Welcome 👋

Recently, I’ve been using a GL.iNet Beryl travel router for my home network. I purchased it for a road trip, then liked it well enough to continue using it as my primary home router. I use its guest network feature for my IoT devices, to keep them segregated from my main LAN (I also use it as my only 2.4 GHz network, since I don’t really trust band steering). This works well enough, but comes at a cost: mDNS broadcasts from devices on the guest network don’t reach devices on the LAN. In particular, I have a Brother laser that I’d like to be able to use with AirPrint from the LAN. ...

Update 3/28: The devs have announced that the auth system is to be deprecated. See details below. About a month ago, I went looking for a dashboard for my homelab—something to help visualize the services I run. I found Dashy, a popular (14.6k GitHub stars) dashboard designed for self-hosters. I deployed it and started configuring it, but noticed that something about its authentication felt off. I started digging and quickly found its security to be borderline useless, permitting unauthenticated reads and writes of its configuration. I’m sharing my findings here with the goals of encouraging self-hosters to think critically about their apps and to encourage developers to document their app’s security with care. ...

tl;dr: Don’t put yourself in a position where you ignore alerts. Don’t update your software without reading release notes. And especially don’t make assumptions about error handling in bash scripts! ...