| 1 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 2 |
DENIED
|
moderate
|
App\Entity\EntryComment {#1366
+user: Proxies\__CG__\App\Entity\User {#1378 …}
+entry: App\Entity\Entry {#1856 …}
+magazine: App\Entity\Magazine {#312
+icon: Proxies\__CG__\App\Entity\Image {#293 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#320
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#284 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#280 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#269 …}
+entries: Doctrine\ORM\PersistentCollection {#227 …}
+posts: Doctrine\ORM\PersistentCollection {#185 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#247 …}
+bans: Doctrine\ORM\PersistentCollection {#164 …}
+reports: Doctrine\ORM\PersistentCollection {#150 …}
+badges: Doctrine\ORM\PersistentCollection {#128 …}
+logs: Doctrine\ORM\PersistentCollection {#118 …}
+awards: Doctrine\ORM\PersistentCollection {#107 …}
+categories: Doctrine\ORM\PersistentCollection {#94 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#321
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#315
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+parent: Proxies\__CG__\App\Entity\EntryComment {#2356 …}
+root: Proxies\__CG__\App\Entity\EntryComment {#2476 …}
+body: """
> Tailscale is one of those services…\n
\n
Tailscale isn’t an exposed service. Headscale is, and it isn’t connected to the Tailnet. It’s a control server used to communicate public keys and connectivity information between nodes. Sure, a threat actor can join nodes to the Tailnet should it become compromised. But have you looked at Headscale’s codebase? The attack surface is significantly smaller than anything like OpenVPN.\n
\n
> A cert tells you that you are actually…\n
\n
I’m all for ssl/tls, but it’s more work and may not always be worth the effort depending upon the application, which is exactly why I recommended SmallStep+Caddy. Let’s not pretend that introducing things like a CA don’t introduce complexity and overhead, even if it’s just distributing the root cert to devices.\n
\n
> MITM/DNS Hijack/ARP Poisoning…\n
\n
Are you suggesting that these attack techniques are effective against zero trust tunnels? Given that the encryption values are sent out of band, via the control channel, how would one intercept and replay the traffic?
"""
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1704474084 {#1769
date: 2024-01-05 18:01:24.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@thisisawayoflife@lemmy.world"
"@JustinAngel@lemmy.world"
"@TechLich@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#2355 …}
+nested: Doctrine\ORM\PersistentCollection {#2167 …}
+votes: Doctrine\ORM\PersistentCollection {#2424 …}
+reports: Doctrine\ORM\PersistentCollection {#2440 …}
+favourites: Doctrine\ORM\PersistentCollection {#2490 …}
+notifications: Doctrine\ORM\PersistentCollection {#2409 …}
-id: 282907
-bodyTs: "'actor':41 'actual':77 'alway':91 'anyth':67 'applic':99 'attack':61,143 'band':160 'becom':50 'ca':117 'caddi':107 'cert':71,132 'channel':164 'codebas':59 'communic':30 'complex':121 'compromis':51 'connect':19,34 'control':26,163 'depend':96 'devic':134 'distribut':129 'effect':146 'effort':95 'encrypt':154 'even':124 'exact':102 'expos':11 'given':151 'headscal':13,57 'hijack/arp':136 'inform':35 'intercept':168 'introduc':113,120 'isn':8,17 'join':43 'key':32 'let':108 'like':68,115 'look':55 'm':79 'may':89 'mitm/dns':135 'node':37,44 'one':3,167 'openvpn':69 'overhead':123 'poison':137 'pretend':111 'public':31 'recommend':105 'replay':170 'root':131 'sent':157 'server':27 'servic':6,12 'signific':64 'smaller':65 'smallstep':106 'ssl/tls':82 'suggest':140 'sure':38 'surfac':62 'tailnet':22,47 'tailscal':1,7 'techniqu':144 'tell':72 'thing':114 'threat':40 'traffic':172 'trust':149 'tunnel':150 'upon':97 'use':28 'valu':155 'via':161 'work':87 'worth':93 'would':166 'zero':148"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6436919"
+editedAt: null
+createdAt: DateTimeImmutable @1704474084 {#1945
date: 2024-01-05 18:01:24.0 +01:00
}
} |
|
Show voter details
|
| 3 |
DENIED
|
edit
|
App\Entity\EntryComment {#1366
+user: Proxies\__CG__\App\Entity\User {#1378 …}
+entry: App\Entity\Entry {#1856 …}
+magazine: App\Entity\Magazine {#312
+icon: Proxies\__CG__\App\Entity\Image {#293 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#320
