Honestly this is the best suggestion especially if you can mount your windows partition read only. You get the benefits of Linux while still having access to your files.

For most folks, the biggest hurdle is getting compatible apps. Once you find the apps you need, moving over is just a backup and restore away.

DNSSEC always causes errors on my pihole set up and end up disabling it. The upstream is DoH though (via dnscrypt) so it’s technically DNSSEC but without the clients seeing the authentication. That’s enough for me.

At some point, I fully expect apps and websites to begin resolving DNS directly instead of relying on the OS to provide resolution services. At that point our options will be to wholesale block IP addresses at the router.

There is a point of diminishing returns. Like most things, you have to evaluate what you are willing to live with and let go.

I know someone who only browses incognito because they don’t want cookies tracking them. They log into everything every day. Which, imo, is worse because those cookies are still tracking you but you now have to log in everyday.

But for them they like the control.

I’ve moved most of my incidental link on my phone clicking to Firefox Focus (thanks to URL Checker) which has upped my privacy. I wouldn’t have made that change without the prompt that URL Checker provides though.

I use a VPN outside of my house and I use pihole at home. I am tempted to switch my DNS to unbound but the juice doesn’t seem to be worth the squeeze. We’ll see the next time I need to rebuild my pi.

I agree. This thread is for actual advice. rm -rf / belongs in a joke thread.

Yippie kayak other buckets!

Even remembering IP addresses isn’t a great because services can change IP addresses at any point.

As others have mentioned DNS, by its design, is decentralized…to a point. If you run your own DNS, you can’t be an authority to .com addresses for example. Even that sentence has caveats.

Generally speaking you can run your own DNS that uses root DNS servers. MPAA and others have attempted to get those servers to stop pirate domains from being resolvable but they’ve essentially said “fuck off”.

IMO, that’s going to be the last battleground, at which point pirating will have no choice but to move to tor and/or to I2P.

I’m a chezmoi user and I’ll be honest: as powerful as it is, it’s way too clunky to get right. I spend too much time configuring and then am too worried I’ll mess it up if I need to add or remove anything.

I’m going to give stow a try to see if it fits my workflow better.

I’m a JavaScript developer. But it is fully possible to create a site with no frontend JavaScript

Like many things, you should use JavaScript if you need it. If you don’t need remote data sources or live refreshes, pure html and css work perfectly fine and, I would go so far as to say, may even be necessary for resistance web pages.

This is especially true if you’re using tor. JavaScript can leak your IP address and sites will work more reliability if you have static content that’s refreshed on the back end than using a bloated next.js app taking up RAM.

All the risk without the fun

You’ve summarized religion in one phrase.

I go for a good enough solution. I know better solutions exist but I’m limited by time and empathy.

Super true.

Signal is a messenger service. You can expire messages after a certain amount of time.

They ask for a phone number to limit bots. I used my Google voice number and it worked fine. I like Telegram which banned me after a day of use for using Google Voice.

Messages are e2e encrypted. Metadata is not encrypted.

Edit: I feel the need to qualify this statement. Metadata about your connection may be encrypted at rest but is decryptable given that signal is released metadata to authorities with a warrant/subpoena.

It’s illegal if the company is coercing you to spend money at their “preferred” stores.

That said, so many states have business friendly laws that it’s likely a civil tort and not a criminal one.

OP, call your attorney general or department of labor (depending on the state). You may want to even call your state’s taxation board and you know for fuck sure they are doing something scammy with their taxes if they are watching you this closely.

The problem is that the CEO who believes he just writes code probably believes all a bus driver does is turn the steering wheel.

Settle down Satan.

Ghosts can’t go through walls. It’s not florine!

Jesus fucking Christ …GitHub actions is free for open source.

And they still put their binaries behind a paywall?

When you’re discussing your own OPSEC (Operational Security for those unaware), you have to evaluate and determine your personal threat profile. Generally speaking, you need to determine what risks you’re willing to accept, what risks you’re willing to mitigate, and what risks you will not tolerate. There’s a whole field of IT dedicated to this but the general idea is for you to understand that there is no perfect solution and everything is a trade off.

There is an inherent risk to downloading pirated software, especially software that you use for private activities (e.g. finances, etc.). With today’s landscape of mining crypto, I’d go so far as to say almost any pirated software is at risk of this.

I would agree that generally playing media files is relatively low risk (though there was a vulnerability I read about a few years back of a zip-type attack. The details allude me at the moment).

But for executables, you basically have two options:

• spin up a VM to host your executable, sandboxing it from everything else.
• trust the people who are providing the executable and run it on your computer

Personally, I avoid pirated executables. More often than not I can find a similar open source product that I can download. My risk tolerance is not only low, but I don’t see the benefits of using a particular company’s software especially if an open source is available.

Fun fact: the original Matrix script actually had the machines using humans for processing instead of as energy output.

Studio execs thought it was too far fetched and made them change it.