Nothing, secure boot should work fine, no reason to disable TPM.

LetsEncrypt.

You can do that by joining the containers to the same docker network, you don’t need to expose ports even to localhost.

Containers can talk to each other without any ports exposed at all, they just need to be added to the same docker network.

They aren’t on the internet mainly.

My router (opnsense) has a wireguard server which is how I access things when out of the house.

I do have a minecraft server for my friends and I, but that VM is on its own network isolated from everything else.

What do you use TLS inspection for?

There are multiple apps from various devs that all use the Keepass file format, so they are all compatible.

Have fun doing that with a TV remote though, I guess you could buy a very short domain name.

Backups are encrypted so it shouldn’t be an issue.

I mean… just back them up like any other file. If you want them and nothing else, then do an exclude all and then include after for those files.

But you also need to backup the rest of the data, so I’m not sure why you’d want to exclude all the other folders.

I don’t think Chinese tech is really any worse than “US” (aka; made in china by a US company) tech.

The software running on phones and stuff is likely worse though, some things should be avoided.

Probably KDE, it’s the most ‘complete’ feeling to me with settings and GUI for most things.

That’s just one option, there’s also a normal docker image.

Gotcha, try setting up local records on local DNS instead to see if that solves it.

Only for records on the public internet. Local DNS records are done locally. Unless you’re not using local DNS records or something?

A local service lookup like from your screenshot should be happening directly on the local DNS server, it shouldn’t be going out to any upstream DNS server…

That would make more sense than not having a PW manager, sometimes you’re just so tired out that you run on autopilot without thinking about things.

Phishing emails are getting pretty good these days, and fairly well targeted too. I get some at work that are fairly convincing, emulating emails from services we actually use.

However…

“Hunt clicked on the phishing email, which led him to enter his credentials and one-time passcode into a hacker-controlled login page.”

Using a password manager should have prevented this, or at least make it a lot more likely you would realize something is wrong, because it will only enter your credentials on the correct domain name.

I also do the whole “don’t click links in emails, go to my bookmark for that service instead” thing as much as I can too. Especially for banking, I never click any link on those messages.

It’s good to be aware of and in general treat anything uploaded to the internet as public, but it also is a bug that the software isn’t working right.

For windows the powertoys resize extension works great, just a right click option to easily make images smaller.