You can’t know with certainty on Signal that the client and the server are actually keeping your messages encrypted at rest, you have to trust them.

With Matrix, if you self host, you are the one in control.

Just remember that Cloudflare decrypts and re-encrypts all your data, so they can read absolutely everything that passes through those tunnels.

edit: I think I’ve misunderstood the point of the article. In a non-obvious (to me at least) way, he is saying passkeys are dangerous for people without password managers, therefore for most people passwords are still better.

edit: I think I’ve misunderstood the point of the article. He is saying passkeys are dangerous for people without password managers, therefore for most people passwords are still better (since most people don’t use password managers). It’s not so much a problem with passkeys, but the lack of password managers.

Even in the best case scenario, where you’re using an iPhone and a Mac that are synced with Keychain Access via iCloud

Surely the better-case scenario would be using a password manager?

The article doesn’t address the recommended use-case of passkeys + password manager, which makes it kind of irrelevant.

They recommend SimpleFIN instead of Plaid: https://old.reddit.com/r/selfhosted/comments/1cmfk8x/actualbudget_has_anyone_written_a_plaid_importer/

Yes

You jumped to a conclusion on pricing and made a mistake, it’s ok, no big deal.

Lol you weirdo, I even said I did that:

https://lemmy.world/comment/12622960

Try clicking either of those links.

Regardless, this is a thread about self-hosted open-source budgeting, which is why I linked to Actual Budget. I have updated the first post to be the Github link instead to prevent confusion.

all I saw was pricing […] can you really blame me?

I mean I really can. They don’t have any paid option so you definitely didn’t see any pricing. They only have a big open source message:

You’re replying to my comment about Actual Budget, the very open source budgeting solution?

Net worth and investment tracking goes in my spreadsheets, budgeting in Actual Budget.

deleted by creator

Why not Actual Budget, which is also self-hosted, open-source bucket budgeting based off YNAB, however it appears to be a lot more mature.

They also transparently run the project on Open Collective which I like: https://opencollective.com/actual

Any cloud is a secure backup on Linux if you use rclone crypt :)

It works with Google Drive, Dropbox, One Drive, and countless others to create an encrypted cloud storage, where the cloud provider can never view your file contents.

Very true. The discussion helped me, as I did think it meant not easily editable.

As root of course you can change the system to be any other type of system (layer packages, rebase, whatever), but I did assume it meant not easily modifiable in it’s current state.

My comment in the comment chain was:

An attacker escaping from a container can’t be system root as Podman runs rootless (without some other exploit or weak password).

We could give the op the benefit of the doubt and thinking that they were saying that the attacker inside the container managed to gain root inside the container.

While you are correct, any system is compromised if you have root, so isn’t that irrelevant at that point?

Makes sense. An “immutable” distro provides no additional security benefit, however CoreOS does have a reduced attack surface area compared to other distros, which itself is a benefit.

edit: “Immutable” means “all of them are the same”, not “unchangeable”.

You sound confident, but the fact that Fedora is using the term “immutable” makes me wonder if you actually have domain expertise here.

Immutable means immutable. It would be strange for them to call it that if it actually means “completely irrelevant from a security perspective”.

Unless you provide some evidence to the contrary I’m going to assume you aren’t correct.