I think I started back in the day with Ubuntu Gnome, with some dabbling in Manjaro and then Arch.

But since then I have used Fedora Workstation, and then Fedora Silverblue / Fedora Kinoite (immutable versions of fedora, with the past several years on Kinoite [kde] over Silverblue [gnome])

On the server side of things, I am using Debian (with everything running in podman containers).

If I were to consider migrating, it would be to migrate my laptop to secureblue (likely, rebasing the OS image rather than clean-installing) and migrate my Windows 11 desktop to bazzite. Both of these are still based on Fedora’s immutable base, albeit with changes to the base OS image. At some point in the future, I would also consider migrating my server to an immutable OS, however, which one remains to be seen.

As of now I am currently using FreshRSS, although before I properly deploy this to other users in my family / friends I might give Tiny Tiny RSS (tt-rss) a shot as well. I don’t think the differences will matter for end-users as the majority of mine will likely all be using it through the API via a mobile app (e.g NetNewsWire (ios & mac), FluentReader (desktop), CapyReader (android) etc. etc.)., however the main difference that will dictate which one I stick with is the filtering capabilities and the ease of setup of article-collection with readibility / mercury to remove extrenuous content / ads.

I am also quite interested in miniflux, although it is quite intentionally bare bones. It lacks a plugin api (a potential security improvement), and instead natively supports many of the things people would use plugins for (native youtube-nocookie embedding / invidious embedding, integrations with readlater services like instapaper and wallabag, etc., integrated article fetching and parsing with readibility [and can change user agent / cookies to bypass bot protections]). It also seems to have a bit better security stance (supporting modern web browser features like passkeys, content sanitization, sanitizing url parameters in share links automatically etc.).

Miniflux definitely feels like the best ratio of ootb functionality + security, but the UI of FreshRSS feels more natural if you envisage less techy users to use it (and in my case I see one person using the website over an app).

That is what it seems like based on what I have read :/

I guess the best option in my case then is likely to add them as a non-admin user to my tailnet. The only concern I have is with the potential of one user deactivating the VPN connection unkowingly, which is probably where Funnel comes in as a better option, but I would prefer to avoid serving stuff on the web when possible. (It is specifically a FreshRSS instance for now)

Yes, there is two ways you can go about this. The way that you are thinking of (and the way that I would ideally like to go about this) is as listed on this help article. This is perfect for sharing a home server to some friends, and letting them access a given service without seeing any of your personal devices.

The other option is to have just one tailnet, but having multiple users as detailed here. Notably this can be a security regression (if you don’t limit access on a per-user basis with ACLs), but is ideal for sharing access to your entire network with your spouse / older children within the context of self-hosting.

For example, I have a friend who has shared a minecraft server with me and that is an ideal example of sharing one node to a seperate tailnet. I am an admin of the server, and can manage the docker container for it + the backup sidecar and the SMB share, but that is where my access to his network structure ends.

This contrasts the situation with my partner for example, where we share a tailnet (with seperate user logins) to make things like gamestreaming just that much easier to setup. Hypothetically I can use ACLs to limit access to stuff like the Cockpit web-management portal, or block the SSH port, but I don’t feel like I need to in my specific case.

Addendum: I also think sharing the device out strips it of its subnet routes + services, which is part of the problem I am running into where I do want it to strip subnet routing (my elderly parents DO NOT need access to my printer), but I ideally want to be able to still use tailscale serve + services + https certificates to be able to share my self-hosted RSS feed reader for them (ad-free, no AI slop, much better for my one parental figure with early-onset dementia).

Addendum 2: I highly recommend exploring tagging + ACLs if you are looking into personal usage / seperation of networks. It is just a much easier approach of seperating devices that are owned and operated by the same person. I would only explore multi-tailnet option when it is different users and you want to share a very limited scope of your network.

I still think a syncthing client of some form is ideal. As someone else mentioned there is the option of using the Syncthing Tray devs experimental android build. To avoid issues with sync-conflicts / maintain high-availability access to the most recent file, I sync the databse to a raspberry pi with the encryption option selected (not that the pi is untrusted per se, but it is a device that doesn’t need access to the file, it just serves the most recent changes to other devices since often my laptop / phone / desktop are not all on at the same time).

That frankly sounds like power-tripping / intimidation, but perhaps I’m biased living amd working in a multi-lingual environment.

Some countries have a working vacation type of visa, but most of the jobs you’d get with that arent going to pay super well and are intended on covering your living expenses while travelling.

and it would put me on the path to a better life than I would have in America

If you’re intending on immigrating, many countries have pathways for taking higher education and getting permanent residency & a career after you graduate.

