I'm not sure if you're asking if it is better to use the same password with 2fa, or questioning a claim that it is (which I didn't see in the article). If it's the first, no it is not better to re-use a password with 2FA.

2FA is meant to prevent someone from accessing the account if they only have your password. The problem with re-use is they can attempt that same password on other services, which may or may not support 2FA, or may have flaws in their 2FA implementation.

Also, many services will "give away" that the attacker has the right password by reacting differently if they enter the wrong password vs the right one, such as only showing the 2FA prompt if they have the right password.

Using unique passwords AND 2FA is far better, as it means an attacker must start from scratch for every service they wish to attack, and still requires compromise of your 2FA device in addition to finding out your password.

Matrix itself isn't a thing, Matrix is a spec/protocol. Synapse and continuwuity are implementations of the server, with synapse being the "reference implementation." Client apps like Element (the reference client) would be good to have there, but I'm not sure selfh.st will want to list clients because there is quite a few.

I get the impression they meant AI as in general "Artificial Intelligence", rather than the buzzword AI used to describe LLMs.

CA unreachable means no renewals, but identity verification (login) is offline. As long as certs renewed fine, connection to the CA is not needed.

Totally worth mentioning, some LG OLED TVs are able to be jailbroken and run homebrew software!

https://www.webosbrew.org/

It can block firmware updates and telemetry, so no spying and no surprise "feature" additions.

@wesker@lemmy.sdf.org if it helps, the Symfonium dev is open to de-googled licensing via Ko-Fi donations. See the forum post here: https://support.symfonium.app/t/how-can-i-pay-for-symfonium-without-google-play

Per Tolriq's responses there, you can get the APK safely from the Aurora Store.

It probably would be easier to just write an "update Caddy" script. They don't release updates very often, except for security fixes, so it's not much effort to do manually. I automated mine with Forgejo Actions, you could do the same with GitHub actions as a free option for example. Lots of neat ways to accomplish this!

Xcaddy is a build tool. Caddy plugins are built into Caddy itself for optimization purposes, so xcaddy essentially makes you a custom version of Caddy. It only conflicts with Caddy so much as building a new version would conflict with the old version. You still get a normal "Caddy" executable after running xcaddy, just replace your existing Caddy with the new one created by xcaddy!

It may be mostly "security theater" but it requires almost no extra effort and drastically increases the difficulty of compromise by adding privilege escalation as another requirement to gaining root access.

It helps protect you because if the application in question is compromised in any way (or has a flaw, i.e. an accidental rm -rf /*), the only access it has is limited to the user it is run as. If it is run as root, it has full administrative privilege.

I run the setup you're aiming for, and as the other guy said, DNS challenge is the way to go. That's what I do, and it works beautifully. It even works with Caddy auto-https, you just need to build Caddy with the cloudflare-dns plugin.

I personally like ligatures when I'm programming. It took me some getting used to, but now I can't live without them due to how distinct it makes the code segments. I fully understand disliking them though. Thankfully fonts like source code pro allow disabling features like ligatures and their godawful handwriting styled italics, so you're able to use just the parts you like.