forgot this part

P.S. I’m guessing OP doesn’t actually have a CA and is just using simple self signed certificates without any private CA that has signed them.

I assume that too, however the person I responded to recommended using a full fledged CA cert.

but it’s their CA so why would they do that?

I don’t mean them specifically, but that to me managing access to such a CA cert’s keys is security nightmare, because if I somehow get an infection, and it finds the cert file and the private key, it’ll be much easier for it to make itself more persistent than I want it.

But if you don’t trust your own CA what’s the point of having a CA?

That’s the point. I don’t recommend having one. I recommend self signed certs that are

• limited to a lan (sub)domain or a wildcard of it
• you verified by the fingerprint (firefox can show this)
• you only allowed for those of your internal services for the cert was intended

Or if you don’t want to deal with self signed certs, buy a domain and do lets encrypt with the DNS challenge.
That’s also more secure, but can be more of a hassle, though I guess it depends on preference.

But then I would use this latter one too if I had opened any services to the internet, but I didn’t because I don’t need to.

I’ll try this, thanks. but to fill in some missing context from my part, this is what I have been experiencing for the little more than a year I’m running an I2P router.

sure, I believe that. though google still knows precisely if you receive a new mail, and the bigger problem is that without google services notifications won’t work whatsoever

oh, I see now, sorry! from mechanical I instantly thought you mean an HDD

titles and senders are not encrypted, they are capable of sending that

the catch is that you don’t own that camera, only the manufacturer does. besides requiring an account and a connection to china to be able to use it, they have access to both your network, and to the camera feed. they’ll use the network info to gather info about you, and the camera feed to train their face and gait recognition AIs, possibly also for intelligence

you should only need to allow this once for each domain/subdomain, surely that can’t be that much of a pain.

yes that has to be repeated when the certificate changes, but make it with a 2-5 year expiration and it’ll be safer than attempting to disable these security measures for all domains, which would be just very silly and careless

does not sound like a good idea. your own CA can sign certs for any other sites too, and it’s dangerous.

I would say it’s even more dangerous of you just think “nah, it’ll be fine”

oh that was it, the account requirement was what I wanted to remember but couldn’t! was sure it was something even worse, thanks for the help.

yeah if I would buy such a TV by accident, I would bring it back within the return period and tell that it was faulty, because it is.

the available outproxies were very much overwhelmed

honestly that’s still my experience. it’s not rare that websites like a DDG results page does not even load, I think from time to time I even have unable to connect errors, even though as I have stormycloud as my outproxy. probably something on my end, though, it seems then

they don’t have any business with my fucking personal phone! where do you live, in the USA? if I only use an old dumb phone, they have no business about it! they can reach me when necessary, and that’s all they need to care

yeah, but for OP’s amount that’s an overkill, the drives are very expensive

unless you span multiple boxes of discs which is a pain in the ass

FTFY

with two drives (preferably different brands/age, HDD or SSD doesn’t really matter) in it using a checksumming filesystem like btrfs or ZFS so that you can do regular scrubs to verify data integrity.

an important detail here is to add the 2 disks to the filesystem in a way so that the second one does not extend the capacity, but adds parity. on ZFS, this can be done with a mirror vdev (simplest for this case) or a raidz1 vdev.

went with an ssd in this idea since its more durable than a mechanical, better price for storage capacity

how? sorry but that does not add up to me. for the price of a 2 TB SSD you could by a much larger HDD

and most likely to be compatible with other computers in the future in case you need it for whatever reason.

both of these use SATA plugs, it should be the same

there is 0% risk until your country makes a law that prohibits any and all P2P communication. That would not only break torrents, but would thwart signal/telegram/whatsapp calls too, Jitsi meetings, probably google meet and zoom too, as all those use P2P traffic for performance.

So far there are only such laws in far east countries, and the official java I2P router is smart enough to not participate in routing when you are in such a place.
Also, I think for routing to work you need to open a port, without it that won’t be done.

as a node

• you are unable to see the contents of traffic you route thanks to layered encryption
• you wont be routing traffic to the internet (unless you specifically set it up), but only to other I2P routers

I know nothing about seedboxes, but on a computer you can point multiple torrents to the same directory. If you make it read-only, by permission or mount options or whatever, the torrent client can’t even fuck it up

I can guess too! With my guess, AI is already using 420 TWh annually!

What if we wouldn’t guess anything like this? This is not just not meaningful, but straight out misleading.