Is this really true? Looking at the Yubikey Shop I see that the purchase page explicitly states that the key is shipped with Firmware 5.7 (the fixed version). If a device is received with the old firmware, I would believe that this not intentional and support would resolve the problem.
This is a good point. I think a simple remedy would be to include the IP the server should allow connections from as part of the authenticated payload from the client in the request.
That defeats the purpose of port knocking. If you know which IP connections comes from and you trust it - just allow connections in firewall. Port knocking is for temporary allowing certain incoming IPs.
I actually have switched to Localsend from Pairdrop. My experience is that is Pairdrop is slow especially compared to Localsend. This is while hosting the application on my local network.
I do prefer the WebApp approach so I don't have to install something on each machine before sharing files, but the bug ticket in Pairdrop does not make me hopeful for a good solution (see: https://github.com/schlagmichdoch/PairDrop/issues/44)
Are you able to achieve similar performance in Pairdrop that you did with Localsend?
I haven't compared performance, as it's not a bottleneck for me. A 70mb file took a few seconds. Localsend could very well be faster, being a native app.
The comments I am reading here seem to imply that this is more privacy invasive than tracking cookies. Steve Gibson did an analysis on Topics and his conclusion was that this is an approach to provide targeted ads (which websites need to make money) without being invasive.
Although if you believe that being online you should be 100% anonymous and share 0% of personal data then of course Topics is not good (but then no other ad targeting solution will be either).
