1. There are companies you can pay to physically shred your disk drives. You have to be able to trust them of course for this to work.

2. Or if you want to DIY, you can drill or smash your drives. Just wear eye protection, etc. Making the drives inoperative like this is the only thing I’d trust, but you can also software-wipe them first.

Maybe I’m being naive, but it seems like the biggest threat of unchecked AI is “just” the further concentration of wealth (among humans). Which, ironically, poses a catastrophic risk to humanity…

Wait, when did the action happen??

Unlike Twitter, Mastodon seems to rely much more on stable hashtags for discovery. That’s probably because there’s no “the algorithm” like on Twitter. So with Mastodon you very well can subscribe to hashtags and expect them to get reused over time.

Intolerance of intolerance is essential to a free society. https://en.m.wikipedia.org/wiki/Paradox_of_tolerance

Exactly.

Thanks for weighing in. That’s historically been my take as well, although as of this thread I’m starting to wonder if modern PHP can be better and/or particular projects can be.

Also team borgmatic here. ;)

Ehhh I would say then you have probabilistic backups. There’s some percent chance they’re okay, and some percent chance they’re useless. (And maybe some percent chance they’re in between those extremes.) With the odds probably not in your favor. 😄

I don’t know about pain-free. :D See my earlier post on the topic: https://lemmy.world/post/213870

But it might be worth it anyway depending on your needs! Trying out NixOS sounds cool though… I’ve been meaning to look into that.

No port forwarding needed and works behind CG-NAT—assuming your DNS server is hosted elsewhere.

That sounds like a good work-around!

Fair enough!

I’m not sure that analogy quite holds (it’s not like the Ryobi tools are left connected to the building as a critical component of the HVAC system or something), but I like the image anyway. :D

Yeah, publicly accessible in that it’d be reachable over HTTPS from the internet (and not behind a VPN), but password-protected. Thanks for weighing in on this!

Good to hear that many of PHP’s “bad old days” issues have been fixed. That lines up with what other commenters here have said. I actually wrote some PHP way back then but not since, and I think that may have unfairly colored my current-day views on the language.

That all seems prudent and reasonable. I guess some of my own anxiety is about how exactly I’ll evaluate projects like you’re talking about. I can (and do) certainly look at whether a project is actively developed before selecting it. Not just for security reasons… I don’t want to bet on a horse that won’t get updated with fixes and features. But for security in particular, I guess I was hoping for ways to evaluate that for a project… without exhaustively poring over its source. Maybe, to your point, the other mitigations you listed should be sufficient, and I should worry more about that side of things than picking the perfect project.

Totally. Preachin’ to the choir here. :D

Lol, I really appreciate your thoughts! These are exactly the sort of insights I came here for. I hope this is useful to others too who may be wondering about the same thing.

That makes sense. Maybe then the trick is to look at whether any particular app (PHP or otherwise) is written with modern security practices. How do you judge a project’s security practices though?

And then, yeah, maybe also lock it down in a container so the blast radius of any actual exploit is pretty minimal.