Comment by hifikuno
5 days ago
Yeah, I made a mistake with my config. I had setup SWAG, with Authelia (i think?). Got password login working with 2fa. But my dumbass didn't realize I had left ports open. Logged in one day to find a terminal open with a message from someone who found my instance and got in. Called me stupid (I mean they're not wrong) and all kinds of things and deleted everything from my home drive to "teach me a lesson". Lesson painfully learnt.
But before that happened Webtop was amazing! I had Obsidian setup so I could have access on any computer. It felt great having "my" computer anywhere I went. The only reason I don't have it set up is because I made the mistake of closing my free teir oracle cloud thinking I could spin up a fresh new instance and since then I haven't been able to get the free teir again.
> deleted everything from my home drive to "teach me a lesson". Lesson painfully learnt.
I had a mentor in my teenage year that was the same kind of person. To this day the only meaningful memory I have of him is that he was an asshole. You can teach a lesson and be empathetic towards people that make mistakes. You don't have to be an asshole.
The lessons we learn best are those which we are emotionally invested in and sometimes that emotion can be negative, but a lesson will be learned regardless.
LOL! That's why we still smack kids' hands with a stick if they answer a question in school wrong. Because it emotionally sticks and definitely does not cause any psychological issues.
Sure. But you don’t have to deliberately destroy all data and be mean about it as in GP‘s case to get an emotional reaction.
> The only reason I don't have it set up is because I made the mistake of closing my free teir oracle cloud thinking I could spin up a fresh new instance and since then I haven't been able to get the free teir again.
People are automating the process of requesting new arm instances on free tier [1]. You would find it near impossible to compete without playing same game
[1] https://github.com/mohankumarpaluru/oracle-freetier-instance...
Well, I know what I’m doing tomorrow when I get up.
I had the same thing happen to me. I tried running a script for a month without luck (Sydney region). What did work was adding a credit card to upgrade to a paid account - no issues launching an instance, and it's still covered under the free tier.
There are operations that put cryptominers into any unauthenticated remote desktops they can find. Ask me how I know... Way friendlier than wiping your data though.
There are groups of people who hunt for writeable ftp servers to be used for random filesharing. At least this used to be a thing
> Lesson painfully learnt.
There are actually two lessons there:
1. Be careful what you open to the public internet, including testing to make sure you aren't accidentally leaving open defaults as they are.
2. Backups. Set them up, test them, make sure someone successfully gaining access to the source box(es) can't from there wipe all the backups.
An offline backup is incredibly inconvenient, but also very effective against shenanigans like these.
Also agree that backups should be "pulled" with no way to access them from the machine being backed up.
I use a soft-offline backup for most things: sources push to an intermediate, backups pull from the intermediate, neither source not backup can touch each other directly.
Automated testing for older snapshots is done by verifying checksums made at backup time, and for the latest by pushing fresh checksums from both ends to the middle for comparison (anything with a timestamp older than last backup that differs in checksum indicates an error on one side or the other, or perhaps the intermediate, that needs investigating, as does any file with a timestamp that differs more than the inter-backup gap, or something that unexpectedly doesn't exist in the backup).
I have a real offline backups for a few key bits of data (my main keepass file, encryption & auth details for the backup hosts & process as they don't want to exist in the main backup (that would create a potential hole in the source/backup separation), etc.).
But you can have Obsidian access from any device already if you easily setup syncing using the official method (and support the project by doing so) or one of the community plugins. Doing it this normal way avoids opening up a massive security hole too.
* any device you have admin rights to install software on, they are talking about being able to log in from any computer, not just their own
It surprises and annoys me that obsidian, logseq, etc don't have self hosted web front ends available. I think logseq will once they wrap up the db fork, and maybe someday we'll have nuclear fusion powerplants too.
Ahhh that makes perfect sense, thank you. I'm so used to always having my phone this didn't even cross my mind.
No backups?