It’s quite easy to get rid of all that crap: just come living in the EU

Kensington? I don’t think an air tag can actually prevent theft (if they see it they’ll remove it - if they don’t see it they’ll still steal your stuff)

I have no idea what a DreamMachine is (and wikipedia does not help) so here’s the long answer :)

If you want a VPN tunnel to your own home, for secure access to your LAN, I’d recommend you look into NetBird and/or TailScale, which at their core are wireguard plus NAT punch-through (you can also run wireguard or openvpn directly, but it may be a pain since you most probably have a dynamic IP and possibly a CGNAT).

If you want to hide your traffic while connecting through networks you don’t trust (such as the work one or some cafe’s wifi), you can either use NetBird/Tailscale as above and connect though your home (well, assuming you trust your ISP of course) or some third party VPN which connects to their servers (I’d say look into Proton first).

Keep in mind that VPNs actually do very little for your online privacy (ie. it’s not like google or facebook can’t track or fingerprint you). They do is prevent man-in-the-middle traffic analysis from your ISP (or the admin of whatever LAN you are using), but then the VPN provider can do the exact same things, so… make sure to double-check the privacy guarantees of your VPN provider and compare them with those of your ISP.

What do you (think you) need a VPN for?

Lineage OS is not designed to relock the bootloader.

I don’t understand why so many people worry about that… doesn’t it only ensure that data is wiped if some agent secretly installs a rootkit or sorts on your phone before giving back the device to you?

To me, bootloader locking is mostly a way for phone manufacturers to make it harder to run anything but the ROM they have chosen (and it’s a PITA and the most laborious part of installing a ROM).

https://wiki.lineageos.org/devices/ and make sure to double-check that unlocking the bootloader isn’t too much bother (ie. read the installation instructions)

Why aren’t python and bash be available in all your systems?

Among others, I run stuff on alpine and openwrt.

I don’t need to run these scripts everywhere (strictly speaking, I don’t need the homlab at all), but I was wondering if there’s something that I can adopt as a default goto solution without having to worry about how each system is packaged/configured.

As for python, I doubt the full version would fit in my router plus as said I don’t want to deal with libraries/virtualenvs/… and (in the future) with which distro comes with python3 vs pyton4 (2 vs 3 was enough). Openwrt does have smaller python packages, but then I would be using different implementations on different systems: again something I’d rather not deal with.

As for perl, it would be small enough, but I find it a bit archaic/esoteric (prejudice, I know), plus again I don’t want to deal with how every distro decides to package the different things (eg. openwrt has some 40+ packages for perl - if I were doing serious development that would be ok, but I don’t want to worry about that for just some scripts).

I don’t see the reasoning in your answer (I do see its passive-aggressiveness, but chose to ignore it).

I asked “why?”; does your reply mean “because lack of manpower”, “because lack of skill” or something else entirely?

In case you are new to the FOSS world, that being “open source” doesn’t mean that something cannot be criticized or that people without the skill (or time!) to submit PRs must shut the fu*k up.

Those are outside Signal’s scope and depend entirely on your OS and your (or your sysadmin’s) security practices (eg. I’m almost sure in linux you need extra privileges for those things on top of just read access to the user’s home directory).

The point is, why didn’t the Signal devs code it the proper way and obtain the credentials every time (interactively from the user or automatically via the OS password manager) instead of just storing them in plain text?

Then your password (your other, “first” factor) is the only thing preventing an intruder impersonates you.

You’ll still have to go through the hassle the now useless second factor puts you through, so you might as well update your second factor even if you trust your first to be very secure.

It’s also on FDroid

Actually, it doesn’t seem to be there https://search.f-droid.org/?q=futo&lang=en

and available via Obtainium/Github

IDK about obtanium, but IIUC the sources are on their gitlab instance https://gitlab.futo.org/alex/latinime

That sounds a lot like “doesn’t matter what words actually mean. I am right nonetheless”.

…but I’m sure you’ll have some personal definition of “semantics” that will allow you to say you are still right, just like you could say “beggars can’t be choosers” in a context where no one is a beggar and there are in fact lots of viable choices.

If you actually read OP post, they are not asking for the moon and… definitely non “demanding” anything.

IDK about each specific requirement (especially the “inactivity” one, but … dude, just log in every 6 months), but I’d say a lot of “privacy” email providers should meet your needs.

Try looking into Proton mail (warning: you’ll have to setup a local relay if you need IMAP/SMTP) or maybe search the web for something like “privacy email provider free” and look into the results.

It’s pretty easy to find articles confirming the Musk/Signal thing https://duckduckgo.com/?t=ffab&q=musk+signal&iar=news&ia=news

Of course most of the rest is speculation, but… the article seems honest enough about it?

You should ask the seller to make sure, but I’d assume those cards will require KYC on activation? I mean, if Romania requires KYC it’s difficult to think someone can sell anonymous cards on ebay.

Didn’t you know? Disabling ad blockers ensures free speech and apparently may also peacefully end the current crisis in the middle east… oh, did I mention it helps with world hunger too?