That is what I was thinking, yes.
That is what I was thinking, yes.
In my case just disable IPv6 in WiFi is enough.
sysctl looks like the most universal way.
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
I tried the same setup with Ubuntu 24.04.1 desktop live system and I can replicate this IP leak issue, I guess I will have to disable IPv6.
Pratically no universal way of making Linux boot with ARM processors.
Much more closed source drivers (than x86 ecosystem).
I am born too late to understand what Y2K problem was, this (the result) might be what people thought could happen.
If I can suddenly in coma for a year, wake up and pay my bills, it’s enough.
Humans are doomed, destroy themselves one way or another.
try ncdu?
sudo ncdu --one-file-system /
I would 100% exploit this (insurance for family).
One thing notable of Sierra Forest is that the CPUs don’t have SMT (only 1 thread per core), so in theory it doesn’t suffer from speculative execution attacks.
Epyc CPUs still provides more PCIE lanes, which is crucial for GPUs.
ASUSTOR has NAS that can have up to 12 NVME SSDs (but speed is very limited by PCIE lanes).
NVME SSDs are still very expensive compares to HDD.
NAS that have many HDD bays are expensive but designed for easy setup and easy management.
Fractal Design Define 7 (XL) can have up to 18 HDDs by design, but then you will need to search for PCIE to SATA cards and PSU that have many SATA connectors (for example RM850x/RM1000x) and Molex to SATA cables.
FSP CMT370 is a much cheaper case with up to 3.5" HDD *9 or 2.5" SSD *10 but it’s not on amazon, it probably doesn’t sell to western world.
SAS drive enclosures (and SAS cards) are also an option, but the cages might be very loud because they are designed for servers that also are very loud.
Important things about dual booting:
Configure your Windows to use UTC time https://wiki.archlinux.org/title/System_time#UTC_in_Microsoft_Windows
Disable “Fast startup” in Windows (can possibly cause hardware issues if not disabled and it really doesn’t improve things in computers with SSD)
What do you recommend I do about disk partitions?
I recommend separate EFI partitions while dual booting, I haven’t seem issues with my separate EFI partition setup yet.
If Mint provides Btrfs filesystem I personally recommend looking into timeshift (snapshot software that can be setup to automatically snapshot your computer).
Is disk encryption straightforward?
According to Linux Mint forum, you need to choose an option in “Advanced features” while going through installer, that seems straight forward
Is cloud storage sync straightforward?
Don’t have experience with this but I can tell you: While rclone supports bi-directional sync, you need some setup for make it run periodically.
Should I just use apt to install software?
In the end you have to give trust to someone, I think it’s fair to say if you already choose Mint you probably trust whatever options comes with Mint more than 3rd party options (but is it theoretically possible that backdoored program exists in Mint repository? of course yes).
While my solution isn’t perfect (if someone key logged my computer I am very screwed), I think it’s better than (1) have a much higher chance of losing my 2FA tokens altogether (2) put all hope on Bitwarden being not compromised
Do you want to have 2fa keys on all your devices?
Yes
Doesn’t that defeat the purpose?
I use different password between KeepassXC and Bitwarden. (On my phone one of them is unlocked by fingerprint because I am lazy but not both)
And I don’t store KeepassXC password in Bitwarden.
Syncthing and KeepassXC for syncing 2FA between devices. (I use Bitwarden for passwords)
If your command doesn’t change (doesn’t require dynamic input), sudoers file can make specific command+argument run without password required.
https://www.cyberciti.biz/faq/linux-unix-running-sudo-command-without-a-password/ (ctrl+f search “A better solution”)
(You can also use wildcards in sudoers file but with nftables I imagine it’s a big security risk)
sudo chattr +i (folder) prevents anything to modify/delete folders and files
Add -R for setting the flag for all subdirectory/files
hmm… I would skip dpkg command in this case.
Wireguard config already includes “::/0”