Comment by shadowgovt
3 years ago
Hackers go after two kinds of targets: centralized high-value targets and distributed targets with common failure modes, via scripting. There's definitely risk in centralization, but there's risk in distribution as well: known exploits take forever to patch out of the distributed ecosystem. There's a reason Microsoft became so aggressive about patching Windows: without the aggression, people didn't put the effort in and internet-connected desktops became weaponized.
I predict a correlation between small self-hosting projects and more entries on shodan.io. Your small home server is probably secure enough... Probably. But you're the sort of person that posts on a site called "hacker news..." How much should we trust the average soul to do the bare minimum to not get owned? Do we imagine they're checking in regularly on https://www.cvedetails.com/vulnerability-list/vendor_id-1723... ?
Keeping things patched to latest was difficult in the past, but it is much easier these days. Unattended upgrades run every day on my server, and I get an email from my server that tells me any issues and if packages or applications have updates available. I open the web UI on my phone and make a couple clicks to update them all. The community at Yunohost is one of a few maintainers who have really simplified things.