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#284 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#280 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#269 …}
+entries: Doctrine\ORM\PersistentCollection {#227 …}
+posts: Doctrine\ORM\PersistentCollection {#185 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#247 …}
+bans: Doctrine\ORM\PersistentCollection {#164 …}
+reports: Doctrine\ORM\PersistentCollection {#150 …}
+badges: Doctrine\ORM\PersistentCollection {#128 …}
+logs: Doctrine\ORM\PersistentCollection {#118 …}
+awards: Doctrine\ORM\PersistentCollection {#107 …}
+categories: Doctrine\ORM\PersistentCollection {#94 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#321
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#315
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+parent: Proxies\__CG__\App\Entity\EntryComment {#2356 …}
+root: Proxies\__CG__\App\Entity\EntryComment {#2476 …}
+body: """
> Tailscale is one of those services…\n
\n
Tailscale isn’t an exposed service. Headscale is, and it isn’t connected to the Tailnet. It’s a control server used to communicate public keys and connectivity information between nodes. Sure, a threat actor can join nodes to the Tailnet should it become compromised. But have you looked at Headscale’s codebase? The attack surface is significantly smaller than anything like OpenVPN.\n
\n
> A cert tells you that you are actually…\n
\n
I’m all for ssl/tls, but it’s more work and may not always be worth the effort depending upon the application, which is exactly why I recommended SmallStep+Caddy. Let’s not pretend that introducing things like a CA don’t introduce complexity and overhead, even if it’s just distributing the root cert to devices.\n
\n
> MITM/DNS Hijack/ARP Poisoning…\n
\n
Are you suggesting that these attack techniques are effective against zero trust tunnels? Given that the encryption values are sent out of band, via the control channel, how would one intercept and replay the traffic?
"""
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1704474084 {#1769
date: 2024-01-05 18:01:24.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@thisisawayoflife@lemmy.world"
"@JustinAngel@lemmy.world"
"@TechLich@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#2355 …}
+nested: Doctrine\ORM\PersistentCollection {#2167 …}
+votes: Doctrine\ORM\PersistentCollection {#2424 …}
+reports: Doctrine\ORM\PersistentCollection {#2440 …}
+favourites: Doctrine\ORM\PersistentCollection {#2490 …}
+notifications: Doctrine\ORM\PersistentCollection {#2409 …}
-id: 282907
-bodyTs: "'actor':41 'actual':77 'alway':91 'anyth':67 'applic':99 'attack':61,143 'band':160 'becom':50 'ca':117 'caddi':107 'cert':71,132 'channel':164 'codebas':59 'communic':30 'complex':121 'compromis':51 'connect':19,34 'control':26,163 'depend':96 'devic':134 'distribut':129 'effect':146 'effort':95 'encrypt':154 'even':124 'exact':102 'expos':11 'given':151 'headscal':13,57 'hijack/arp':136 'inform':35 'intercept':168 'introduc':113,120 'isn':8,17 'join':43 'key':32 'let':108 'like':68,115 'look':55 'm':79 'may':89 'mitm/dns':135 'node':37,44 'one':3,167 'openvpn':69 'overhead':123 'poison':137 'pretend':111 'public':31 'recommend':105 'replay':170 'root':131 'sent':157 'server':27 'servic':6,12 'signific':64 'smaller':65 'smallstep':106 'ssl/tls':82 'suggest':140 'sure':38 'surfac':62 'tailnet':22,47 'tailscal':1,7 'techniqu':144 'tell':72 'thing':114 'threat':40 'traffic':172 'trust':149 'tunnel':150 'upon':97 'use':28 'valu':155 'via':161 'work':87 'worth':93 'would':166 'zero':148"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6436919"
+editedAt: null
+createdAt: DateTimeImmutable @1704474084 {#1945
date: 2024-01-05 18:01:24.0 +01:00
}
} |
|
Show voter details
|
| 4 |
DENIED
|
moderate
|
App\Entity\EntryComment {#1366
+user: Proxies\__CG__\App\Entity\User {#1378 …}
+entry: App\Entity\Entry {#1856 …}
+magazine: App\Entity\Magazine {#312
+icon: Proxies\__CG__\App\Entity\Image {#293 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#320
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#284 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#280 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#269 …}
+entries: Doctrine\ORM\PersistentCollection {#227 …}
+posts: Doctrine\ORM\PersistentCollection {#185 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#247 …}
+bans: Doctrine\ORM\PersistentCollection {#164 …}
