A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
- Don’t promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
- 0 users online
- 108 users / day
- 435 users / week
- 1.32K users / month
- 4.54K users / 6 months
- 1 subscriber
- 4.53K Posts
- 114K Comments
- Modlog
As a non-coder interested in self hosting and somewhat aware of cybersecurity, this is the most relevant take for me.
An application that facilitates safe self-hosting of many different service is great, however for it to be actually safe and useful it must either be a cybersecurity service keeping up with the pace of threats (which is essentially the corporate closed source model) or from the ground up be an educational platform as much as an application. Documentation needs to not only be comprehensive, but also self-explanitory to a non-technical audience. It is not enough to state that a setting or feature exists, it must also be made clear why it should be used and what the consequences of different configurations are.
This approach is almost never done effectively by FOSS projects unfortunately. Fortunately I think we are at the point where it is completely feasible for this type of educational approach to be fully replicable and adaptable from a creative commons source to the specific content structure of the application user manual using LLMs (local ones). The big question is, what is the trusted commons source of this information? I suppose there are MIT and other top university courses published for open use online that could serve as the source material, but it seems like there is likely a better formatted “IT User Guide Wiki” and “Cybersecurity Risk and Exploit Alert List” with frequent updates out there that I’m not aware of, perhaps the annals of various cybersecurity and IT associations?
Anyway I’m aware this is basically calling for another big FOSS project to build a modular documentation generator, but man would it help a lot of these projects be viable for a wider audience and build a more literate public.
We created Safebox mainly to make self-hosting easier, and proper, complete documentation is definitely something we want to provide, it’s already in the works. We also thought a lot of people might learn from it, but the scope is huge, so we’re still figuring out the right balance.
Should we cover the basic concepts too? How deep should we go? Introducing the software itself is the easy part, explaining all the related concepts in a clear, non-technical way is the real challenge.
Our goal isn’t to turn Safebox into a full-on cybersecurity course, but we do want users to understand what’s happening and why certain features matter, so they don’t feel lost.
As for the sources you mentioned, I have to admit I’m not entirely sure either. During my university studies I only touched on cybersecurity partially, mostly around the risks users face and how they respond. Yes, there definitely needs to be some basic guidance on security, what the main risks are and how to keep yourself safe. Honestly, I think this could work even better as a community project, where different people can contribute their own approaches and share experiences on how they protect their setups and what has worked for them.
Thinking about implementation, it seems like tooltips would be a great way to handle this. Linking out from the tool tips to some kind of more comprehensive outside IT/cybersecurity resource would be a good bonus. Tool tip text generated by llm could take some of the heavy lifting.