
CommunityNews
False security: Dashy's client-side authentication
False security: Dashy’s client-side authentication.
Update 3/28: The devs have announced that the auth system is to be deprecated. See details below.
About a month ago, I went looking for a dashboard for my homelab—something to help visualize the services I run. I found Dashy, a popular (14.6k GitHub stars) dashboard designed for self-hosters. I deployed it and started configuring it, but noticed that something about its authentication felt off. I started digging and quickly found its security to be borderline useless, permitting unauthenticated reads and writes of its configuration.
Read in full here:
This thread was posted by one of our members via one of our news source trackers.
Popular General Dev topics

Typing is Hard
Type Checking and Type Inference
Common terms
Completeness
Soundness
Decidability
Hindley-Milner Type System
Dependent t...
New

A field guide to help you recognize achievement, spot A field guide to help you recognize achievement, spot bottlenecks, and debug your d...
New

F# Is The Best Coding Language Today.
If you want to personally pick up a programming language in order to become a better coder in what...
New

Is Rust Used Safely by Software Developers?.
Rust, an emerging programming language with explosive growth, provides a
robust type syste...
New

SPWN is a programming language that compiles to Geometry Dash levels. What that means is that you can create levels by using not only the...
New

Kinesis Advantage360 Ergonomic Keyboard.
Split-adjustable, contoured design that maximizes comfort and boosts productivity. Mechanical s...
New

8 Reasons why Clojure is a better Java than Java.
Clojure is better than Java at its own game. Using code examples, we dive into what ma...
New

This Keyboard Lets People Type So Fast It’s Banned From Typing Competitions.
A new peripheral lets you keep typing without ever lifting ...
New

An Introduction to Deno: Is It Better than Node.js? | AppSignal Blog.
Learn about the key features of Deno, how it outperforms Node.js, ...
New

Flipper Zero is a portable multi-tool for pentesters and geeks in a toy-like body. It loves hacking digital stuff, such as radio protocol...
New
Other popular topics

If it’s a mechanical keyboard, which switches do you have?
Would you recommend it? Why?
What will your next keyboard be?
Pics always w...
New

Any thoughts on Svelte?
Svelte is a radical new approach to building user interfaces. Whereas traditional frameworks like React and Vue...
New

I know that -t flag is used along with -i flag for getting an interactive shell. But I cannot digest what the man page for docker run com...
New

Why, if your answer is yes?
New

I ended up cancelling my Moonlander order as I think it’s just going to be a bit too bulky for me.
I think the Planck and the Preonic (o...
New

Hello content creators! Happy new year. What tech topics do you think will be the focus of 2021? My vote for one topic is ethics in tech...
New

In case anyone else is wondering why Ruby 3 doesn’t show when you do asdf list-all ruby :man_facepalming: do this first:
asdf plugin-upd...
New

I am trying to crate a game for the Nintendo switch, I wanted to use Java as I am comfortable with that programming language. Can you use...
New

Author Spotlight:
David Bryant Copeland
@davetron5000
We’re so happy to bring you another Author Spotlight, a series where we sit dow...
New

This is a very quick guide, you just need to:
Download LM Studio: https://lmstudio.ai/
Click on search
Type DeepSeek, then select the o...
New
Latest in In The News
Latest (all)
Categories:
Popular Portals
- /elixir
- /rust
- /wasm
- /ruby
- /erlang
- /phoenix
- /keyboards
- /js
- /rails
- /python
- /security
- /go
- /swift
- /vim
- /clojure
- /java
- /haskell
- /emacs
- /svelte
- /onivim
- /typescript
- /crystal
- /c-plus-plus
- /tailwind
- /kotlin
- /gleam
- /react
- /flutter
- /elm
- /ocaml
- /vscode
- /opensuse
- /ash
- /centos
- /php
- /deepseek
- /zig
- /scala
- /html
- /debian
- /nixos
- /lisp
- /agda
- /textmate
- /react-native
- /sublime-text
- /kubuntu
- /arch-linux
- /ubuntu
- /revery
- /manjaro
- /spring
- /django
- /diversity
- /nodejs
- /lua
- /julia
- /c
- /slackware
- /neovim