I disagree about rejecting funding from intelligence agencies. I hate the concept of their existence, as well as what orgs like the CIA have done (and proceed to do) but given the fact of their existence, they do have legitimate reasons (in this case I mean reasons that align with Signal’s current goals rather than in order to change them) to fund Signal, and if that results in funding secure software, all the better.

In addition to the downsides mentioned here about privacy regarding Google, there is a major upside to using this service: it offloads all of the authentication logic to google, so in theory it reduces your risk surface area, or it may be more accurate to say it concentrates your risk to your Google account.

You’d like to hope most websites use using common security best practices and keep on top of things but the amount of websites I had accounts on (on websites I had long forgotten) which have been pwned over the years tells me otherwise. Using google auth sets your account security to be exactly as secure as your Google account.

It really depends on what you’re most comfortable with; when you go for such a custom option most of the design decisions are about personal preferences.

I suggest you draw out some layouts on a piece of paper, adjust them until you feel happy and then plan out how you want the keymap to look. When you’re happy, look for a layout that fits what you want or build your own on KiCAD.

I bought a kyria from Splitkb, and I’ve been very happy with the design. If I needed another keyboard, it would probably be a very similar layout, but have slightly fewer keys, be low-profile and no oleds.

Depends on the failure mode; If your USB4 cable has enough noise (due to poor cabling, damage, or interference), it may negotiate down to 40Gbps (or even 20Gbps) instead of 80Gbps instead of outright failure, but it might also intermittently crap out if it negotiates a certain speed and then get moved.

If your device requires a speed that can’t be reached, yeah it’ll pretty much always fail on a bad cable.

A bunch of tech companies do a lot of their work within Israel; a comprehensive secondary boycott would rule out a lot of technology companies.

Not saying it’s not a worthy effort, just that I doubt arm are worried about themselves specifically.

Perhaps it could be useful for longer journeys, or for those with a physical disability?

Either way, it’s definitely not a revolutionary concept.

Not everything has to be “the replacement for cars”. I hope diversification is the “death by a thousand cuts” to cars, where everyone has an option that best accommodates their situation.

If you’re messing with ACLs I’m not sure deduplication will help you much; I believe (not much experience with reflinks) the dedup checksum will include the metadata, so changing ACLs might ruin any benefit. Even if you don’t change the ACLs, as soon as somebody updates a game, it’s checksum will change and won’t converge back when everyone else updates.

Even hardlinks preserve the ACL… Maybe symlinks to the folder containing the game’s data, then the symlinks could have different ACLs?

I actually found the opposite with my steam library; on ZFS with ZSTD I only saw a ratio of 1.1 for steamapps, not that there’s really any meaningful performance penalty for compressing it.

Given the user always has a deeper access to the client (i.e. hardware access) than the anticheat dev does, eliminating cheating is probably unsolvable.

Best bet is probably always going to be a decently funded team dedicated to find and ban cheaters, rather than attempting to prevent them all with a rootkit.

I am curious about why performance cores would go with a no-smt implementation; the die area improvements are obvious, but how are they going to spend that die area improvement to make up the performance gap?

AVX only really affects a small subset of applications, so I can’t see that going too far.

A better branch predictor could be a boon, but given how good they are already I’m not sure how they could make up the 50% multi threaded loss.

Perhaps just cramming more physical cores together and a better cache sharing mechanism?

Setting up the PiHole device as a DNS server & DHCP server still won’t make all traffic flow through it, you need it to be a gateway for all traffic that isn’t destined for an internal subnet.

To do that, you’ll need to set up your device as a router, with the necessary entries in iproute2 and iptables in order to keep lock out external connections without conntracks. You might be able to route to a turnkey container of some kind.

Are you trying to route your DNS queries through your VPN device or all of your traffic?

Just your DNS queries is easy, set up the VPN as the default route for the device (using netplan or iproute2), then all queries from PiHole will go via that.

All traffic is a bit harder, unless your PiHole device is the only thing between your regular devices and the internet.

Do you just care about privacy, or is it your primary focus?

There are Linux distros like Tails which will be very hard to use day to day, but if you are laser focused on privacy, it’s between that and CubesOS (not Linux).

Most Linux distros will give you reasonable privacy from an OS standpoint, from there it’s up to you to have good practices with your data.

You can be legally compelled to give access to data in Australia, this includes decryption keys and biometrics.

Aus border security care most about weapons and biological matter; dirt, wood, bugs, plants, food etc.

Coming from Indonesia, you may be profiled vis-a-vis potential biological material but showing that you’ve taken precautions when you packed to make their jobs easier will expedite any bag search.

Unrelated but have an off-site backup! Airport baggage handling are not gentle, and your spinning rust may be DoA.

Owning pirated materials is likely illegal in Australia, but it’s not what border security are looking for so you’re right they wouldn’t care.

As far as ARM SBCs go, I’d say B tier. Not as good as a RaspberryPi or RockPi but armbian installed great. Had a pain debugging the rockchip video decoder in a container, and still have issues with USB hard drives.

If you’re coming from x86_64, be prepared for some unique challenges.

• *arr media services
• tailscale
• mullvad
• Jellyfin
• qbittorrent
• pihole
• unbound
• Minecraft server
• Portainer-CE

On an OrangePi with a powered USB hub using a bunch of SSDs.

All except the Minecraft server running on Podman.