You can get the image SHA. If you then provide the corresponsig tag, that you used, an application could check if a new image is available. Or maybe if you use docker compose, the app could get the tag from the compose file, and even check for new tagged versions based on a specific pattern.
Wow, thats one kind of a project. I’m impressed. Though it doesn’t really fit my problem. It has to be something webbased, where everyone of us can use it without an app, without seeing each others information. From the github page it looks like a local tool. And also focused trading similar items. The presents in our secret santa are highly individualized, so randomly trading does not make much sense. And if the interface is too clunky, my non-tech siblings will just reject using it. I want to keep them from deciding for some free privacy nightmare app.
But I thank you for the suggestion. Its an interesting project
Security noob here. Would it be sufficient (in addition to only local authorized access) to directly put the file in an unprivileged container, watching its log output? And of course limiting resource use and execution time of the container (don’t know if common container tools like docker or podman have a way to limit resources out of the box)
So lets say a simple interface for the file upload behind an authentication service, based on lets say python cgi, ramping up an unprivileged nonroot docker container, killing the container after a fixed time (a few seconds).
That looks promising. And I can contribute with a translation for another language
I will try it, when I’m home again. The commit history starts and ends about 5 months ago, so yeah, probably not fully finished. Thanks for the suggestion
I run headscale on my VPS. The tailscale clients are already open source, though by default they connect to the companies servers for coordinating the net. Headscale is open source and replaces the companies servers with your own. Best to not rely on some corporate service, which could cease to exist or be enshittiefied.
Otherwise, you need to be some kind of freaking retro-engineering expert.
Nah, often software is stupidly easy to breach. Often its an openly accessable database (like recently with the Tea app), or that you can pull other data from the webapp just by incrementing or decrementing the ID in your webrequest (that commonly happened with quite a number of digital contact tracing platforms used during Covid).
Very often the closed source just obscures the screaming security issues.
And yeah, there are not enough people to thorouhly audit all the open source code. But there are more people doing that, than you think. And another thing to mind is, that reporting a security problem with a software/service can get you in serious legal trouble depending on your jurisdicting - justified or not. Corporations won’t hesitate to slap suit you out of existance, if they can hide the problems that way. With open source software you typically don’t have any problems like this, since collaboration and transparency is more baked in into it.
Relevant xkcd: Average familiarity
You severly overestimate the average persons tech literacy even when you try to correct for it. Booting from USB is already a really advanced topic.
Though creating a lemmy account is not that complex. Typically all you have to do is fill out a form on the websiten instructions included. The problem there is not the tech literacyn but the willingness of the people to even interact with systems they don’t know, like finding a home instance or understanding the concept of the fediverse. Most people could create a lemmy account, though also most people wouldn’t.
You are getting old, when you start specifying a whole century when talking about past experiences XD
If the recipient is technically inclined, then a kit for a mini tesla coil would be cool