that’s only a few files out of the 153
Computers and the internet gave you freedom. Trusted Computing would take your freedom.
Learn why: https://vimeo.com/5168045
that’s only a few files out of the 153
forgot this part
P.S. I’m guessing OP doesn’t actually have a CA and is just using simple self signed certificates without any private CA that has signed them.
I assume that too, however the person I responded to recommended using a full fledged CA cert.
but it’s their CA so why would they do that?
I don’t mean them specifically, but that to me managing access to such a CA cert’s keys is security nightmare, because if I somehow get an infection, and it finds the cert file and the private key, it’ll be much easier for it to make itself more persistent than I want it.
But if you don’t trust your own CA what’s the point of having a CA?
That’s the point. I don’t recommend having one. I recommend self signed certs that are
Or if you don’t want to deal with self signed certs, buy a domain and do lets encrypt with the DNS challenge.
That’s also more secure, but can be more of a hassle, though I guess it depends on preference.
But then I would use this latter one too if I had opened any services to the internet, but I didn’t because I don’t need to.
oh, I see now, sorry! from mechanical I instantly thought you mean an HDD
you should only need to allow this once for each domain/subdomain, surely that can’t be that much of a pain.
yes that has to be repeated when the certificate changes, but make it with a 2-5 year expiration and it’ll be safer than attempting to disable these security measures for all domains, which would be just very silly and careless
does not sound like a good idea. your own CA can sign certs for any other sites too, and it’s dangerous.
I would say it’s even more dangerous of you just think “nah, it’ll be fine”
yeah, but for OP’s amount that’s an overkill, the drives are very expensive
unless you span multiple boxes of discs which is a pain in the ass
FTFY
with two drives (preferably different brands/age, HDD or SSD doesn’t really matter) in it using a checksumming filesystem like btrfs or ZFS so that you can do regular scrubs to verify data integrity.
an important detail here is to add the 2 disks to the filesystem in a way so that the second one does not extend the capacity, but adds parity. on ZFS, this can be done with a mirror vdev (simplest for this case) or a raidz1 vdev.
went with an ssd in this idea since its more durable than a mechanical, better price for storage capacity
how? sorry but that does not add up to me. for the price of a 2 TB SSD you could by a much larger HDD
and most likely to be compatible with other computers in the future in case you need it for whatever reason.
both of these use SATA plugs, it should be the same
yeah. the reason is that they can get away with that.
this change was bundled with another one that was kind of good to have: building apps to an .aab file and making split apk’s out of it.
but in this scheme the dev builds the .aab, and google makes the split apk’s, and google needs your signing key to make the signed split APKs. the reason they need your formerly used signature’s keys is because if they would have started signing apps with a new one, users who had your app already installed would have had to first uninstall the app and lose their data, because android has a security feature that does not allow an update that has a different signature.
of course, while at first it was an option, the play store has soon made it a requirement that you upload your apps as .aab files.
developers basically didn’t have a choice, other than not releasing any more updates to the play store and letting google delete “outdated” apps when they want, like they’ll have a sweep soon.
and now none of the page will load.
pages that unload their content usually also load it with scripts. especially the parts further down
the play store version isn’t as trustworthy even if the original devs published it there, since google forced all developers a few years ago to hand over their signing keys. the signature is how you know the app wasn’t modified by anyone, and that actually the developer released the apk
I was hesitant to open this post because I already know about rustdesk, but eventually I did to see the community’s opinion on it. I’m so glad that I did because this is terrible!
I think more people should hear about all of this
or neither, when cloosing open source tools worth their salt. in more and more fields such tools appear, fortunately
I had the impression that it has a Russian connection, but anyways, it’s good to be in the lookout for such things
in my book they are more of a risk than the USA. The USA already has political influence, for china to do it they need to use more extreme methods, like infiltrating your computer and use it and perhaps you as their tools
honestly I use the man command whenever I can. It gives distro-specific info, that documents the right version and any distro-specific patches
to be quite honest I don’t want to see any large business around my project unless they are paying. They are not my target audience, and I’m not writing to funnel money into their pockets
why in this community, though?