There’s also specific industries that countries may give you a work visa and a pathway to immigrate (e.g British Columbia, Canada is trying to acquire healthcare workers from the US).

Edit: There is also the option of remote work, however I think many companies are moving away from this as times change.

If you don’t mind clarifying, what do you mean by DoD?

I’m pretty sure they still are a defence contractor in the US, they also are generally the option for biking computers. There are competitors but Garmin has a chokehold on that sector, with other options just feeling worse.

So while their smart watches are more niche than Apple, Samsung etc, they still have found a solid niche in the smart tracking sector.

Frankly I would like to not use Apple CarPlay / Android Auto — however, the built in software needs to actually usable and continuously updated.

I particularly want to see better non-touch input. Rotary dial + buttons à la Mazda, and much better voice input. I live in a multilingual region, and it consequently renders most in-built navigation voice commands useless, as it won’t understand language switching. Even Google assitant has issues with this despite supporting multiple input languages, usually resulting in me saying the entire command in the same language as the address. (Or just giving up if the name and street are in two languages).

But with built in systems that only support one language at a time, I just can’t say some of the addresses since I don’t know how it wants me to mispronounce them in English.

I also have found media playback frustrating in any modern vehicle. This is likely a lot harder to solve, but the inability to switch playlists or change playback settings without my phone connected to Android Auto is frustrating when in vehicles without it.

I know this is very ranty and not that big of a deal, it’s just frustrating seeing so little progress in the past decade on this front — and in some aspects like human interface design of vehicles, they have frankly regressed. If I look at the voice input systems on cars from 15-20 years ago there has been huge improvement, but even 10 years ago to now it doesn’t feel that different. Maybe a few new commands, but the quality of recognition / utility of the system is lacking.

I think there’s an element of prestige people are missing. At least in my country there were online options prior to the pandemic even, they however lacked the prestige / name recognition that other institutions had. Keeping mandatory in-person classes is another way to maintain this prestige, a differentiating factor, from the other institutions.

I also have to agree with most of the comments here. From an instructional point of view online classes are lacking, they can be less engaging, and pedagogically neutered. And in fields with lots of laboratory work, it’s frankly impossible to get rid of at least part of the in-person educational component. Even for the humanities, having access to a large on-campus library of scholarly resources is integral to research.

In my personal experience I’ve been quite grateful to have access to a large archival collection, items that could not be shipped to remote students because they are too old to leave a temperature & humidity controlled environment. An online experience would prevent someone like me from doing some manuscript / original publication related research.

Now, I do think online options are helpful. ESPECIALLY for summer classes, where students may wish to retake a class while also moving away for summer work. But I do not think they should become the default, they should be an option where possible, but not the new normal.

Normally I would say community forks have the power to continue the project. However, in this case I think chrome / safari would eventually add enough new features that Firefox forks can’t add quick enough. Mozilla at least has some power in pushing the direction of web-standards, which these forks would lack, as well as the larger development team and some corporate usage of the browser which Mozilla has. I also don’t see the smaller development community keeping up with security issues found in the browser, particularly pertinent for corporate marketshare and individuals with a stricter threat model (journalists, dissidents, etc.)

The only other factor, is whether Firefox dissapearing would officially create impetus for an anti-trust case against Google. I doubt so under the current American presidency, but I could see the EU being concerned (even if they lack the power the US has to force the company to split). If something were to happen here there would be substantial change in the browser market, but I wouldn’t be too hopeful of this happening.

What are your goals?

I would say it’s really a combination of the instances policies and their jurisdiction, and in terms of jurisdiction it also depends on where you live (e.g. you may have more protections under law if the instance is hosted in your country)

There’s also nothing stopping you from using multiple instances — siloing your interaction in different types of communities in different accounts on different instances. This may be useful if part of your privacy concerns are having all of your post / comment data on one account on one instance.

Edit: You can also use an email aliasing service to avoid even giving your email out. There are aliasing services such as Addy.io, Simplelogin (subsidiary of Proton AG), Firefox Relay (Mozilla), as well as some email providers which provide (iCloud, Proton, Mailbox.org to name a few)

For iOS devices the most up to date client is “Strongbox”. I don’t think it is FOSS, but is compliant with the standard. It’s sadly a freemium app, but is quite well made in my testing. It cannot sync with syncthing, but does support several cloud services, its own service (which uses iCloud), and local file transfer over LAN. They also have a version of the app with all network connectivity removed for security (if you prefer)

This is perhaps overkill, but you can also encrypt the contents of your online cloud storage with CryFS / Cryptomater. This is particularly useful if you wish to store sensitive documents (healthcare, finances etc) in a cloud environment in case of catastrophic destruction of property (destroying computers / on site backups of data).

