There's no outward indication of the authors. It looks official enough, but my experience is that government/foundation types like to splash their brand all over their works, and there's no branding.
I was asking myself the same thing. Is the "CIRCL - Computer Incident Response Center Luxembourg" a partner organisation to CERT? I don't follow this very closely, but it felt like there was some kind of global network. I'd be curious if there was a continuity plan of some sort. There is also https://cert.europa.eu/ which might be used interchangeably.
Looks great! Reading through the docs it seems the subtrace process sends all data to your server. I'm reluctant to do that on a production environment, where API keys and personal data are being handled.
Is there any way to run it completely self hosted? If not, are there plans? And how will you monitize self hosted options (if it's possible)?
Pixie [1] is a similar project and offers the self hosted model you are looking for.
We also support 11 application protocols [2] with TLS handshake tracing and MQTT support coming soon (encrypted traffic tracing has been supported for a long time).
From a dictionary: The meaning of DISCLAIMER is a denial or disavowal of legal claim : relinquishment of or formal refusal to accept an interest or estate.
re self-hosting: yep! Use the -devtools flag to get a stripped down version of Subtrace running entirely locally:
subtrace run -devtools=/subtrace -- python3 -m http.server
This starts a Python server on localhost:8000 but with Subtrace. Everything except /subtrace is forwarded to the Python server like usual, but if you go to http://localhost:8000/subtrace you should see the Chrome DevTools network tab running in the browser like a regular app. Any request you send to localhost:8000 + all outgoing requests made from inside the Python app will automatically appear in that dashboard!
That would work for a single instance, but when running multiple (e.g., you are horizontally scaled) it would not be ideal.
Is it possible to mimic "subtrace.dev"? There's the 'SUBTRACE_ENDPOINT' environment variable which can be used to set the target endpoint, but is the server side open source too? And does the license grant permission for self hosting the full stack?
Linux gaming is great. Running Bazzite myself, but for proper support you should run full AMD (CPU and GPU). Nvidia drivers seem to be a pain in the arse.
Core only has the "full backup". Incremental and other types are available to enterprise. I run the Core edition (with full backups) for my personal projects.
Of course, the reason this keeps happening is the infrastructure is designed to let it happen in certain cases. Notice how they explicitly say, they need to fix it in the front end. They can't fix it in the backend because that would break eavesdropping.
