zlacker

[parent] [thread] 12 comments
1. kibwen+(OP)[view] [source] 2025-01-05 13:49:50
> Just like people shouldn't just buy industrial welding machines, SCUBA equipment or a parachute and "wing it" I think the same can be said here.

I find this to be extremely sad.

Unlike welding or diving, there is no inherent physical risk to life and limb to running a server. I should be able to stand up a server and leaving it running, unattended and unadministered, and then come back to it 20 years later to find it happily humming along unpwned. The fact that this isn't true isn't due to any sort of physical inevitability, it's just because we, the collective technologists, are shit at what we do.

replies(4): >>darkwa+i >>lopken+P1 >>tossan+Wp >>notato+441
2. darkwa+i[view] [source] 2025-01-05 13:54:23
>>kibwen+(OP)
No. It's not so easy because in most cases you have to choose between security, flexibility and usability. Obviously it's not a 100% accurate example but generally speaking, it tends to be true. Sum it up over several decades of development and you get why we cannot have something that it's really really easy to use, flexible and secure by default.
replies(1): >>Gud+F7
3. lopken+P1[view] [source] 2025-01-05 14:14:25
>>kibwen+(OP)
What motivates this attitude? Software, like anything else, needs to be actively maintained. This is a positive sign of technology evolution and improvement over time. To expect to run some software for 20 years without needing to apply a single security patch is ridiculous, and probably exactly the attitude that caused the author to get himself in this situation.
replies(1): >>kibwen+a9
◧◩
4. Gud+F7[view] [source] [discussion] 2025-01-05 15:05:38
>>darkwa+i
We do, it's called FreeBSD. In my experience, many Linux distributions also qualify. To keep a modern *nix secure and up to date is simple.
replies(1): >>darkwa+Ke
◧◩
5. kibwen+a9[view] [source] [discussion] 2025-01-05 15:16:14
>>lopken+P1
> To expect to run some software for 20 years without needing to apply a single security patch is ridiculous

The whole point of my comment is that it's only "ridiculous" because of path dependency and the choices that we have made. There's no inherent need for this to be true, and to think otherwise is just learned helplessness.

replies(2): >>ocdtre+Tb >>oarsin+2c
◧◩◪
6. ocdtre+Tb[view] [source] [discussion] 2025-01-05 15:36:51
>>kibwen+a9
Better security design fixes this. Sandstorm fixed this for self-hosters ten years ago (Sandstorm is designed to run unmaintained or actively malicious apps relatively safely), but people are still choosing the quick and easy path over the secure one.
replies(1): >>ferfum+Mg
◧◩◪
7. oarsin+2c[view] [source] [discussion] 2025-01-05 15:39:11
>>kibwen+a9
Has there ever been any production software ever written that didn’t suffer from some kind of bug or exploit?

I don’t think imperfection is a choice we’ve made. I think imperfection is part of our nature.

That said, the current state of software development is absolutely a choice, and a shockingly poor one in my opinion.

◧◩◪
8. darkwa+Ke[view] [source] [discussion] 2025-01-05 16:02:36
>>Gud+F7
Which would help exactly 0 in this scenario, where someone is exposing a port directly on the Internet. Also, FreeBSD is even more niche than Linux, I doubt it would stand the average user stress test.
replies(1): >>Gud+9i
◧◩◪◨
9. ferfum+Mg[view] [source] [discussion] 2025-01-05 16:17:42
>>ocdtre+Tb
This is so true.

Sandstorm has been part of my selfhosted stack since it was a start-up, and it has worked for a decade with virtually zero attention, and no exploits I am aware of.

If there are other hosted apps that want a really easy on-ramp for new users: packaging for sandstorm is an easy way to create one.

◧◩◪◨
10. Gud+9i[view] [source] [discussion] 2025-01-05 16:28:11
>>darkwa+Ke
Absolutely it would because jails doesn't do weird shit like this from the get go. With FreeBSD, you have to deliberately open ports, not the other away around. I don't understand your second sentence. "average user stress test"??
replies(1): >>diggan+1P
11. tossan+Wp[view] [source] 2025-01-05 17:30:30
>>kibwen+(OP)
There is quite a distance from

> stand up a server and leaving it running, unattended and unadministered

to, what was my proposition, maintain a server with active access from the internet.

Just what you describe I do myself: I have several home server running, but none accept incoming connections from the internet and the sec surface is much smaller.

◧◩◪◨⬒
12. diggan+1P[view] [source] [discussion] 2025-01-05 20:47:12
>>Gud+9i
> With FreeBSD, you have to deliberately open ports

The issue outlined in the article happened because the author deliberately open their service to the public internet. Replacing Linux with FreeBSD wouldn't have prevented the compromise.

13. notato+441[view] [source] 2025-01-05 23:03:45
>>kibwen+(OP)
>Unlike welding or diving, there is no inherent physical risk to life and limb to running a server.

good news! there is no inherent risk to life or limb because you left your server exposed. As OP discovered, you might come back to find it running a crypto miner. and that's just really not that big of a deal. maybe we're not all shit at what we do, but rather we have appropriately valued the seriousness of the risks involved, and made the decision that locking everything down to be impossible to hack isn't actually worth the trade-offs to usability, convenience, and freedom.

you can leave your iPad running, unattended, and unadministered for 20 years if that's what you wanted, and come back to find it un-pwned.

[go to top]