• 0 Posts
  • 6 Comments
Joined 1 year ago
cake
Cake day: June 3rd, 2023

help-circle
  • Just SSH. Every public facing piece of software (I.e. a web interface) adds more complexity for misconfiguration or security vulnerabilities.

    You can mount you remote filesystem locally and use your local file manager and text editors to manage most tasks. If you use ansible you can make changes to a local configuration and deploy the state to the server without needing to run anything special on the server side. It is especially effective if you also run docker.

    And for monitoring I usually just have a tmux with btop running. Which is fine if you don’t need long term time series data, then you might want to look at influxdb/grafana - but even those I would run locally behind a firewall, with the server reporting the data to the database.



  • frustbox@lemmy.mltoPrivacy@lemmy.mlPay with Palm
    link
    fedilink
    arrow-up
    62
    arrow-down
    2
    ·
    1 year ago

    One scar away from losing access to your ability to pay …

    Biometrics can not really be changed. Except maybe through time or trauma (i.e. age or injury). They can be used to uniquely(?) identify a person - except maybe twins - at the expense of anonymity, which has it’s own set of problems.

    But because they can not easily be changed they’re a terrible security feature. Once they leak, they’re unusable and you’re hosed. You can’t issue a new palm print for your bank account like you could a new chip card and password.

    Also, just because you waved your hand over a scanner does not mean that you approve and consent of the transaction. With tap to pay there were ideas of mobile point of sales devices just tapping on peoples backpacks in a crowded area. You don’t even keep your biometrics markers in your pocket, they’re just out in the open for anyone with a camera. This may be bordering on paranoia, but a few years back (2014) German hackers from Chaos Computer Club took iris scans from Angela Merkel (then Chancellor of Germany) and finger prints of Ursula von der Leyen (then Minister of defense) using nothing but press fotos. Cameras have only gotten better.

    TL;DR: Biometrics can be used for identification but should never be used for authorisation.


  • Why you should care?

    Because the debate is not about whether or not you have something to hide.

    It’s about your right to consent. You should have the right to say no. And you should have the right to change your mind for any reason. You should have the right to regain control of who can store, access or process your data.

    Depending on where you live you may have such rights, or you may not. And the political debate is about granting, strengthening, weakening or revoking these rights. And you should care about having these rights, whether you use them or not.