My bank doesn’t have a website and it makes me want to kill them.

It’s crazy that it’s even legal to only have an app

But that is only if I click quit, not if I close the app.

In ddg browser it clears when you close the app or when you haven’t used it for x amount of time.

Is there a way to make it forget sessions like librewolf?

I couldn’t figure it out and moved to duckduckgo

Don’t over think it, start small, a home server. Then add stuff, you will see that it’s not that crazy.

I personally have just one home server that locally creates encrypted backups and uploads them to backblaze.

This gives me the privacy I need as everything is on my server that I own while also having the backups on a big reliable company.

It’s not perfect but it fits my threat model

Try the docker version, pretty simple overall

I am surprised that no one mentions this.

Firefly III this is an amazing financial tracking and budgeting tool that literally saves me so much time and money, I even donate monthly since it’s so good and essential to me that I think it’s only fair that the developer gets something back.

That makes sense, the MiTM was still going on but you browser was not configures with the company CA

The computer probably has local security tools (such as an edr) that spy on you any way.

You need to assume it is completely compromised.

But… assuming this isn’t in violation of your company computer usage policy (which it very much might be and can put you in trouble) you can install any VPN (avoid spyware shit) and a different browser (ideally something a bit obscure, like librewolf) and this will bypass the MiTM as the the device that does the MiTM would be either:

A) a network device that hijacks the HTTPS requests (VPN bypass this)

B) the browser used by the company

C) some other kind of software that atteches itself to all browsers via admin installed extensions (obscure browser might not be recognised by such software, be sure to check the installed extensions after letting the browser run for an hour)

And once you are done you can check the certificate chain in the browser to confirm.

I run the official docker with mariadb and it was never an issue for me

One day I will setup my security onion, but I’m procrastinating

I have a router with dd-wrt and I have VLANS where only my “trusted” devices are and another for everything else (like smart things or guests)

But I get your point, thank you!

It does though doesn’t it? since every device needs to be authorized by me first

Arch which is great, but I want to move to FreeBSD or Proxmox for security reasons

Android!!

And like 5 different people I know have the same issue on android.

The only fix I was able to do was use molly-foss which doesn’t use google push notifications but it really drains the battery

For Signal to actually show notifications, I don’t understand how this bug still exists after years of it being known.

Use something like no-ip, you can get a domain for free and renewing it every 30 days with a few clicks is much easier then managing a CA.

The only downside is the TLD but if you don’t care to much about how your domain name looks it really is the best option.

I use no-ip with letsencrypt, the LE bot does the certificate stuff for me, I use a single domain with different ports for each service and no-ip sends an email every 30 days to reconfirm the domain. Simple and easy.

There is Ohmyform which is great but not updated at this point.

It’s really basic, I wouldn’t recommend it as a form builder, more like a nice added feature.

Been using Firefly III for a few years, great tool, good and frequent updates and the developer, while strict, is open for feature requests.