yes, you’re right. my message was unclear, I see now. While I do self host many other things, I just didn’t want to take the risk regarding my password manager.
yes, you’re right. my message was unclear, I see now. While I do self host many other things, I just didn’t want to take the risk regarding my password manager.
Just the reason why I stopped using Vaultwarden and returned to Bitwarden (EDIT: ditching self hosting the password manager).
I’m not specialized in this, can’t update right away, might not know of all security vulnerabilities I have - better leave it for the professionals.
I knew this would be a waste of time! *loads gun
that’s not to wear off of the importance of awareness. you should be aware always, even if you don’t take action.
Obviously I’m not avoiding it all together, but I’m taking a step in the right direction.
And it’s not just replacing Google by CF, because CF has much less access in comparison as I explain.
you can deploy some zero trust models in your setup, and eliminate the threat even further. for example end to end encryption
mind elaborating?
If I let them handle the TLS for me then I can see that. but if, for example, I’m using NextCloud, which implement end to end encryption from client to server, then I wouldn’t care if they did, no?
tl;dr: classic convenience/privacy. depends on your threat model. surely better than Google. models of zero trust will help.
That’s a great question, that I have asked myself before too. It doesn’t have one answer, and any one would make their own choices based on their own respective threat model. I’ll answer you with some of my thoughts, and why I do use their services.
I’ll take as an example my usage of NextCloud, coming as a replacement to Google Drive for example.
let’s break up the setups:
It’s oversimplified, but to the point: In Google’s setup, you have control of 0 out of three things.
In NextCloud’s setup,
From just this look, NC is clearly better off. now, it’s not perfect, and each one will do their own convenience vs privacy deal and decide their deal.
If you deploy some sort of e2ee, the severity level of CF drops even more, because they’re exposed to less data. specifically for NC they do do e2ee, but each solution to its own. https://nextcloud.com/encryption/ this goes as an example for zero trust model. if you handle the encryption yourself (like using an e2ee service), you don’t have to trust the medium your data is going through. like the open internet.
gotta admit I haven’t read the ToS, but I didn’t encounter any problems. I’m streaming GBs of music via the tunnel and it still works. p2p I didn’t try, but I don’t really see a reason to?
another option is to use Cloudflare’s tunnels. it’s free, I use it all the time. really great.
yeah that’s very odd…
if you’ll have more connections or mentions on other IPs or websites, that’ll grow the chances of them scanning your IP too.
You should read about how their crawler decide what to crawl and when*. After all, there’s 4 Billion IPv4 addresses, and much more IPv6 (tho I don’t know how much of them are used), and they don’t just randomly spin up numbers to scan.