Luckely we’re not relying on emails for security relevant and or private information, right?

The emails are unencrypted, emails in transit are in transit between the e-mail servers and relays and use secure tls channels.
They are only encrypted from your phone/notebook/browser to the server, then when send they will be encrypted till the next server.

Every server/relay first decrypts everything send to it, because it has to due to the TLS terminating at each server.

See also your source:

Transport Encryption: This form of encryption is used to secure your emails while they are transmitted over the internet. Most of today’s email services, including Gmail, employ transport layer security (TLS) to protect emails in transit. While it encrypts emails between servers, it doesn’t protect the content once it reaches the recipient’s inbox.¹

In practical terms, Your e-mail server, your e-mail servers relay (if it has any) and your recipients relay server/server can all read your email unless

End-to-End Encryption (E2EE): E2EE takes encryption a step further. It ensures that only the sender and the recipient can decrypt and read the emails. Even the email service provider cannot access the contents of the email. E2EE is typically achieved through third-party encryption tools or services.¹

Which takes active effort from both the sender and the recipient to make work - it’s almost only possible with people you know and little else.

¹ https://umatechnology.org/gmails-new-encryption-can-make-email-safer-heres-why-you-should-use-it/

You can use caddy-l4 to redirect some traffic before (or after) tls and to different ports and hosts depending on FQDN.

Though that is still experimental.

Only thing I can comment on is that 99% of all E-Mails you will get are unencrypted and can be read by your relay. (There are few e2e encrypted emails being send.)

So either trust them or don’t use a relay.

Step 1: Get write access to the project you dislike.

They don’t have quantum in the name.

Security vs having someone to message.

I recommend switching to NixOS only after you have a basic but broad understanding of Linux, many things in NixOS are more complicated than in “normal” Linux, which is needed to archive what it does, but is overwhelming for someone who doesn’t know the what and why and where that using Linux brings.

Sell their houses to who, Ben? Fucking Aquaman?!

There’s a solution you’re not seeing, make the notebook part of the production cluster.

Run a multi-cluster k8s on your notebook to test then?

I didn’t consider it as valid, one on (phone and internal nvme1), the second one on nvme2 and the third one in the cloud.

Though I have only two copies of normal data myself, I consider live and cloud to be enough for most data. Everything very important has more backups in other ways (bitwarden has an exportable local version on every logged in device, images are stored in immich on my server making it 3 devices)

• Maintain three (3) copies of your data: This includes the original data and at least two copies.
• Use two (2) different types of media for storage: Store your data on two distinct forms of media to enhance redundancy.
• Keep at least one (1) copy off-site: To ensure data safety, have one backup copy stored in an off-site location, separate from your primary data and on-site backups.

You have 3 copies, one on your phone and nvme, one on the backup nvme and one in the cloud. You have 2 media, internal SSD and cloud (your phone would count as a third if it wasn’t auto synced) You have 1 off-site in the cloud

Or use the ublocklist extension, this puts a button besides all search results to perma ban that domain and allows URL lists like this for automatic garbage removal.

Find a new service you like, add it using rootless podman. That way you can test it without affecting your running system.

Try sysctl -w net.ipv4.conf.all.rp_filter=2 on the PC (not vps) or =0 if that doesn’t work

Do a ping of 8.8.8.8 from your user, then open a new console and run tcpdump -i <interface> with first your uplink, then wg0. The packets should be seen on wg0 if they’re routed correctly and the problem then is on the vps side. Otherwise it’s a problem on your local config.

Did you add the vps IP to the routing table of your user? ip r add 10.0.0.2/32 dev wg0 table 1070?

To shreds you say?

Our Database