They should not be worried, they should be educated.

If you worry a new user enough they’ll go back to Windows or Apple because there’s less scary warnings there.

We need to make the transition as pain free as possible. Learning about the joys of kernel compilation and SELinux can come later.
The first step is "Hey, this is as usable as Windows, without stupid ads in the start menu.

Depending on your level of caffeine tolerance/dependency actual coffee might be even better.

Alternatively: Decaf.

There should be an external hard drive full of portable game installs in some drawer that fits the time period.

Should easily kill a week.

Coconut at least…

Ah, you “work” in “marketing”?

They occupy a strange niche full of contradictions.

Entering the code on the device itself should increase security as opposed to entering it on a compromised computer.

But plugging it into a compromised computer means the data is compromised anyway.

Their security is way harder to audit than a software solution like PGP. The actual “encryption” varies from actual decent setups to “entering the code connects the data pins with no actual encryption on the storage chip”

Not having to instal/use software to use them means they are suitable for non-technical users which in turn means more support calls for “I forgot the pin, it wiped itself, can you restore my data”

They are kind of useful to check the “data is transported on encrypted media” box for compliance reasons without having to manage something bigger.

Wow, that sounds like a decent start for an architecture.

I’m tempted to spin up a few Jellyfin instances to see how it might work…

JellyFed(eration) would be awesome. It should use an anonymous overlay network so federation is not limited to people you trust in copyright-zealous jurisdictions.

That’s the equivalent of leaving the door open and hanging a sign “Internet over there” pointing at a wall.

Programs don’t need to respect those registry keys. If you’re worried about internet access, set up a firewall.

Also, if you’re worried about malware, the damage is probably done before anything connects to the internet.