shadejinx

joined 1 year ago
[–] shadejinx@infosec.pub 1 points 8 months ago* (last edited 8 months ago)

I can kind of recommend Firewalla. They run all open source software under the hood, but their UI is their own. I'm not super impressed with some of the decisions they've made, but it works and has almost every feature a firewall/router device needs.

Things I like

  • VPN client support with selective VPN routing. Beats having to manually maintain a routing table for a VPN interface.

  • SSH access with sudo to root

  • comes with an Ad blocker, but can run pihole in a docker container. I find the onboard ad blocker paired with NextDNS via TLS is good enough.

Things I don't like:

  • UI is a phone app. WebUI is neutered. You will require all three (SSH included) to set up any advanced configs

  • SSH access is a pain to use.

  • Firewall rule creation is kind of a nightmare. I can see what they were going for, but they missed.

  • You can't easily configure the onboard IDS or Adblocker. You can dive into the filesystem if you want, but I don't wanna.

[–] shadejinx@infosec.pub 3 points 8 months ago

Proton Mail with a custom domain. The only reason why is that I had it before I knew Fastmail existed and it would be a pain in the ass to move my entire family to it. However, I was VERY tempted when 1Password put Fastmail temporary email support into their product.

Fortunately, Proton Mail just released their own temporary email product based on SimpleLogin.

[–] shadejinx@infosec.pub 9 points 8 months ago

Plot Twist: OP works at OpenAI and is asking "for a friend". :)

[–] shadejinx@infosec.pub 8 points 9 months ago (2 children)

I use ProtonMail like this. If you want multiple users, you either need a Family or Business plan. I started with Business Mail Essentials for my wife and I. I upgraded to Visionary to get more benefits that last time they had a sale.

[–] shadejinx@infosec.pub 3 points 11 months ago

Sync isn't backup, but proper versioning can be a very simple backup.

[–] shadejinx@infosec.pub 1 points 11 months ago

I sync multiple computers but not directly. Everything goes to the NAS and then anything I want to share comes from the NAS. That way versioning is on one device and not spread out all over.

[–] shadejinx@infosec.pub 24 points 11 months ago (5 children)

Syncthing is fantastic... once you get it set up.

First, the rough stuff. Syncthing is not user friendly to set up and use. If you want to sync something, you have to go to every device you want to share with and enable the share... for every folder. You can get through this by doing the Dropbox method of just sharing a single folder, but that will have it's own challenges if you want to only share certain files with certain devices or apply different versioning methodologies. All in all, it can get cumbersome.

Secondly, it's a dumb sync tool, meaning that it's not content aware. In your "editing the same note" example, Syncthing will fail. You'll get a conflict notification and be prompted to to pick which version is correct... and even that will be buried in Syncthing's interface that you'll have to go looking for. That specific scenario isn't what it was designed for.

Lastly, Syncthing will occasionally get hung up on syncing a file and clearing the error isn't straight forward.

Alright now for the good stuff. Once you get through all the above stuff, it just works. I throw it on every computer, phone and tablet I own, and I get (mostly) worry-free backups of all my important files synced to my NAS. And it has saved me MANY times.

There are multiple versioning methods, so you can be sure that if you accidentally delete something, it'll be there for you. You can set it to encrypt files on specific destinations, so if you wanted to sync to a VPC, you can ensure your folders are protected from prying eyes. You can exclude files, so those annoying .DS_Store files that macOS throws around don't end up on your other devices.

I use it to backup my Obsidian vault, but I don't use it to sync my vault to other computers. I pay for Obsidian Sync for that.