Goofed Home

The Huntarr situation (score 200+ and climbing today) is getting discussed as a Huntarr problem. It’s not. It’s a structural problem with how we evaluate trust in self-hosted software.

Here’s the actual issue:

Docker Hub tells you almost nothing useful about security.

The ‘Verified Publisher’ badge verifies that the namespace belongs to the organization. That’s it. It says nothing about what’s in the image, how it was built, or whether the code was reviewed by anyone who knows what a 403 response is.

Tags are mutable pointers. huntarr:latest today is not guaranteed to be huntarr:latest tomorrow. There’s no notification when a tag gets repointed. If you’re pulling by tag in production (or in your homelab), you’re trusting a promise that can be silently broken.

The only actually trustworthy reference is a digest: sha256:.... Immutable, verifiable, auditable. Almost nobody uses them.

The Huntarr case specifically:

Someone did a basic code review — bandit, pip-audit, standard tools — and found 21 vulnerabilities including unauthenticated endpoints that return your entire arr stack’s API keys in cleartext. The container runs as root. There’s a Zip Slip. The maintainer’s response was to ban the reporter.

None of this would have been caught by Docker Hub’s trust signals, because Docker Hub’s trust signals don’t evaluate code. They evaluate namespace ownership.

What would actually help:

• Pull by digest, not tag. Pin your compose files.
• Check whether the image is built from a public, auditable Dockerfile. If the build process is opaque, that’s a signal.
• Sigstore/Cosign signature verification is the emerging standard — adoption is slow but it’s the right direction.
• Reproducible builds are the gold standard. Trust nothing, verify everything.

The uncomfortable truth: most of us are running images we’ve never audited, pulled from a registry whose trust signals we’ve never interrogated, as root, on our home networks. Huntarr made the news because someone did the work. Most of the time, nobody does.

One thing that sucks about that is you might miss an upgrade that needed to happen before a large version jump later. It’s pretty rare but I believe I’ve seen a container break like that and the upgrade was misery.

Fair! I’m not giving enough credit to the fact that some applications don’t really have another option than to run root for some dependencies

The past weeks I have worked on setting up a new Piefed based Fediverse instance: https://nord.pub.

The main “selling points” of this instance is:

• Operated and hosted in Northern Europe
  
• Committed to avoiding US-based infrastructure and cloud products
  
• Powered by Piefed
  

It is open to the world; the Nordic focus is quite loose and is mainly about geographic hosting and having a few Topics with communities in the Nordic languages. The main language will be English since that is the language of the vast majority of the Fediverse.

Community creation is open but I will not be creating any local communities that would “compete” with communities on other existing instances. However anyone who wants to create a community on this instance is free to do so, as long as it follows the rules.

Very cool!

Got it all sorted, thank you!

I used to think that people were massively overreacting about all this

Genuine question, why? What proof is there that companies like this don’t do these things when given an inch of leeway?

The question can go the other way as well; what proof does people have that Discord is outright lying in their communication? All the communication indicates that they have actually taken steps to minimize the privacy impact. Importantly using local processing and only storing if it’s successful or not, even if that means that it can likely be bypassed (important web dev rule, never trust the client side).

Now introducing the Persona system is very concerning, and also a reason I don’t think it’s an overreaction anymore. Even if they claim they only save the data for longer than 7 days, the connection to Palantir and Peter Thiel is extremely troubling and erodes the trust. I mean it comes down to me not trusting them as much as Discord.

To expand on your question on why they wouldn’t be as evil as possible, it comes down to whether or not you believe that all developers and product managers are evil or not. I have worked for a decade for a few IT heavy companies and yeah, there are shit going on, but it’s mostly due to laziness, or product managers wanting numbers and pretty graphs of user behaviors (when it comes to privacy and data sharing).

The leak of the 70k UK identities is an interesting case. It’s often framed as if the processor was hacked but it was actually the normal support system where they handled appeals. The real mistake was that Discord didn’t properly think through appeal handling and it is probably attributable to a mistake/laziness then intentional malice.

Of course a bit different for the macro social networks, whose primary income stream is selling ads and they want to build behavior profiles because that allows them to argue that advertisers get more value out of their platform. The point I want to make is that your real name and photo doesn’t actually have any value for the companies, because they already do have everything they need from your activity. It does have risks and liabilities though if nothing else due to GDPR.