> Umbrel partnered with The Bitcoin Machines to offer a plug-and-play all-aluminum node and server combo.
I guess we're just going to ignore the fact that, while adding NextCloud and other unrelated apps to Umbrel, they *still* haven't addressed the security issues, which they themselves state are so big, that it's not recommended to put actual money on an Umbrel node?
Interesting page. The "over-the-air" update thing, I'm not familiar with it, but does it mean auto-updating somehow? Either way it looks bad indeed. And the hardcoded password one also looks bad, that's not the kind of tradeoff for convenience that I think ever makes sense (mainly because it has a global effect, i.e. attackers know all have it).
The root thing may or may not be terrible I guess it depends on details of set up.
@waxwing Yeah, hardcoded passwords is a no-go. They already do OTA updates (it's just downloading Docker containers), but there's no signature validation apparently.
All in all, I have no idea why they would build *anything* else on top of this, before addressing the fact that it's still not ready for actual money, while everyone's already using it with actual money.
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!