In this case you can also backup your keepass file in this encrypted virtual storage medium, on top of the prexisting encryption of the database itself.

My personal choice right now is KeePassXC (PC) / KeePassDX (Android) + Syncthing And Aegis (Android) for 2FA codes, with a yubikey for services that support FIDO keys.

Overall I like this setup because it’s decentralized and does not rely on a third party server structure. The only “weak” point would be the Syncthing relay servers or the Tailscale VPN that I use, but this goes back to ensuring encryption of the database is adequate with a long password, and using an open source synchronization protocol that ideally has been vetted by a trusted third party (or yourself if you’re capable)

I used to use Bitwarden, and I highly recommend it. I really appreciated it’s ability to integrate with email aliasing solutions to generate new aliases from within the bitwarden UI itself. However, my main reasons for switching were the following

• I don’t have the money to pay for it (uni student)
• I prefer a more self-hosted approach (I will consider using vaultwarden in the future when I have more money)
• I wanted to move away from using a browser extension for password management on desktop. KeePass’ auto type feature is really good, and a more secure input method than a browser extension autofill.

The only additional advice I have for both recommendations is that I do not think it advisable to add Totp 2fa information to your password manager even if it supports it. I feel like this should be separate, on a single device, and backed up in ~2 locations (one preferably off site). This is really to avoid problems if a device is compromised and if your password manager is compromised, but this is definitely in the more unlikely category I feel.

My only major issues with keepass are the potential for sync conflicts and the some feature differences between platforms. A centralized server config like vault/bitwarden prevents the sync conflict issues, at the cost of having one point of failure. The feature differences problem isn’t too great, but autotype doesn’t work on Linux if you install with flatpak, and you can’t prevent screen capture of the app on Linux (only on Android and Windows from my understanding)

Edit: I also tried gopass, it’s really fun to have an entire CLI based password manager, but frankly the state of mobile companion apps are appalling. The Android option only is good if you use a dev version, and the iOS one I thought was just ok. I also dislike the metadata leaking that is inherent to the format, and that PGP is the main form of encryption for the time being (some clients were looking at using AGE at some point). Overall it’s a cool but flawed concept, and I feel my other two recommendations are superior.

I think it’s important to see these types of efforts, while I’ll never go out and buy a MacBook the effort isn’t wasted since it gives current users more freedom and future people buying used laptops more options for Linux compatible hardware.

Without a project like this, that hardware will end up being e-waste a lot sooner than it should be, when Apple drops support. At least to me I see an ethical and moral imperative for projects like this, but I also understand people’s grievances with Apple.

I think you summed up my thoughts on the matter much better than I could have. In particular, the “digital” / “corporate” right to be forgotten is distinct and much more specific in its scope than a broader right, and is a rather important consumer protection in my opinion.

It doesn’t add anything unless you have the muscle memory for the dpad movement over joystick for 8 direction input. I just find it awkward, and can’t switch directions as fast. The corner zones also feel a little off compared to the cardinal directions, but this is likely just my muscle memory hampering me and not the game itself.

I feel like my issues with it are definitely nit-picky, and I can definitely see others enjoying the game and not caring whatsoever. I guess I just find it frustrating that a $79.99 CAD remake doesn’t allow for both input methods.

For example I know my partner enjoyed playing with the joystick. And in other games like cuphead that give you the option he still played with the joystick instead of the dpad. Perhaps I’m just a little stubborn :p

About the only rationale I can think of is the joystick being better then the joycons dpad for movement, particularly when inputting two directions at once. I personally use a pro controller so I don’t personally suffer from that in games where I use dpad, but I assume most people just stuck with joycons outside of the more “hardcore” switch owners.

I got a used copy of The Elder Scrolls V: Skyrim for switch, I know I’m very late to the party on this one but I am enjoying it a lot.

It is the first game however where I’ve had my switch fully crash, I guess I shouldn’t be too surprised since it is a Bethesda title.

I’ve been spending a bunch of the time reading the random lore books in the game, the world building is definitely the main draw for me over the gameplay. Gameplay isn’t my favourite but I am enjoying it still, I feel some more contemporary RPGs have definitely spoiled me in some ways.