Em Adespoton

The encryption is so if someone breaks in and takes off with your hardware, they don’t get your data too.

Of course, my backup software encrypts anyway, so I don’t bother to do volume encryption.

I just got a cheap Beelink minipc and slapped external HDDs on it — comes with a decent SSD inside and a slot for SATAIII drive inside too.

I’m running Debian on it, but FreeNAS/TrueNAS Community would have worked as well.

My kids have phones with no SIM card; they can call 911 and they can use WiFi when in range; I have them set up with a VPN to home, so that’s the only connection any hotspot sees.

I use TP Link C100 cameras in local network mode and a Reolink doorbell in a similar manner. Standard RTSP feeds and an internal mini web server, plus plenty of privacy controls.

Both of these products are pretty cheap considering their configurability — they do both provide the option to do the whole cloud subscription thing, but work fine for me without it. I have Home Assistant on the back end to manage live streams, but find I usually just read data off the internal SD card instead.

You missed Atari and Apple?

I moved into a place with a Ring doorbell.

I bought myself a Reolink doorbell and swapped them out. Reolink doorbells can be configured to be local storage only with no callhome, and they support RTSP. You can essentially configure them to precisely the privacy model you use — I even have mine set up to black out the parts of the screen that show my neighbors’ property, so it’s not available in recordings or the streaming video.

All the benefits of a Ring without the privacy invasion.

I’ve been a two browser person for over 20 years. It might not be for everyone, but I do all my browser activity that has an information risk (banking certain types of ordering, health access, etc.) on one browser with a specific security profile to protect those sessions, and all my other browsing on a FireFox variant locked down with NoScript, Privacy Badger, uBlock Origin, etc.

This means that I always reach for the properly configured tool when doing something online, and attempts at phishing have one more hurdle to clear. Default browser points to a fully locked down profile, so any stray clicks will do minimal damage. Sites I know are sandboxed and not allowed to access anything on the rest of the Internet.

This configuration isn’t for everyone, but I’ve been on the Internet for over 35 years and still seem to have a reasonable amount of privacy and security.

Is that last 10% all about DRM and anti-cheat?

The one I have on me. Which happens to be my Yubikey currently.

Well, eventually it WAS noticed before making it to Stable, partly by chance, but partly because of the existing process.

In most situations, getting that designation provides extra funding and legal protection. However, all of that is managed by the federal executive on behalf of Congress… and these days that could result in added risk.

On the plus side, I believe it means that every work submitted to the LoC also goes to IA, which is indeed a good thing. Sure beats the lawsuits they had to endure following COVID.

Security isn’t the size of the app, it’s how you use it :)

Those circumstances include immediate threats to national security and situations where a person is in danger of death or serious injury.

Well I see a problem there. It doesn’t specify the cause of the danger or the reason the person is in danger in the first place.

EFF missed a fun opportunity to call the Rayhunter “DeCSS”.

I wonder how much of that can be traced back to Broadcom acquiring VMWare?

Remember that fingerprinting can be your friend… because it’s much easier to fake an online fingerprint than a real one.

You can generate a unique fingerprint with each online interaction; this means that you will always have a unique identity.

Or, you can ensure you always have the same fingerprint as a large number of other people.

Think of it as the difference between using a different valid loyalty card each time you shop vs using one of the famous numbers that millions of other people are also using.

Of course, in both circumstances, you do give up the benefits of being uniquely identifiable.

Little Snitch on a Mac.

There are an infinite number of programs that could do this. Will they? Probably not.

Best thing is to install a trustworthy personal firewall, and block all outbound network access for all processes, and then enable as needed. This won’t stop Windows itself, but it will give you a heads-up if something else is trying to send data somewhere and you can make an informed choice at the time.

“Peak” is rather optimistic….

LibreOffice is offline; each person can run the software in their own device to create and edit documents.

It’s features are equivalent to 2010 Office. That’s not necessarily bad, but it’s not how people usually work today.

Collabora lets you host documents on a central server and have multiple people edit at once, dynamically tracking changes and allowing full revision management. Or, you can keep your documents local and not host them if you don’t want to.