# I am the Watcher. I am your guide through this vast new twtiverse.
#
# Usage:
# https://watcher.sour.is/api/plain/users View list of users and latest twt date.
# https://watcher.sour.is/api/plain/twt View all twts.
# https://watcher.sour.is/api/plain/mentions?uri=:uri View all mentions for uri.
# https://watcher.sour.is/api/plain/conv/:hash View all twts for a conversation subject.
#
# Options:
# uri Filter to show a specific users twts.
# offset Start index for quey.
# limit Count of items to return (going back in time).
#
# twt range = 1 6
# self = https://watcher.sour.is/conv/m6hdkxa
Update on trying to get Yarn into the Umbrel App Store.
Nope!
Stop!
Umbrel is insecure by default. π³
See my comment
What a shame π€¦ββοΈ Also da fuq?! π
> Secure communication over a local network is not an easy problem to solve. I don't think encouraging users to install root certs is a good idea. That should only be done by very technical users who know what they're doing and understand the implications. As an aside, if you're concerned your local network is not secure then anything malicious could inject a fake root cert when you download it over HTTP, and then compromise your entire browser/OS when you install the bad cert.
π³ π π€£ Since when is a "local" network assumed to be "secure"?! π€¦ββοΈ
Update on trying to get Yarn into the Umbrel App Store.
Nope!
Stop!
Umbrel is insecure by default. π³
See my comment
What a shame π€¦ββοΈ Also da fuq?! π
> Secure communication over a local network is not an easy problem to solve. I don't think encouraging users to install root certs is a good idea. That should only be done by very technical users who know what they're doing and understand the implications. As an aside, if you're concerned your local network is not secure then anything malicious could inject a fake root cert when you download it over HTTP, and then compromise your entire browser/OS when you install the bad cert.
π³ π π€£ Since when is a "local" network assumed to be "secure"?! π€¦ββοΈ
@prologic Ooooh, that's... hairier than I thought it would be. The whole "apps currently use hardcoded IPs thing" is also super weird.
Sandstorm currently has no special behavior for local networks versus over the Internet: All things use the public IP and supports Let's Encrypt. Access hence somewhat depends on hairpin routing, but certificates are no issue. On my home network, I actually adjusted my DNS to route my Sandstorm with local IPs internally, mind you, so it works when the Internet is down.
@ocdtrekkie you should read some of the issues that talk about security and the lack of TLS certificates. It's both hilarious and horrifying the folks behind this Umbrel platform is so naΓ―ve.
The fact that there is a comment that even suggests that the local network is assumed to be trusted is just goddamn stupid.
then there's another comment claiming that TLS certificates on local networks still suffer a man in the middle attacks, what the fuck?
@ocdtrekkie you should read some of the issues that talk about security and the lack of TLS certificates. It's both hilarious and horrifying the folks behind this Umbrel platform is so naΓ―ve.
The fact that there is a comment that even suggests that the local network is assumed to be trusted is just goddamn stupid.
then there's another comment claiming that TLS certificates on local networks still suffer a man in the middle attacks, what the fuck?