deleted by creator

Agreed, as far as solar installers are concerned they can’t get enough product to smoothly complete their projects even before the delusional American tariffs.

Texas has power outages for days at a time. People get rocked by astronomical utility bills. Also, Texas has boil water advisories for big population centres in one of the richest states in the US.

There’s nothing to covet here. It’s an embarrassment.

Was Ninjacentral the okay one and nzbgeek was the one with the data leak?

I’d say you are confusing critical thinking with anxiety. Critical thinking is a deliberate exercise that I choose to engage in, and I might be able to do for a certain period of time. I’d suggest that critical thinking is an investment of time and energy to really understand an issue, how it’s framed, how to re-frame it. At the highest levels, critical thinking will eventually lead to where you stand on an issue, and what scenarios change your standing.

But anxiety is something I don’t mean to engage in, and might not be able to stop. I’d agree it’s a disruption of critical thinking. It’s either a response to stress, or perhaps a force is pushing you to anxiety to break down your OODA loop (Observe, Orient, Decide, Act) and render you less effective on the field you’re playing in.

#solved

EDIT: 2025-10-25 at 11h29 - I deleted the Content-Security-Policy and PieFed displays images as expected.

Reasoning

So after crawling through some very old Reddit posts, I came across other self-hosters discussing their new found interest in Security Headers from 5 years ago (dated, yes). Among the comments was a post by pentesticals (glorious):

https://www.reddit.com/r/selfhosted/comments/mpzl8f/any_recommendations_for_security_scans/

I use Caddy and I can indeed see the security headers that involve CSP. How should this setting be amended?

For what it’s worth I looked over the “Using Caddy as reverse proxy” for Lemmy, and I notice that they just don’t use the Content-Security-Policy option at all. I’m wondering if I should simply delete this Header for PieFed.

https://join-lemmy.org/docs/administration/caddy.html

(security_headers) {  
  header {  
    Strict-Transport-Security "max-age=31536000; includeSubDomains"  
    X-Content-Type-Options "nosniff"  
    X-Frame-Options "SAMEORIGIN"  
    Referrer-Policy "no-referrer"  
    X-XSS-Protection "1; mode=block"  
    Permissions-Policy "camera=(), microphone=(), geolocation=(), accelerometer=(), autoplay=(), fullscreen=(), gyroscope=(), interest-cohort=(), magnetometer=(), payment=()"  
    -Server  
    -x-powered-by  
  }  
}  

Super effective!

It’s not so much that ads can only sell you something anymore. They’re able to sell your personal details and identity when abused.

I believe the issue has been written on even prior to the 2025 article from Wired.

Data brokers are basically form centralized American platforms which carry immense databases about its users. These demographics can essentially be used to target high value targets. These can include government employees, members of military, and other persons of interest.

These brokers use Mobile IDs to allow advertisers to micro-target people with their habits, browsing fingerprint, and purchase habits. Even if these companies say they don’t associate identities with these Mobile IDs, the brokers can cross-reference enough information to basically de-anonymize a target.

Plus with influencers these days, many don’t disclose if what they do is sponsored or part of a greater outreach campaign. You’re basically stuck wondering if you’re getting targeted or astroturfed.

https://www.wired.com/story/google-dv360-banned-audience-segments-national-security/

Thank you everyone, for your replies and tips!!

I haven’t followed PeerTube channels directly from PieFed - yet.

After just under 24 hours up, so far everything seems to be working just as wjs018 says.

Thanks Rimu for the Sentry tip.

I think I’ll just not set the email for errors so as to avoid the logs being sent out.