Moneydance https://moneydance.com/
Started using it close to twenty years ago and keep using it because it seems fine.
Moneydance https://moneydance.com/
Started using it close to twenty years ago and keep using it because it seems fine.
I use QGIS, which needs to stay in sync with a number of Python packages and plugins. I have thought of using Nix for that, but am not sure if everything I need is packaged for Nix.
I’m using Conda now, a Python package member which seems more popular for this niche need.
I agree. Flatpak could be used to further lockdown what Firefox can do, but it has so much features and complexity that I also expect it to be difficult to successfully lockdown.
I would either start with a product that explicitly has just the features a web-kiosk needs or use something based on ChromeOS, which explicitly has a set of enterprise policies that are there to allow admins to lock down a fleet of Chromebooks as they need.
This is based on the security principle that a system is far more secure if you explicitly allow what you need vs trying to explicitly block or disable all the things you don’t want.
Over time, the features you need to allow your web kiosk needs maybe somewhat static and in your control, while all the features you need to disable in Firefox could be constantly evolving and put of your control if you are keeping Firefox up to date.
I like the project but use DIY Sway.
Rob Thomson skated across the US starting in 2006. Also from Switzerland to China.
I have a photo from that trip handing up poster size in my house. A random waterfall panorama.
Yes, particularly the variant distributed on a business-card sized CD rom. To be carried in your wallet for emergency use.
At one time there were browser extensions that allowed you to comment on any web page and allowed other extension users to see your comments.
The comments were hosted through the extension and not on the pages themselves.
Something like that would be possible but I don’t know anyone offering it now. I presume no one wants to moderate that.
I had a friend who liked to sulk around in a trench coat. He bought a grocery store donut and promptly tossed the receipt.
He was soon stopped by grocery security for theft. After some hassle they tracked down his receipt and let him go, but yeah that’s what donut receipts are for.
This coverage provides an example of what is sent, and it includes neither MACs nor HDD serial numbers.
Good example. It’s true that an even a GET request not designed to mutate data might still fail to validate input, allowing a SQL injection attack or other attack that escalates to the privileges that the running app has.
Immich has a whole set of end-to-end automated tests to ensure they don’t accidentally make public any URLs they went to be private:
https://github.com/immich-app/immich/tree/main/e2e/src/api/specs
As a popular open source project, that would be e glaring security hole.
Using this proxy puts the trust in a far less popular project with fewer eyeballs on it, and introduces new risks that the author’s Github account is hacked or there’s vulnerability in he supply chain of this docker container.
It’s also not true that you “never need to touch it again” . It’s based on Node whose security update expire every two years. New image should be built at least every two years to keep to update with the latest Node security updates, which have often been in their HTTP/HTTPS protocol implementations, so they affect a range of Node apps directly exposed to the internet.
Yes, there are broken uses of the HTTP protocol verbs where filtering to GET won’t work.
A simpler way to protect a private service with a reverse proxy is to only forward HTTP GET requests and only for specific paths.
It’s extremely difficult to attack a service with only GET requests.
The security of which URLS are accessible without authentication would be up to immich.
Some kind of horizontal deflection — a curve to the side can still be used to slow bikes near an intersection. But here the original design practically required getting off the bike to go through it, while the path around it will hardly slow bikes at all. So both attempts were failures.
Here’s example of a newly constructed protected bike lane which curves as it approaches an intersection to slow bike traffic.
I think you may be looking for a programmable keyboard.
With one, you can have arrow keys on the home row like vim, and make other universally recognized keys easy to reach including Home, End, PgUp, PgDn, App (right click), and all the modifiers. Some also build pointing devices into the keyboard as well.
I primarily use the Unicorne by Boardsource.
That’s something! But it doesn’t raise any money from people with other VPN providers or who don’t want to buy a VPN service.
Counterpoint: for those who prefer split ergo keyboards, the internal keyboard on laptops is rarely used.
A tablet where you can bring your own weird keyboard to pair with it is better.
Signal does a decent job of encouraging people to make one-time or ongoing donations to the service. I’ve supported them multiple times because they gave me a prompt to do so.
I don’t recall Firefox ever asking for a donation or subscription.
Mozilla could have allowed people the option to subscribe for a modest fee in addition to giving it away for free, to diversify their income and be less dependent on Google, but they have not been trying that hard to develop other revenue streams.
It’s so old it’s not called self-hosted.