☁️ The Most Secure and Easy Selfhosted Home Server. Take control of your data and privacy without sacrificing security and stability (Authentication, anti-DDOS, anti-bot) - GitHub - azukaar/Cosmos...
If you have your own self-hosted data, such as a Plex server, or may be your own photo server, you expose your data to being hacked, or your server to being highjacked (even on your local network!).
It is becoming an important threat to you. Managing servers, applications and data is very complex, and the problem is that you cannot do it on your own: how do you know that the server application where you store your family photos has a secure code? it was never audited.
Even a major application such as Plex has been hacked in the past, and the data of its users has been exposed. In fact, the recent LastPass leak happened because a LastPass employee had a Plex server that wasn’t updated to the last version and was missing an important security patch!
That is the issue Cosmos Server is trying to solve: by providing a secure and robust way to run your self-hosted applications, you can be sure that your data is safe and that you can access it without having to worry about your security.
Yeah, no, thanks. That sounds 100% like some snake oil salesman trying to sell me nord vpn or some trash because HaCkeRs.
You know your way around, I’m sure of it. But I don’t, and I don’t have the time.
I want to self-host but don’t have the time to do it by manually by myself, I really appreciate the container automation it provides. I tried before doing it by using Docker Desktop, Podman Desktop, CasaOS, and failed miserably with all of them, or in the case of CasaOS it just didn’t automate enough. Cosmos targets oblivious users like me and it’s not wrong, it’s just different.
Then let me tell you this: Cosmos does not solve any of the risks they paint in their vision. You are lulled into a false sense of “security” after they frightened you.
It is becoming an important threat to you. Managing servers, applications and data is very complex, and the problem is that you cannot do it on your own: how do you know that the server application where you store your family photos has a secure code? it was never audited.
How do they fix this? Do they audit and approve all source code? Do they submit security patches to the apps they have in their repo?
In fact, the recent LastPass leak happened because a LastPass employee had a Plex server that wasn’t updated to the last version and was missing an important security patch!
How do they fix this? Auto updates? Those are going to bite you in the ass extremely hard at some point.
Things like this are completely untrue:
Additionally, because every new self-hosted applications re-implement crucial systems such as authentication from scratch everytime, the large majority of them are very succeptible to being hacked without too much trouble. This is very bad because not only Docker containers are not isolated, but they also run as root by default, which means it can easily be used to offer access to your entire server or even infrastructure.
Most tools currently used to self-host not specifically designed to be secure for your scenario. Entreprise tools such as Traefik, NGinx, etc… Are designed for different use-cases that assume that the code you are running behind them is trustworthy. But who knows what server apps you might be running? On top of that, a lot of reverse-proxies and security tools lock important security features behind 3 to 4 figures business subscriptions that are not realistic for selfhosting.
Yeah, no, thanks. That sounds 100% like some snake oil salesman trying to sell me nord vpn or some trash because HaCkeRs.
You know your way around, I’m sure of it. But I don’t, and I don’t have the time.
I want to self-host but don’t have the time to do it by manually by myself, I really appreciate the container automation it provides. I tried before doing it by using Docker Desktop, Podman Desktop, CasaOS, and failed miserably with all of them, or in the case of CasaOS it just didn’t automate enough. Cosmos targets oblivious users like me and it’s not wrong, it’s just different.
Then let me tell you this: Cosmos does not solve any of the risks they paint in their vision. You are lulled into a false sense of “security” after they frightened you.
What are they lying about?
How do they fix this? Do they audit and approve all source code? Do they submit security patches to the apps they have in their repo?
How do they fix this? Auto updates? Those are going to bite you in the ass extremely hard at some point.
Things like this are completely untrue:
Scaremongering and lies.
Can you explain your issue here? It’s free and open source. What is he “selling”?
I have explained my issues in my other posts. Do you have a specific question?
deleted by creator