Hi all,

As self-hosting is not just “home-hosting” I guess this post should also be on-topic here.

Beginning of the year, bleeping-computers published an interesting post on the biggest cybersecurity stories of 2023.

Item 13 is an interesing one. (see URL of this post). Summary in short A Danish cloud-provider gets hit by a ransomware attack, encrypting not only the clients data, but also the backups.

For a user, this means that a senario where, not only your VM becomes unusable (virtual disk-storage is encrypted), but also the daily backups you made to the cloud-provider S3-storage is useless, might be not as far-fetches then what your think.

So … conclussion ??? If you have VMs at a cloud-provider and do daily backups, it might be usefull to actually get your storage for these backups from a different provider then the one where your house your VMs.

Anybody any ideas or remarks on this?

(*) https://www.bleepingcomputer.com/news/security/the-biggest-cybersecurity-and-cyberattack-stories-of-2023/

  • @TCB13@lemmy.world
    link
    fedilink
    English
    1011 months ago

    I’m more worried about what’s going to happen to all the self-hosters out there whenever Cloudflare changes their policy on DNS or their beloved free tunnels. People trust those companies too much. I also did at some point, until I got burned by DynDNS.

    • @Dave@lemmy.nz
      link
      fedilink
      English
      111 months ago

      We start paying for static IPs. If cloudflare shuts down overnight, a lot of stuff stops working but no data is lost so we can get it back up with some work.

      • @TCB13@lemmy.world
        link
        fedilink
        English
        211 months ago

        They’re just creating a situation where people forget how to do thing without a magic tunnel or whatever. We’ve seen this with other things, and a proof of this is the fact that you’re suggesting you’ll require a static IP while in fact you won’t.

        • @Dave@lemmy.nz
          link
          fedilink
          English
          111 months ago

          Where I live, many ISPs tie public IPs to static IPs if they are using CG-NAT. But of course there are other options as well. My point was that the other options don’t disappear.

          Though I do get the point that Cloudflare aren’t giving away something for nothing. The main reason to me is to get hobbiest using it so they start using it (on paid plans) in their work, or otherwise get people to upgrade to paid plans. However, the “give something away for free until they can’t live without it then force them to pay” model is pretty classic in tech by now.

          • @TCB13@lemmy.world
            link
            fedilink
            English
            211 months ago

            However, the “give something away for free until they can’t live without it then force them to pay” model is pretty classic in tech by now.

            Yes, this is a problem and a growing one, like a cancer. This new self-hosting and software development trends are essentially someone reconfiguring and mangling the development and sysadmin learning, tools and experience to the point people are required to spend more than ever for no absolute reason other than profits.