Bitwarden.
My recommendation: Don’t use Vaultwarden (self hostable server side of bitwarden. Really easy to run and use). Why? You’re not a security personal, and securing your vault isn’t your job. You might do a slight mistake that’ll lead to the compromise of your vault.
The people at Bitwarden have their work dedicated to securing the vaults and all they do is security. And they’ll probably do it better then you. When it comes to serious matter, I prefer to trust the professionals.
I’m happy with SearXNG. At the time I had issues with each search engine, and this meta search engine is great for me.
You can run one locally on your device, or connect it to a domain like I did, so I use it everywhere: seek[.]agurav[.]xyz You’re welcome to try mine, or use it daily. it’ll blend my own activity a bit so it’s good for me. For u, you’ll have to trust my word that I don’t sell your data or something. ¯_(ツ)_/¯
Ultimately, give it a try, and then host your own or use a public instance that you trust.
Exactly. It’s sorta like all or nothing. If they share this, go figure what else. And maybe you misunderstood or missed some other parts.
Noticed errors in newpipe recently too. Did you try Firefox with ublock? In mobile u can enable background something too.
Will Freeman
fr?
I got a stroke trying to read it.
had to be evacuated to hospital…
then I’ll let you know when I deploy it. didn’t do it yet, might do it today, maybe later.
this looks very good I’ll try this at home
No, but I have free instance on Oracle Cloud and that’s where I’ll run it. If it’s too slow or no good I’ll stop using it but there’s no harm trying.
thanks. I’ll give it a try
Why don’t you send nudes to your ex? they’ve already seen you naked before
if you’ll have more connections or mentions on other IPs or websites, that’ll grow the chances of them scanning your IP too.
You should read about how their crawler decide what to crawl and when*. After all, there’s 4 Billion IPv4 addresses, and much more IPv6 (tho I don’t know how much of them are used), and they don’t just randomly spin up numbers to scan.
yes, you’re right. my message was unclear, I see now. While I do self host many other things, I just didn’t want to take the risk regarding my password manager.
Just the reason why I stopped using Vaultwarden and returned to Bitwarden (EDIT: ditching self hosting the password manager).
I’m not specialized in this, can’t update right away, might not know of all security vulnerabilities I have - better leave it for the professionals.
thanks for bringing that up
that’s not to wear off of the importance of awareness. you should be aware always, even if you don’t take action.
Obviously I’m not avoiding it all together, but I’m taking a step in the right direction.
And it’s not just replacing Google by CF, because CF has much less access in comparison as I explain.
you can deploy some zero trust models in your setup, and eliminate the threat even further. for example end to end encryption
mind elaborating?
If I let them handle the TLS for me then I can see that. but if, for example, I’m using NextCloud, which implement end to end encryption from client to server, then I wouldn’t care if they did, no?
Let’s say I have an unupdated patch and my server is now vulnerable.
This could really happen. I have work and life to worry about and I might not notice.
This vulnerability, could be in the BW instance itself (say the web server or the backend itself), or in the server itself (say an old OpenSSH version), or another service (NextCloud instance hosted in the same server under a different subdomain).
So, first we see it’s a big attack surface. In any of those entrances an attacker could gain access to my server and with it the vault. It’s a short way from there to install a keylogger on the website where BW is hosted, and get my master password ¯_(ツ)_/¯.
Now take into consideration that I just sat a couple of minutes to think about this, and I’m not a professional in cyber security or web security. Neither blue nor red team. A professional, with more knowledge, time, experience and resources, could probably bring up much more things.