If Cloudflare wants to operate in a jurisdiction it has to follow its laws. They can fight them in court, but if a court orders them to do something they’ll likely comply in some way or another.
E.g. UK wanted a backdoor in E2EE iCloud, so Apple disabled E2EE in the UK.
Some I haven’t yet found in this thread:
127.0.0.1:8080:8080)I do the same, but with Wireguard instead of OpenVPN. The performance is much better in my experience and it sucks less battery life.
Yes, but the point is keeping the quality the same. If you reencode a 5000 kbps x264 Blu-ray encode to 3000kbps x265 you will have visibly worse quality.
If you encode the corresponding Blu-ray remux with x265 to 3000 kbps the result will likely be nearly indistinguishable from the 5000 kbps x264 encode.
For OP: I also prefer smaller releases so I download mostly h265 WEB-DLs. They are usually around 3000-5000 kbps (1.3-2.3GB/hour) and look fine (especially as they usually come with HDR).
Redownloading WEB-DLs in the right size will give you the best quality for the small size (and saves energy, depending on where you live).
I’ve never used them but I heard about them in the context of private DNS and VPS hosting. E.g. they act as a middleman to shield domain the shield the client from authorities (at least to some extent — they still have to follow the laws).
Given their focus on privacy I’d trust them for torrenting at least as much as the other options. As a first VPN I’d say it’s great because of their flat 5€/m price. A few years ago I used Mullvad for that purpose — until they removed port forwarding.
I just want to mention that the forwarded port provided by the VPN must match the one configured in the torrent client. Buying a VPN which offers port forwarding is not enough.
Not all torrent sites require an open port. E.g. MAM works without an open port. It majorly impacts your ability to seed) but that isn’t a problem because of how much bonus points you get. TL does not either.
That’s fine. It completely depends on your threat model and your preferences. To this date I haven’t heard anything negative about PIA except their owners, so it’s fair to trust them. I just want to point out that you can have both with other providers.
Generating a random account number is a unique and great feature of Mullvad.
But other providers allow for the same privacy. E.g. AirVPN does not require a valid email address. Any random string works for all required fields (email, username, password). Payment via Monero is available too.
Njalla does require a valid email address (it sends a confirmation mail), but any tempmail provider works (which you could access through Tor). They also accept Monero.
I2P is not an option because I’m using a VPN for regular internet traffic. As much as I like the idea of I2P, there’s just no I2P torrent sites with the selection of content I want.
Tor is not an option for torrents.
Given there’re alternatives I’d rather choose an independent service instead.
But that’s a personal decision which is why I mentioned PIA with the disclaimer, instead of ignoring them.
If you want port forwarding the choice is between AirVPN, ProtonVPN and Njalla. Iirc PIA also supports port forwarding, but their ownerships reputation is no good.
Mullvad, IVPN and many other services don’t support port forwarding.
Trying to actually restore is the best way to ensure the backup works. But it’s annoying so I never do it.
I usually trust restic to do it’s job. Validating that files are there and are readable can be done with restic mount, and you’ve mentioned restic check.
The best way to ensure your data is safe is to do a second backup with another tool. And keep your keys safe and accessible. A remote backup has no use of the keys burned down.
I don’t have direct answer to the question, but I generally don’t add public trackers to my (public) torrents. DHT/PEX usually works fine for me for finding seeds on the occasion that I do need something from public torrent sites.
I wonder whether adding additional trackers only increases the speed in which peers are found or whether it also substantially increases the likelihood of finding peers.
You’re right, IVPN does not support port forwarding. The other three do.
Edit: IVPN seems to have removed port forwarding at the same time Mullvad did.
A few good ones are AirVPN, ProtonVPN, Njalla, IVPN.
A basic requirement most devices don’t meet is the ability to relock the bootloader. Other than Fairphone, Google Pixel and OnePlus basically no manufacturers allow unlocking and subsequently relocking the bootloader, which makes custom ROMs inherently less secure than stock. This keeps CalyxOS from most devices. LineageOS can’t be relocked and thus is able to support way more devices.
Others have pointed out more in-depth security requirements GrapheneOS specifically thinks of as mandatory (they do take security very seriously).
Yes. I like to leave the original link in the post body for that reason.
Sadly it’s not possible to provide links using Firefox Translate. People would have to translate it themselves (i.e. opening in a browser and clicking translate). Depending on the device they likely wouldn’t bother.
Agreed. In general people seem to like centralised platforms. They don’t want to sign up on another site for a specific purpose. They stick to what they know unless there’s good reason to change (mostly peer/ad/social media pressure I feel like).
In a way Lemmy is similar in that it’s a single platform to access all types of content. Given most people don’t care about the technical “how”, I can see why they like Discord and Reddit.
It’s mostly to allow the reverse proxy on localhost to connect to the container/service, while blocking all other hosts/IPs.
This is especially important when using docker as it messes with iptables and can circumvent firewall like e.g. ufw.
You’re right that it doesn’t increase security on case of a compromised container. It’s just about outside connections.