pull down to refresh
10 sats \ 1 reply \ @Lost_dogz 25 Dec 2023 \ parent \ on: I want to run my first node but am overwhelmed by the choices bitcoin_beginners
If you don't install anything besides Bitcoin Core, then you certainly don't need umbrel. But even umbrel doesn't think umbrel is secure, see: https://github.com/getumbrel/umbrel/blob/master/SECURITY.md
Docker is one example of a 3rd party vulnerabilities, but imo the biggest security hole is node.js packages. I assume Umbrel learned their lesson and no longer set a default password. This pw used to be "moneyprintergobrrr" and plenty of people lost sats because of it, and more than once
That's fair. Also security is not a boolean. Umbrella is disclosing know weaknesses. Seems responsible to me especially when dealing with money.
I would not call these node packages holes but rather attack surface.
reply