+reports: Doctrine\ORM\PersistentCollection {#150 …}
+badges: Doctrine\ORM\PersistentCollection {#128 …}
+logs: Doctrine\ORM\PersistentCollection {#118 …}
+awards: Doctrine\ORM\PersistentCollection {#107 …}
+categories: Doctrine\ORM\PersistentCollection {#94 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#321
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#315
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+parent: Proxies\__CG__\App\Entity\EntryComment {#2356 …}
+root: Proxies\__CG__\App\Entity\EntryComment {#2476 …}
+body: """
> Tailscale is one of those services…\n
\n
Tailscale isn’t an exposed service. Headscale is, and it isn’t connected to the Tailnet. It’s a control server used to communicate public keys and connectivity information between nodes. Sure, a threat actor can join nodes to the Tailnet should it become compromised. But have you looked at Headscale’s codebase? The attack surface is significantly smaller than anything like OpenVPN.\n
\n
> A cert tells you that you are actually…\n
\n
I’m all for ssl/tls, but it’s more work and may not always be worth the effort depending upon the application, which is exactly why I recommended SmallStep+Caddy. Let’s not pretend that introducing things like a CA don’t introduce complexity and overhead, even if it’s just distributing the root cert to devices.\n
\n
> MITM/DNS Hijack/ARP Poisoning…\n
\n
Are you suggesting that these attack techniques are effective against zero trust tunnels? Given that the encryption values are sent out of band, via the control channel, how would one intercept and replay the traffic?
"""
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1704474084 {#1769
date: 2024-01-05 18:01:24.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@thisisawayoflife@lemmy.world"
"@JustinAngel@lemmy.world"
"@TechLich@lemmy.world"
]
+children: Doctrine\ORM\PersistentCollection {#2355 …}
+nested: Doctrine\ORM\PersistentCollection {#2167 …}
+votes: Doctrine\ORM\PersistentCollection {#2424 …}
+reports: Doctrine\ORM\PersistentCollection {#2440 …}
+favourites: Doctrine\ORM\PersistentCollection {#2490 …}
+notifications: Doctrine\ORM\PersistentCollection {#2409 …}
-id: 282907
-bodyTs: "'actor':41 'actual':77 'alway':91 'anyth':67 'applic':99 'attack':61,143 'band':160 'becom':50 'ca':117 'caddi':107 'cert':71,132 'channel':164 'codebas':59 'communic':30 'complex':121 'compromis':51 'connect':19,34 'control':26,163 'depend':96 'devic':134 'distribut':129 'effect':146 'effort':95 'encrypt':154 'even':124 'exact':102 'expos':11 'given':151 'headscal':13,57 'hijack/arp':136 'inform':35 'intercept':168 'introduc':113,120 'isn':8,17 'join':43 'key':32 'let':108 'like':68,115 'look':55 'm':79 'may':89 'mitm/dns':135 'node':37,44 'one':3,167 'openvpn':69 'overhead':123 'poison':137 'pretend':111 'public':31 'recommend':105 'replay':170 'root':131 'sent':157 'server':27 'servic':6,12 'signific':64 'smaller':65 'smallstep':106 'ssl/tls':82 'suggest':140 'sure':38 'surfac':62 'tailnet':22,47 'tailscal':1,7 'techniqu':144 'tell':72 'thing':114 'threat':40 'traffic':172 'trust':149 'tunnel':150 'upon':97 'use':28 'valu':155 'via':161 'work':87 'worth':93 'would':166 'zero':148"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://lemmy.world/comment/6436919"
+editedAt: null
+createdAt: DateTimeImmutable @1704474084 {#1945
date: 2024-01-05 18:01:24.0 +01:00
}
} |
|
Show voter details
|
| 5 |
DENIED
|
edit
|
App\Entity\Magazine {#312
+icon: Proxies\__CG__\App\Entity\Image {#293 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#320
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#284 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#280 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#269 …}
+entries: Doctrine\ORM\PersistentCollection {#227 …}
+posts: Doctrine\ORM\PersistentCollection {#185 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#247 …}
+bans: Doctrine\ORM\PersistentCollection {#164 …}
+reports: Doctrine\ORM\PersistentCollection {#150 …}
+badges: Doctrine\ORM\PersistentCollection {#128 …}
+logs: Doctrine\ORM\PersistentCollection {#118 …}
+awards: Doctrine\ORM\PersistentCollection {#107 …}
+categories: Doctrine\ORM\PersistentCollection {#94 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#321
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#315
date: 2023-12-25 04:10:26.0 +01:00
}
} |
|
Show voter details
|