Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.
If I told you it wouldnt be secure.
Ah, the ol’ security through obscurity trick… (not recommended) 😁
Ok fine, im storing passwords as plaintext on a public facing database hosted locally…
…without sanitizing inputs
I’m in the process of hardening caddy. It’s a work in progress, as I’m new to caddy. I always used Nginx. But I decided to give caddy a try as I saw it recommended a LOT.
*: in my homelab.
This week I gave up on trying to convince the teamlead an oauth access token lifetime of 5 years is too much. Yes, an access token, not an API key. There’s no revocation mechanism either.
At home I fixed RBAC for traefic, after wading through config and in the end basically just flipping switches until it worked. It does work now though so admin apps are inaccessible to family accounts. Still somewhat open for suggestions as I’m not 100% convinced by traefic yet.
Been diving into the Tor Browser codebase recently and as a consequence now lifting over a few goodies in the privacy and security departments from there to Konform Browser
Overthrowing a small 3rd world country for kicks
