• 0 Posts
  • 24 Comments
Joined 1 year ago
Cake day: June 17th, 2023
  • kolorafa@lemmy.worldtoSelfhosted@lemmy.world"PSA: Update Vaultwarden as soon as possible"English
    3·
    3 months ago

    Totally agreed, but there are pros and cons.

    File - harder to steal but once stolen hacker can bruteforce it as much as it wants. Web service - with proper rate limits (and additional IP whitelist so you can only sync on VPN/local network) - its harder to bruteforce. (But yes, you (sometimes) have also full copy locally in the local client, but …)

    If it was only for me I probably would also go with KeePass as you will not update the same db at the same time, but with with multiple users it’s getting unmanageable.

    I just got triggered as those CVEs are not that bad due to the nature that the app encrypts stuff on the client side so web server is more like shared file storage, while your answer suggested to switch to a solution that doesn’t work for a lot of people (as we already tried that).

  • kolorafa@lemmy.worldtoTechnology@lemmy.worldAd Blocking Infringes Copyright? Ancient Sony Cheat Lawsuit May Prove PivotalEnglish
    1·
    3 months ago

    Just because you send me malware after some text I wanted to read (in http response), don’t give you rights to force me to execute the malware.

    Just because I have your book (or page) and look at part of it doesn’t give you the right to force me to read it in full or dictate how I’m reading it.

    I have every right to reveal/read only part of the book/page. We didn’t sign any agreement, if you want me to first look at the part you want to or agree to some license nothing stopping you to do, stuff like paywall or subscription exists…