It’s easy. Mumble. Or the thing you used probably still works.

But you see, people never actually seek a discord alternative. They want a discord alternative that includes all the features in one app that is also federated, AND end to end encrypted, and each one makes things vastly more technically challenging and resource intensive and then you want them together.

A little secret: Matrix is much, much easier to host if you disable encryption and federation. Federation to many servers is the main performance killer, and “failed to decrypt message” will all disappear if you disable encryption.

If your software updates between stable releases break, the root cause is the vendor, rather than auto updating. There exist many projects that manage to auto update without causing problems. For example, Debian doesn’t even do features or bugfixes, but only updates apps with security patches for maximum compatibility.

Crowdstrike auto updating also had issues on Linux, even before the big windows bsod incident.

https://www.neowin.net/news/crowdstrike-broke-debian-and-rocky-linux-months-ago-but-no-one-noticed/

It’s not the fault of the auto update process, but instead the lack of QA at crowdstrike. And it’s the responsibility of the system administrators to vet their software vendors and ensure the models in use don’t cause issues like this. Thousands of orgs were happily using Debian/Rocky/RHEL with autoupdates, because those distros have a model of minimal feature/bugfixes and only security patches, ensuring no fuss security auto updates for around a decade for each stable release that had already had it’s software extensively tested. Stories of those breaking are few and far between.

I would rather pay attention to the success stories, than the failures. Because in a world without automatic security updates, millions of lazy organizations would be running vulnerable software unknowingly. This already happens, because not all software auto updates. But some is better than none and for all software to be vulnerable by default until a human manually touches it to update it is simply a nightmare to me.

Second comment, but also investigate Wazuh. It can audit systems and report vulnerabilities. It’s not an external scanner, but I have found it to be more effective and less annoying than greenbone/openvas.

Instead of trying to automatically scan your environment, it’s probably better to figure out how to automatically update applications first. CVE’s eventually get patched.

Fermi is just a custom client for discord/spacebar. It’s not federated.

It’s not federated, just easy to self host and point custom clients at.

Faster than my edits, I see.

Docker compose’s don’t really need to be maintained though. As long as the app doesn’t need new components old docker composes should work.

EDIT: Oops, it does look like spacebarchat’s docker images have last been updated over 2 years ago:

https://hub.docker.com/r/spacebarchat/server

EDIT2: Although this is outdated, I think their github repo has an action to autobuild docker images on pushes. Still investigating.

EDIT3: Okay, they don’t seem to be actually ran.

But using nix to build a docker image is pretty cool.

EDIT4: Oh shit, the docker image build workflows were added just 2 hours ago. Of course they haven’t been ran!

Docker support soon, probably.

EDIT5: the workflow ran, but it looks like it’s private for now.

https://github.com/spacebarchat/spacebarchat

Literally reverse engineered discord, made open source.

It’s not that hard though. There are companies that offer data recovery as a service. If the value of the data on those drives exceeds the cost of those services then it becomes worth it to fish one of the drives out of the dumpster and take it there.

This is not truly foolproof. Data can still be recovered from the spinning metal platter since it can theoretically be removed and put into a recovery device, even in a broken state.

Im addition to that, hard drives/ssd’s sometimes have small flash memory chips, from which data can sometimes be recovered.

If you want it to actually be unrecoverable then you have to actually ensure all parts thay store data are truly deleted/wiped, which is more than just the core platter. Or just use encryption and throw away the key, since all data going through the tiny OS on these devices will be encrypted. Or just store them forever in a vault.