Y’know what that was terrible writing on my part. Where I put “physical vlan” I just meant specifying each port be a specific vlan rather than a trunk port that has multiple clans on in

I should probably proofread more and write less when tired

Physical wire tapping would be mostly mitigated by setting every port on the switch to be a physical vlan, especially if the switch does the VLAN routing. Sure someone could splice an ethernet cable, which would really only be mitigated by 802.1x like you already said, but every part of this threat model makes zero sense. You ultimately have to trust something (and apparently in OP’s case that’s a third party VPN provider that charges extra to not block LAN access while connected and they remain entirely on the free tier of)

But at the very least, not trusting everything on the network is a very enterprise kind of threat model, so using standard enterprise practices of network segmentation, firewalling, and potentially MAC-binding and 802.1x if so desired isn’t a bad idea, if for no other reason than it might lead to a career in network administration. And honestly I mostly want to get OP to not think of VPNs like a magical silver bullet and see what other tools exist in the toolbox

Wait you’re seriously using a free VPN?

Sounds far more likely that either someone misunderstood that residential IPs change frequently/may be shared by multiple subscribers or the ISP made an error when responding to a subpeana and provided the incorrect IP. Unfortunately both are all too common with privacy enforcement

If you really think the ISP router is snooping and can’t by bypassed you could simply double-NAT your network with a trusted router and call it a day. Much less VPNing and much less unusual decisions of trust and threat model involved then

But supposing you absolutely do not want to tack on additional costs, then the only solution I see that remains is to set up a private VPN network, one which only connects your trusted devices. This would be secure when on your I trusted LAN, but would be unavailable when awat from home.

Traditionally this would be performed by creating a dedicated network of trusted devices. Most commonly via a VLAN for ease of configuration. Set the switch ports that the trusted devices are connected to to use that vlan and badabing badaboom you’re there. For external access using Tailscale or one of the many similar services/solutions (such as headscale, netbird, etc.) with either the client on every device or using subnet routing features to access your trusted network, and of course configure firewalls as desired

Isn’t that a screengrab from one of the muppets films? You can even see Kermit in the center

Link for anyone like me who’s one of today’s lucky 10,000

I give that a 50/50 chance that the sign is a prank vs the sign is actually necessary

It’s a direct reference to At The Mountains of Madness. The penguins make exactly that call in the book and are friendly with the Ancient Ones, and really only present in the story while the humans are in the domain of the Ancient Ones.

Although the choice of showing Cthulhu in the final panel rather than one of the Ancient Ones is inaccurate. Perhaps it’s meant to be a sculpture, since in Call of Cthulhu it was made clear that Cthulhu was specifically the shaman of the ancient ones, meant to wake them when the time is right

Anyways I’d highly recommend reading the stories since they’re quite a unique style and dripping with a mounting, growing intensity. You can even listen on LibriVox. Call of Cthulhu is about an hour long and At The Mountains of Madness is about 4.5 hours long, so one decent car trip’s worth of audiobook basically

This is where I’m at too. If I go crazy and start installing stuff natively to experiment I end up with extra stuff auto configured that’s no longer needed and random problems I’m too lazy to figure out how to solve. Flatpak doesn’t do that and I don’t have to worry about that. I can install random stuff to play with and uninstall it cleanly. Some packages need more system access than flatpak gives natively and with those I’ll make the decision of if I want to set it up and tear it down manually or not.

Storage is cheap, my time not so much.

Sounds like you’re vaguely describing a ground effect vehicle, basically a plane which coasts along the water. They’re more efficient than actually flying due to exploiting the ground effect on the lift surfaces, but ultimately it’s closer to a plane than a boat

I’ve just been using the site in my browser for the couple of years or so I’ve been on Lemmy. I’ve thought about trying one of the apps but meh. The web interface is so well mobile-optimized as it is

If you are administrating systems it’s extremely useful to know how to work with stuff by command line, both for remote administration via SSH or Ps-session and for rapid troubleshooting/settings changes and of course for emergency recovery when everything is super broken.

Honestly I personally use a mix of both GUI, CLI and hosted admin portals (the 11 ton gorilla in the room everyone arguing over GUI vs CLI forgets about) and will shift between tools depending on what is best for the given job.

Of course if you’re just an owner-operator, see Joe Average in Anytown America with his household laptop, the GUI tools are the only thing you’ll want to use and even that might get overwhelming or scary, but Joe Average is more often than not these days going to not even own a computer and instead just use their phone. That’s the other thing many folks in these threads forget, is the home computer is a market on life support. The average “not a computer person” does not own a computer at all, they use their smartphone for literally everything

Winget install [programname]

winget search [programname]

winget upgrade --all --silent

Oh look, its also super easy in Windowsland!

Btop will also show disc and network utilization while running much lighter than glances. Personally I keep both btop and htop installed on all of my machines because I feel like htop is better for quickly killing a processes when needed

Also the Jackdaws

Honestly, if it’s important enough to RAID, it’s important enough to do right and run full fat ZFS.

You could also go the mdadm route with individual disks but ZFS pools are so battle-tested that whatever unholy edgecase you manage to create will almost certainly be something someone has encountered before, and it’s probably well documented somewhere how to recover from

There’s a double-i in “settings” in the documentation screenshot

However, Linux still lacks some popular applications, such as Microsoft Office and Slack, though alternatives are available.

Lol nice bait. Real talk though, just toss shortcuts to word.office.com, excel.office.com and outlook.office.com on the desktop and nobody will be any wiser

I remember thinking that when I was a kid and saw a clip on PBS Kids of a kid using their home fax machine to fax their dad a picture they drew at work. I was also like 4 so teleportation was still distinctly possible to my brain