• 0 Posts
  • 11 Comments
Joined 1Y ago
cake
Cake day: Apr 27, 2024

help-circle
rss

Yeaaaaaaahh the auth thing is really, really complicated to selfhost. There’s a docker project out there that apparently makes it possible, but… No idea. FOr the time being I still use FF’s auth - that’s still an improvement though: Mozilla knows that I am logging in / from what kind of device, but not the content or amount of what I sync.


Probably… I mean, I’d at least start it in a systemd service, but sure, you don’t need a domain.

But of course your mobile won’t be able to access that domain outside your network


No idea - this is my firefox sync NixOS config, in its entirety:

  age.secrets.ffsync.rekeyFile = secrets.ffsync;
  services.firefox-syncserver = {
    enable = true;
    secrets = config.age.secrets.ffsync.path;
    settings.hostname = "localhost";

    singleNode = {
      enable = true;
      hostname = "0.0.0.0";
      capacity = 2;
    };
  };



You can also just selfhost Firefox sync!


Yep, that’s right. In theory you could share the encrypted DB with the public and not degrade security. (Still don’t do that though…)


I dont exactly like passkeys, but yes, from a technical standpoint, they do indeed solve Phishing


Oh, absolutely. In case it wasn’t clear, I’m against chatcontrol.


They don’t actually have to enforce that though. Rather, it’s a neat trick: if you do use encrypted chats, well, you’re purposefully doing something illegal! To hide information, no less! That surely means you have more to hide, and since you’ve already broken a law, let’s investigate further!

To be clear: I’m not saying this is the intended effect. But it is a frighteningly possible one. Anyone who has reason to hide their communication (regime critical activists, opposition politicians, investigative journalists,…) either have to

  • accept that their communication will be scanned, making it trivial to spy on them and use that information (legally, no less!) to hinder/stop them, or
  • do something illegal, giving pretext for hindering/stopping them since they’ve now committed a crime

Didn’t know about this, but sounds like a good cause.

Is there any legal risk involved with this? Is it recommended to run behind a VPN?