Why is flatpak a security risk? The applications run isolated and offer higher security, unless I'm missing something?

Both Stockholm and Gothenburg are really nice cities - they're pretty safe too unless you seek out drug lords or park your bike without a decent lock. Just don't come here during the winter - you'll be depressed by the lack of daylight.

Surface wasn't meant to run linux. Its a struggle to get it working on them.

/owner of 3 defenestrated surface devices.

I tried anytype during the alpha, but I understood early on that the data is crippled during export, and the self host node is very cumbersome to set up. Also, I had a gut feeling that it could turn into a enshittified product.

For my usecase, I could achieve my note taking needs by other more established, libre and less complex means.

I've been using a lot of different apps. Then I tried using tasker plugin along with dataview in Obsidian - but it was too convoluted. I settled on using vikunja for tasks that I need to keep track of, and the things I commit to goes into my "today" note in Obsidian.

Generally it is not advisable to have more than one source of information for your tasks, but this setup worked for me.

You have xing, but it's big in DACH countries only and its still owned/ruled by a company. Roll up our own website and socialize / network with like minded people on the fediverse instead.

Sorry for the off topic question, but what are the gains / constraints of using an identity / authentication service? Sure, you only are going to need to remember one password/identity. But each webapp must have support for the said protocol, and so does their clients, no? It does seem like a lot of work (and risk exposure) for little gain.

Please enlighten me if I'm missing something.

I'd only trust my MFA tokens to a (foss) application that has undergone a security audit. I don't known if ente has eitheras I never heard of them, but I think your choices are limited if you want support for both desktop and mobile.

Thanks for the elaborate answer!

Another fish and modern Unix user 🫶

PS. Try out lsd if you haven't already - a nice ls/eza/exa replacement.

There's so much you could do.

• have a reverse proxy for your services, as containers
• connect then through netbyrd or nebula if you want the FOSS route (or headacalescale)
• set up an IDPS, such as fail2ban, snort, etc
• Set up a backup job, there's many projects that does this well - check out Borg and kopia.
• since we're on linux, try out different shells. Zsh or fish are pretty popular and pretty to look at.

The risk that @regalpotoo mentioned is still unmitigated though, single user instance or not. At worst, the personal data can be exfiltrated. At best, the server can be used as a part of a botnet. Even if the software (nextcloud) would be patched, that doesn't help against exploits on a OS level.

Granted, one could run services inside a vpn and have some kind of preventive / monitoring controls, but you're still need to implement some kind of defense in depth in order to protect it.