Buy a pixel off marketplace then. You can brag about saving e-waste.

Google isn’t a bad company, just a product of poor regulation. They have amazing engineers and produce valuable hardware and that should be praised.

Its the business side of things which needs massive regulation and an ethics check.

Straight talk or similar services that you can buy in store for cash.

Direct source: https://www.amnesty.org/en/documents/act10/7245/2023/en/

Looks to be a pegasus like program, I didn’t see any evidence of ISP’s conducting mass surveillance on users.

Like pegasus, predator software is a commercial surveillance tool. So it will have to be distributed in accordance to EU law, the union the companies country resides in.

Unlikely to be a major threat to average Joe’s, but journalist and politicians beware.

Please be considerate when publishing articles from indirect sources, third party blogs put on the tin foul hat very quickly.

Unless there’s a super hacker or NSA agent in the class that can figure out your password in real time… You should be fine doing that.

Ooookay… Took me a second to wrap my head around the layout… Originally I only looked at the picture, which only shows a single switch.

This is an odd topography. Typically when working with switches, you want them connecting directly to the router and not connected to another switch.

You are going to have bandwidth issues out the ass, along with having a troubleshooting nightmare when something goes wrong and you need to trace packets.

Right now you have a hub and a spoke inside a hub and spoke.

Since it looks like your Asus is just an AP in this scenario, you’d be better off:

• hooking both switches to the ISP router
• enabling DHCP on the ISP router for the 2.5g switch
• set your 1g switch to a different subnet, with default gateway to your ISP router
• enable dhcp for different subnet
• add Asus for WiFi ability on new subnet

You can then play around with VLANing on the managed switch. You won’t be able to separate IoT and Personal WiFi signals with VLAN. Youd need to create a guest SSID for that functionality and change the channels to 6 and 11 so you get good bandwidth

Edit: this is assuming you have a layer 3 switch, if its a layer 2 I would use the Asus as a router/AP and hook it directly to the ISP router and hook the switch up to the Asus.

Depends on your definition of safe.

If you do a public port forward and set up basic security and proper SSL its safe from the majority of people.

Looks like it’ll work. You should look into flashing that router with openwrt or pfsense and VLANing off those smart devices… They can be a security issue.

Also adding a second AP that you place on a different channel for guest and untrusted devices would work and increase bandwidth, but adds some routing complexity.

I use all of them, at once, with searx.

Brother… apple couldn’t find my airtag when it was dropped somewhere in my yard… How would apple find a submarine 5 miles below sea level in a faradayed submarine?

Tails isn’t really designed for daily driving. I’d go for a user friendly distro like Ubuntu if you an on switching from windows.

It is possible to make windows a little more private if you didn’t want to switch. Here’s a pretty good guide in modifying the the iso before installing: https://www.tomshardware.com/how-to/create-custom-windows-11-install-disk

Modifying window does help users gain more control and privacy, but windows is proprietary so a person can only do so much. Be careful on what you remove if you GI this route, windows relies on weird apps to function.

Another note, I wouldn’t be afraid of torrenting. The inky person that would care that your getting free movies and such is your ISP, and you can just flip on a VPN to clear their radar.

No only the server, you can host an openssh server and have clients connect remotely.

Sorta like how you can host a webserver and a client doesn’t need 443 open. Except a reverse shell is possible with ssh, allowing a client to be controlled without their port 22 open.

Looks chromium based, maybe look for another chromium with extension support?

Ungoogled version doesn’t have extension support, but I think that extensions are overated anyways because they make you super easy to fingerprint.

Brave is chromium based… But you have to trust brave.

You can tunnel RDP over SSH. Then you’d only open a port that requires authentication to access and is encrypted.

Checking the router is probably the only way to see if someone is active on your network.

Can anybody hack your computer? No. Most people only know how to run scripts that are known and patched in most operating systems.

There are skilled people who may be able to create an exploit or find a vulnerability in your computer, but they will mostly target businesses or people they know will be worth it to hack, so most likely they won’t bother you.

Generally if your on your own WiFi, having a WPA-2+ personal password is enough, but the more paranoid may have an IDS/IPS on their home network.

If your out and about, I’d personally use a VPN. I don’t like public ones and like to recommend setting one up on your home WiFi instead.

If you think you’ve been hacked… change your passwords and run virus scans. If you still don’t feel safe, backup your data and reinstall your operating system.

https://techcommunity.microsoft.com/t5/windows-11/how-to-block-a-program-from-accessing-the-internet-windows-11/m-p/2772951

The reverse is easy, maybe consider hosting the apps as containers?

Personally I’d just spin up a wireguard container with a GUI, user friendly and you can add anyone to your VPN in like 2 minutes wherever you are.

Most advanced part would be forwarding port 51820

A reverse proxy like nginx can automatically implement it for you. Probably the easiest way of generating and using your own SSL with let’s encrypt is a reverse proxy.

This is straight from their privacy policy:

We do not sell your personal information in a way that most people would think of as a sale. However, we do participate in online targeted advertising and use analytics which allows tech companies, in exchange for our use of their services, to use user information collected from our App to improve their own products and to improve the services they provide to others. Under some laws, this is considered our “sale” of your user data to third parties. You can opt-out of this as provided in the “How to Submit a Request” section below.

Forcing the older generation to change from a service that works perfectly fine to another one that isn’t as polished and isn’t a houshould name is a loosing battle.

I’d just bring up privacy concerns from time to time and suggest ways to increase their privacy when they ask for advice.

So you don’t have the root database password, or just the Lemmy user password?

Might be worth it to make a new database and create a new Lemmy user and migrate data from the backup.

I found this article which might help: https://www.postgresqltutorial.com/postgresql-administration/postgresql-reset-password/

I’ve only ever used Maria dB so YMMV.