if I aggressively block each offender in my logs permanently, then the next person assigned this IP who may be a legitimate user will be unable to access my site.

temp bans exist for this reason. You can use something like fail2ban for it, or that may be overkill for your purposes, but any mechanism that blocks the IP address for a short amount of time will work. My f2b blocks spammers’ IP addresses for a day, and I don’t see repeat bans which means the spammers aren’t coming back on the same IP address, so the short ban works to stop a given spam attack.

I also used to use the same thing. Been a long time since I’ve had to remote access someone else’s PC for troubleshooting but I think I also used TeamViewer back in the day (which I assume might not work as well on Linux anymore now that Wayland is the norm?). Perhaps you could write a quick script to get your public ip address by curling some web service that tells you your public ip address, add a desktop shortcut to that script, and over the phone tell the person to double click that desktop shortcut and read out the number they see. It’d still trip up the most tech illiterate but hopefully if they’re at the “can follow clear and basic instructions” level they can manage that. And possibly there are still dyndns clients that do that; I’ve just not messed with any of that for a long time, but you can set that up on their PC if that stuff is still around.

It depends on your threat model again. Many people are able to live as fugitives for a long time because they’re not very high priority for the cops. I’ve personally known people who have been able to evade the state just by living nomadically because the state doesn’t put many resources towards finding you if you’re low-priority. Obviously if you’re actively wanted for idk terrorism or something then you’ll need more than just a nomadic lifestyle.

Whichever distro you choose, you could set up SSH access for yourself to do things for them (apart from fixing most networking issues if they can’t connect to the internet ofc).

I don’t sit on corner sofas regularly enough to have a standard seating position. In that picture I think I feel inclined towards the junction of the sofa.

Because they benefit from eating animals (they enjoy eating them) whereas they don’t benefit from having sex with animals (they don’t enjoy having sex with animals).

It’s fairly difficult to have a fixed abode anonymously. It depends on what your threat model is, but if concealing your location, particularly to the state, is part of your threat model, living nomadically is better. You’re talking about something different, which is blending in socially.

Just look for “faraday bag” online. There’s some online stores that sell them.

If you mean an actual cage rather than a bag, not sure, but I imagine you could make one to your specified dimensions.

I agree about the risks in terms of the way some sources present the AUR as just extra packages. But I don’t think you can object to the AUR more than any other place on the internet where anyone can upload software; unfortunately, the onus is going to be on the user to verify what they install. The AUR is moderated by volunteers and it wouldn’t be fair to expect them to vet all of the high volume of commits to the AUR. Possibly they could vet new maintainers or new packages or newly adopted packages, but nothing would stop someone from initially uploading a genuine package and then replacing it with something malicious. Or they could require identity verification to be an AUR maintainer but then far fewer genuine packages would be on there because people don’t want to give their real identity to contribute (I maintain some AUR packages, and would stop if required to verify my IRL identity).

I can totally understand if the AUR is not for you; it’s more time-consuming as you have to read PKGBUILDs (I always do). But that doesn’t make it bad that it exists at all. I think there should be more warnings about it for new users, and possibly some more moderation, though like I said above there’s no perfect moderation solution that would simultaneously forgo users’ responsibility to check and keep the AUR as large as it is today. Ultimately the option should still exist for users who want it. If it didn’t exist, I’d have to hand-package every program that’s not in the official repos, and that’s even more time-consuming than pulling and reading through a PKGBUILD that someone else already wrote and shared.

It’s just a repository of user-contributed packages. It’s no different malware-ability-wise to, say, GitHub. If you are running code you found from a stranger on the internet then you are liable for it, and you need to do your due diligence in checking that you are not running malware. It is a good thing that the AUR exists because it means Arch user packages are all in one centralised repository instead of scattered across GitHub, Sourceforge, Codeberg, Pastebin, forums, whatever. If you are just installing random AUR packages then that’s on you. It’s basic internet safety to not automatically trust random scripts you find on the internet.

What an annoyingly uninformative title. Better title: a lot more compromised AUR packages have been found since our last update.

“A lot worse” is intentionally vague to get people to click.

It’s a Haveno network. Haveno is the platform; RetoSwap provides a network for the Haveno platform.

I use bisq and retoswap.

I mean the ELI5 for the uninitiated is that X11 is older, and Wayland was made as the successor to X11. It aims to address issues that a lot of people had with X11. X11 is not in active development whereas Wayland is, and for support for modern tech, it’ll be added to Wayland but not X11. These days I’d advise to go with Wayland unless you either have hardware that doesn’t place nicely with it or you have a specific use-case for X11, i.e. Wayland unless you have a reason not to. Although most “beginner” distros choose for you without prompting you to pick, in which case go with the default (it’s probably Wayland anyway).

If you mean to explain the debate, basically some people have particular things they want to do, or they want to do something a certain way, and it’s not supported by Wayland, usually by design due to things like security concerns or philosophical differences with X11. X11 will continue to work for a long time but it’s not getting new features, so if these issues are a concern with you, you could stick to X11 for the foreseeable future.

The average user is not supposed to notice a difference (apart from maybe QoL differences like performance, screen tearing, etc)—that’s the goal of both projects. It should just display your desktop.

I mean, I only have one GPU, so if passthrough is required then that does make gaming more inaccessible.

I’ve never daily driven it as my main machine but I’ve used it as an auxiliary driver for a more high-security machine. Afaik things like gaming are sort of a no-go on Qubes still.

Qubes does not just do sandboxing. It runs all user programs in VMs, which adds non-negligible overhead and makes it an unsuitable OS for many more lightweight systems like laptops. And even if your PC can run Qubes without issue, you may not want that additional overhead if you want to do anything computationally intensive.

Maybe block on your router and save your router password such that you need to jump through several hoops to unlock it, eg password saved in one password manager DB whose master password is in another DB whose password is in another DB, etc. If you have to unlock like 10 password databases to get into your router, you’ll probably give up on whatever bad habit you were trying to do as it’s too much effort.

Never used Snapchat but there’s a lot of porn bots on social media. Not really sure where they come from but I guess it must be profitable and some gullible and horny people are falling for them because the bots haven’t gone away. It is very unlikely that a real woman would just be messaging random accounts with unsolicited nudes.

Unfortunately your nieces are probably getting similar bot spam. I don’t think it’s demographically targeted at all; they just seem to message everyone. I’ve gotten them as a woman on social media too (albeit a gay one, but I don’t think these bots are targeted at gay women lol, I think they’re targeting men). It might be worth trying to introduce your nieces to some fun hobbies so they don’t feel the need to spend so much time on Snapchat, but I get that it’s a social thing too and it’s hard to opt out if all the other kids are on it.

He’s not a cop anymore is he?

I self-host on a VPS, so my off-site copy is the VPS, and my on-site copy is the emails downloaded to my email clients.

I figure that Proton or Tuta are probably still safer than Google.

Define “safer”. If you are receiving unencrypted emails (which is the case in the vast majority of cases), there is nothing stopping Proton or Tuta from reading them. Fundamentally, if something arrives at a server unencrypted, the server can read it—nothing can be done about that.

If you’re exchanging e2ee emails, then it doesn’t matter if you use Google, because the body of the email can’t be read by Google. A lot of metadata is required to be unencrypted though (this is the case for Proton and Tuta too).

I don’t really see the benefit to using an email service like Proton or Tuta from a perspective of meaningful data privacy. If it were between e.g. Proton and Google I’d probably pick Proton to avoid my emails being used to serve me ads from Google, but I wouldn’t have any illusions about Proton being able to read unencrypted incoming mail.