And maybe also not running as root… The excerpt summarises it quite well.
I strongly support a disbarment of IT folks who operate such setups.
Wow. I guess that’s good advice. While we are at it, let’s warn people not to post their banking credentials to Twitter
In my opinion, using the phrase “rooted via syncthing” is almost defamation in this context.
Is it not the first thing Syncthing tells you to do, to set an admin password for the GUI?
That’s probably still not enough, as some people will use a password called “password” or “12345678” . I think there was a feature request some time ago asking for calculating and showing the password strength, although I believe it was related to the “Receive Encrypted” password and not the GUI.