Hard disagree. It only applies for things you cannot change but should try to accept rather than stressing over it.

If you say “it is what it is,” in reference to things you could change but choose not to, well that’s on you.

Yep this is exactly right. Too many people are unaware that their votes are not anonymous on Lemmy and blocking the public tool only helps the bad guys who already know this. I’ve always thought this was a major weakness in Lemmy but I don’t have a solution myself without some other major drawback.

I think probably votes should be anonymized or batched between servers so that only your instance’s admins can see individual votes and you just have to trust the instances you federate with that they aren’t pulling any shenanigans or otherwise defederate. That’s not an easy problem to solve, but it’s not like it’s not currently possible to manipulate votes with a federated server, it would just be harder to detect. Regardless I think the need for privacy wins here.

The easiest way that doesn’t affect the main network would be to use a travel router. Its WAN IP would be the private IP it gets from the main network (over wireless since that’s your only option). And it would NAT your network onto that IP and then you can do whatever you want on your network.

I’m not sure if that Mikrotik router will do this but it might. You basically need something that can connect to an SSID and use that interface as its WAN interface. The wireless factor here is really limiting your choices. If you had a wired uplink to the main network you could use any router/gateway/firewall you wanted. You could also use an AP in bridge mode to connect to the main network’s SSID and wire it to the WAN port of any router of your choice.

You don’t really need to use VLANs to separate your network from the main network unless you want to share any of the same layer 2 segments (basically wired Ethernet) while keeping it isolated. But it doesn’t really sound like that applies in your scenario. Of course using VLANs within your network would still make sense if that applies (for example, to separate your server traffic from your IoT traffic).

I heavily use both and this is objectively untrue.

I don’t deal with hardware much anymore, but I’d take Aruba over Cisco any day. But for everything else, yeah fuck HP.

And what about taking a nice drive down Jean Baptiste Pointe du Sable Lake Shore Drive?

Not that it’s my first recommendation for security reasons, and I would never do this in prod, but you can just add the self-signed cert to the local trusted root CA store and it should work fine. No reg changes needed.

If you do this, put it in the store of the user running the client, not LocalMachine. Then you just need to make sure you connect as something in the cert’s SAN list. An IP might work (don’t know since I never try to put IPs in the SAN list), but just use a hosts entry if you can’t modify local DNS.

Edit: after reading the full OP post (sorry), I don’t think it’s necessarily the self-signed cert. If the browser is connecting with https:// and presenting a basic auth prompt, then https is working. It almost sounds like there is a 301/302 redirect back to http after login. Check the Network tab of the browser’s dev pane (F12) to see what is going on.

Holy shit, I remember being excited for 2.4 because of iptables. That was over twenty years ago.

I don’t think I got them all.

I was one of those people. I still maintain hope, but the fear of what the algorithms will do outweighs that hope some days.

The thinking was that people’s core opinions are formed while they are young. They are mostly inherited from your family and society around you, so that information bubbles are formed early that are hard to break out of.

I thought that if people were exposed to multiple cultures and ideas from a young age through the Internet, they would understand them better – not just as foreign concepts told to them through a thick lens of bias from their parents and teachers.

However, I failed to predict the opposite powers. First were the echo chambers that formed, strengthening the deepest dark sides of humanity that, before, were kept locked away in basements lacking anyone with whom to discuss and provide validity. Then the corpos and MBAs figured out they could psychology game us all with algorithms. They didn’t necessarily know at first that the negative content would be the best for driving engagement; but they didn’t care either.

So right now I think the bad is outweighing the good. But I don’t think it has to stay this way forever.

Yeah, this is FSKAX over 3 years. I have a lot of my portfolio in it and it does well. It’s up 24% over that period.

A) Nope. You’re spreading FUD. Got a link?

B) I’m ignoring you. You’re talking gibberish.

B2) You’re still wrong and in over your head. Remember, the ask was for an out of box solution for full drive encryption, silently decrypted via TPM (using Secure Boot’s PCR 7) that still supports OS hibernation.

C) Wut?

A) You’ve said nothing relevant. We already knew all of this. Recall isn’t being installed or turned on on any of my Windows boxes. Copilot is dumb but it isn’t collecting any data you don’t voluntarily feed it.

B) I don’t disagree with whatever point you’re trying to make but it has nothing to do with Windows. Unless you know something we don’t?

B2) You’re lying

B3) What?!

C) You’re initiating searches through the Microsoft Windows Start Menu™ and are mad it’s launching Edge? Do I have that right?

A) None of that has actually happened. If you want to back down from hyperbole and provide specific examples, I will consider addressing them.

B) The U.S. Government is not an adversary in my threat model. If it is one in yours, I assume you are running Qubes OS, which is a completely different conversation. With Windows, I have access to Secure Boot and TPM-backed full drive encryption (including hibernation support) out of the box. Can you do that with Linux? Also, you know as well as everyone else here that the MSA requirement is easy to bypass.

C) Again, provide specifics. I don’t default any of my apps to Microsoft’s and this just doesn’t happen.

I’m sorry, I don’t get it. For what are we coping?

I should have mentioned that I still love Linux though…

So where do those of us who don’t think Windows is the literal worst OS ever fit into your analogy?

Yeah Win11 will probably be a noticeable performance hit on that. Especially Explorer which they made dog slow when adding tabs and the new context menu.

The Office apps and browser will probably be about the same.

I’m running Windows 11 on a 12 year old X79 platform. Runs just fine.

But it was definitely top of the line in its day and 48GB of RAM keeps any system relatively snappy.

It only happens twice a year though.

https://en.m.wikipedia.org/wiki/Lahaina_Noon