shrugal
Idk when you checked, but they work pretty well now. Not quite on par with Google Docs, but the closest thing I know.
No! I prefer ______, and you are WRONG for thinking otherwise!
I can't recommend Synology enough! They make it as easy and painless as possible to own your data again.
No, it really doesn't. That's like creating a bot that buys and sells company shares automatically, and saying the stock exchange has a vulnerability because your bot makes bad decisions.
I just set up a Vouch-Proxy for this yesterday. It uses the nginx auth_request directive to authenticate users with an SSO server, and then stores the token in a domain-wide cookie, so you're logged in across all subdomains. Works pretty well so far, you don't even notice it when you're logged in to your SSO provider.
But you do have to tell the proxy where you want to redirect a request somehow, either by subdomain (illegal.yourdomain.com) or port (yourdomain.com:8787) or path (yourdomain.com/illegal). I'm not sure if it works with raw IPs as hosts, but you can add additional restrictions like only allowing local client IPs.
In my special case I'm using the local Synology SSO server, and I have to spin up an additional nginx server because the built-in one doesn't support auth_request.
Can't talk for the free tier, but my Usenet account comes bundled with a paid Privado account, and that's working ok so far. The connections have been reliable, fast, and low latency.
My main issue has been that it doesn't support port forwarding. Also, some GeoIP services locate many of their servers in the Netherlands, instead of where Privado says they are. Idk who's right, but it's definitely a problem if you want to pick a specific location.
What's absurd is this crypto maximalist take.
You can't just make up your own permission and punishment system, and then expect the legal system to just step aside and let it handle all disputes, especially when it comes to fraud. That's like founding your own city in an existing country, and declaring all existing law obsolete. I know some people think this is a real possibility, but the real world doesn't work like that.
IANAL and all, but bad/unfavorable contracts and literal deception/fraud are two different things, at least in the legal system. Not everything that's technically possible is also allowed, obviously.
Compare it to using a security flaw to hack into a system. Technically you're only using the official API, maybe in unusual ways, but still. But you're doing it in bad faith and causing harm, maybe pretending to be someone you're not or injecting fake data into the system, and that can make a difference.