You patched the annoying "crash-on-start" bug! ๐ I was collecting diagnostics to help nail it down, but you guys were faster. Keep up the great work! ๐๐๐
_Nemo_
joined 1 day ago
Leave the poor Russian bot alone. Shilling fossile tech and vilifying Europe for responding to Russia's aggression is hard enough as it is.
Qwant is nice, but it keeps blocking my VPN and locks me out if I happen to use a non-European exit node ("We're not offering Qwant in your region"). And I'm not pulling down my mask for a fucking search engine.
If you're willing to put up with Duckduckgo but hate AI search, there's https://noai.duckduckgo.com/
Thank you! While that does allay most security concerns, it does beg the question how useful such a vulnerability tracker is if it doesn't actually show any relevant vulnerabilies and you constantly have to second-guess what it says. Warning signs that aren't actually warnings because it's "just a false alarm" quickly teach personell to not take warnings seriously - unti, onel day, it's not a false alarm...
Thanks for your detailed reply!
To make that happen, the attacker must [...] already have access to the server to upload and process the file, which means that security has already failed.
Do I correctly assume that by axis you mean shell or even root level access? If not, any of my regular users (turned rogue...) could upload a poisoned raw file which nextcloud would process to, for instance, generate a thumbnail.
I don't see the problem with that. It's what I've done with every single disk I own. Why would I bother with badly-written menus, pointless extra content and tons of ads and copyright warnings I need to sit through before I can watch what I paid for?