Did you just suggest Linux has no vulnerabilities in any of its distros, and neither does any of the self-hosted services?

Afraid people will use known vulnerabilities in common self-hosted software.

So every answer is as good as you can get?

I’m afraid of security bugs in the software I’m using, so that containers don’t contain, read-only doesn’t prevent writing, mounting directories doesn’t restrict access to those directories, etc.

I’m a nobody, I can’t imagine anyone targeting me or my random domain, but I can imagine getting swept up in a net of attacks of opportunities targeting hosted software with known vulnerabilities, or injected supply chain vulnerabilities, so I want to reduce my attack surface as much as I can (while still actually letting the people I want to access it actually access it)

I’m kinda disappointed with this thread, I’m in a similar position to OP, but all the responses are just like “use a reverse proxy and make your URL hard to guess” and other measures which are not very secure. \

It seems like that’s about as good as you can get at the moment, because the mobile apps barf if you try to add in auth in front of the reverse proxy, but a lot of people seem to be providing this advice like it’s good enough rather than as good as you can get.

Some reverse proxies have an authentication layer.
But this typically breaks the jellyfin Mobile app.

Idk if geo whitelisting is really good enough. I can’t speak for OP, but I’m in the same position and I don’t. I had high hopes for the post but everyone seems to just brush over the “secure” part

How do you get the mobile app to connect?

“openclaw” 👀👀👀

The reason people use SaaS is because they have someone to sue when something goes wrong and you lose days of revenue.

How do you set up private resources to reverse proxy like public resources? I don’t want to have to change URL when I turn on my pangolin client

I may end up doing extra reverse proxies just because complicated configuration is better than complicated use. It kinda feels like there should be a way to do it right in pangolin, it seems like it’s right there lol.

Pangolin is built on traefik, and does all the reverse proxying I need (X sub-domain goes to Y port on Z home server).

I don’t really like the idea of n metroyska reverse proxis, both because conceptually it bothers me, but also because my needs seem simple and doesn’t seem like it deserves the extra complexity. The public resource reverse proxy works for everything I have.

I’m looking for a way to configure pangolin, which already routes property, to skip auth when the auth can be provided by the pangolin client.

Idk why people are downvoting you.

Reverse proxies like the one specifically mentioned, pangolin, have auth and user access rules.

I think that’s one of the major reasons to use pangolin over something like nginx - built in auth and support for oidc.

Of course, the native jellyfin apps don’t like the auth layer so idk if it helps if you’re trying to install it on your dad’s tv

what about that convinced you it’s nature?

All those boys were raised in a similar culture with similar influences regarding how boys should behave. You don’t have a control group.

What is your argument that that phase of boyhood is nature rather than nurture?

Kids that age are typically emulating their older peers, and things they’ve seen at school, in media, at home, in public, etc. if anything, I think that the behaviour difference we observe between adolescent boys and girls suggests that kids absorb gender roles very early. Even from before they can walk, the typical common toy selection differs greatly; girls get toys that teach them about working with people and caring, but get toys that teach them about manual labour(?!?!). Even if you don’t do that with your children, at school and daycare they’re surrounded by kids who are raised like that.

When my son was a preschooler, he loved to wear dresses, but as he approached school age he would wear them less and less, and completely stopped since he started school. I don’t think he grew out of it and we didn’t tell him to stop, but he learned that lesson from his peers.

All the abilities that set humans apart from other animals are social in nature, humans evolved to help each other (at least in small groups)

I agree with everything you said except that I think too much nurture is attributed to nature. I don’t think it’s human nature, i think this is the nature of our culture. To say it is human nature is, imo, unnecessarily fatalistic.

I did a better job explaining my position in another comment, the problem is one of culture. We live in a culture that pressures people to use AI in this bad way, and pressures the creators of AI to court bad people as customers, and throw away their ethics. If we weren’t in a rat race, I feel like a lot of the problems would go away.

But we live in the culture that we live in, and at some point you simply cannot practically view the technology in isolation.

I think that the problem, in both cases, is culture.

It’s not that either of those are bad, or bad for people; it’s bad for people of this culture or people of this society. It’s how the two intersect that is the problem.

It could be a tool that lifts up the worker or creative, but instead it’s a tool to devalue the creative and extract power and wealth.
It highlights that people with power get a different set of rules and laws than the rest of us, and they’re using that to further entrench and enrich themselves.