own it.
Own your shit!
Additional Security points from a Yunohost Dev
Alek, one of the main dev/contributor on Yunohost's core and project managment team sent me some additional points to remember about security. The emphasis is mine.
>- **One of the key point of security is to limit the attack surface**. Don't install apps just for fun or give access to the user "because it's convenient and might be useful later"
>- Don't get too crazy about using the top-notch security ciphers with 4096bit keys or whatever. It doesn't matter. Usually the weak link of the security is elsewhere - either human or technical.
>- Last but not least, there is no such thing as "being secure".** Security is a process, and is always a tradeoff with usability**.
>
>For ex, in the context of Yunohost, we have fail2ban configured to ban after 5 failed auth attempt. We see that it triggers a lot of false positive (legitimate users trying to login and getting banned for misc reasons).
>
>**But point is, even if you get to some perfect "technical" security, the human part of security is not to be neglected **
I know that this is'nt something new. Framasoft and other people have already launched a similar campaign a year or so ago. So I admit that I am riding the coat tails of some big peeps. But since I've joined the Fediverse and really embraced it and the whole "control your data" movement I've noticed that there are an awful lot of, I dont know what you call them, bot accounts? It looks like its a bot that is just reposting crap from Twitter accounts on Mastodon. Somebody is prolly just being lazy and wrote a script that will copy/paste something to Mastodon. But I ask why? Why stay on Twitter and bitch about Twitter? Why stay of Facebook and bitch about Facebook?
So far I have deleted all Instagram, Twitter, Apple, Amazon and Microsoft accounts. I have 1 google and 1 facebook remaining.