Info Sec - Software Engineer - Game Designer - Mod Dev - Digital Artist
This is why though I appreciate what DDG is doing, it’s not informing users about the context of what these permissions are used for, leading to a lot of fear over the wrong things. The data may not even be leaving the device but the implication DDG makes is that it is.
As a side note, I prefer to use DNS66 to filter data and ads by domain, then manually set my Android app permissions as needed.
I’d like to think Typescript does a lot of heavy lifting where JS fails when it comes to web development. On the otherhand there is no fixing fundamental flaws in PHP.
Sure bad programmers write bad code, but if a language tolerates something so obviously janky via implicit unseen magic, it’s just encouraging bad practices. PHP makes this worse by tweaking core behaviours in weird and wacky ways that can easily lead to security vulnerabilities.
I’ve been working with PHP for two years now (not by choice) but I still sometimes forget the weird behaviours these not-arrays cause. Recently I was pushing/popping entries in a queue and it fucked the indexing. I had programmed it like I would any other sane language and it wasn’t until I was stepping through the bug I realised I had forgotten about this.
I hate PHP for so many more reasons. It baffles me why anyone would think it was a good idea to design it this way. Thankfully my current job involves actively burning it down and preparing for its replacement.
As someone else who uses Tailscale behind a CGNAT, this indeed works. I use it for accessing my home server from the office for a year now. You can’t quite self host anything public facing but anything on your tailnet can talk to it just fine.
Theoretically a VPS proxy into the server over the VPN could work for devices not capable of running tailscale but your mileage may vary.
I’d be interested in something like a lightweight CDN/replication with OAuth2 for logging into other instances. Each instance ‘replicates’ your original account but isn’t itself the master. One can be promoted to master in the event of an outage effectively migrating your account.
Would make for some difficult security considerations given a rogue instance could attempt to hijack authority.
Sums up every Node project I’ve had the displeasure of looking at. The lock file being the only thing holding the twisted web of versions keeping that franken-app running between a minefield of incompatibilities and buggy hacks.