zlacker

[return to "A story on home server security"]
1. Algebr+83[view] [source] 2025-01-05 13:21:45
>>todsac+(OP)
Tailscale is a great solution for this problem. I too run homeserver with Nextcloud and other stuff, but protected behind Tailscale (Wireguard) VPN. I can't even imagine exposing something like my family's personal data over internet, no matter how convenient it is.

But I sympathize with OP. He is not a developer and it is sad that whatever software engineers produce is vulnerable to script kiddies. Exposing database or any server with a good password should not be exploitable in any way. C and C++ has been failing us for decades yet we continue to use such unsafe stacks.

◧◩
2. mattri+j4[view] [source] 2025-01-05 13:33:29
>>Algebr+83
> C and C++ has been failing us for decades yet we continue to use such unsafe stacks.

I'm not sure — what do C and C++ have to do with this?

◧◩◪
3. timcam+25[view] [source] 2025-01-05 13:42:01
>>mattri+j4
They are not memory safe by design. See: https://xeiaso.net/blog/series/no-way-to-prevent-this/

Of course all languages can produce insecure binaries, but C/C++ buffer overflows and similar vulnerabilities are likely what AlgebraFox refers to.

◧◩◪◨
4. mattri+C5[view] [source] 2025-01-05 13:48:55
>>timcam+25
> They are not memory safe by design

I'm aware of that, but the C/C++ thing seemed more like a rant, hence my question.

I've searched up the malware and it doesn't seem to use memory exploitation. Rust is not going to magically protect you against any security issue caused by cloud misconfiguration.

◧◩◪◨⬒
5. lopken+T7[view] [source] 2025-01-05 14:17:57
>>mattri+C5
What is the point you're trying to make here? Are you waiting for some malware that exploits a buffer overrun to infect you before conceding that C/C++ is a terrible choice for memory-safe code?
[go to top]