Ticketmaster database with credit card information got hacked years ago. I got an email confirming it and got a credit card transaction for about 1000 euros. Got a bit to explain and convince the credit card company, but they reversed it and blocked the card.
As for your case, just use very strong and unique passwords in a password manager like KeePass and you’ll be fine. It won’t hurt to rotate your password now, though.
It’s more likely the result of automated login attempts because your email is on a leaked list and they forced a password reset on you to protect your account.
Free as in freedom has always referred to the availability of the source code and the power to make changes to it.
That’s because each tab is sandboxed.
It’s good to be paranoid when it comes to IT security (and software development). 👍
Listen.
Don’t expose any port to any service if you don’t need it.
If you do, make sure it’s as secure as you can reasonably make it.
I’m not disagreeing.
I guess upstarts are expected to cut corners.
Sure, don’t open ports you don’t need. I said in a different here that I reject all expect IP ranges I’m in for home, mobile and work. That works for me. That blocks the vast majority of the world.
I agree with the other guy that I’m not a target for these vulnerabilities. They are rare and hard to exploit, and valuable. But the basic advice you give is good, obviously.
Don’t expose what you don’t need to expose. Still I have Immich and all of my photos on there. Good luck scamming me with threats of sending them to my family and work. 😀
Exactly. We’re not taking about hobby projects anymore.
Ah, now I remember. It took a quick configuration change to mitigate this. Still, I’d call this very rare.
I’m going side with @drkt@scribe.disroot.org on this one.
Does GitHub offer some sort of contract or agreement for those companies? Not an expert on these things, things like NDA’s, uptime guarantees, etc.
My code is hosted on our selfhosted GitLab instance. How many companies host their code on GitHub? I’m seriously asking…
I remember that one. Those are pretty rare and usually involve a specific configuration that is often not the default, though, right? When such a vulnerability is found, is it rightly so major news.
Not saved as Markdown files, but in a database. I prefer editing my own files when I need to. I prefer Silverbullet.
Does it do gym workouts like Hevy? I can’t tell from the description and screenshots. I think this is the area that is missing most in selfhosted apps.
Are you not rotating your logs with for example logrotate?
Iit’s an internal error that is not handled properly. They don’t want to tell you the exact error message and detailed information around that, because it would expose the internal state of the backend and that would be a security issue. There is really nothing more that they can tell you, except that a developer needs to look at this (and possibly thousands to tens or hundreds of thousands of similar logged errors) and they probably already are.
A supercomputer running Windows HPC Server 2008 actually ranked 23 in TOP500 in June 2008.
I’m getting these issues on Windows as well, to be fair.
Nice! Another one!