Let the enshittification begin.

That will absolutely decimate Oregon’s job market when companies take all 20 data center jobs to another state.

If it quacks like a duck, swims like a duck, and looks like a duck, then it probably is a duck.

The problem is there are plenty of people out there (especially Magats) who are easily convinced the duck isn’t there at all. You know… morons.

An excerpt from the Wireguard Whitepaper:

One design goal of WireGuard is to avoid storing any state prior to authentication and to not send any responses to unauthenticated packets. With no state stored for unauthenticated packets, and with no response generated, WireGuard is invisible to illegitimate peers and network scanners. Several classes of attacks are avoided by not allowing unauthenticated packets to influence any state.

After opening an SSH port and watching the number of attacks I understand the concern about opening any port on a router, but it seems the worry about opening a port for WG is way overblown.

As of now I can find zero reports of a properly configured open WG port ever being successfully used by attackers to access a network.

Anyone have better/more recent info?

A cheap device like an Onn (~$20) would solve that, probably without requiring the device have Internet access once set up.

I’ve had so many instances of free to use, lifetime licenses, and purchased software that have turned into subscription services that I refuse to install anything that requires an account unless it can’t be avoided. The fact that Plex required an account be created to view my own local content years before they started charging for use made it obvious subscription fees were coming.

Jellyfin works great. Combined with Wireguard it works great anywhere.

I’m shocked, shocked I tell you that the preorder page is still up and taking stealing magat’s money.

The only people surprised by this are magats, but they’d still vote for the child rapist again.

I’m like you and did not want any kind of corporate entity involved in my network if it could be avoided. I settled on Wireguard and rather than deal with management constantly I set up 3 times as many peer configurations as initially needed. When a new device is added I just copy a spare configuration to the device and change the name of the config on the server. Tasker is used to connect the WG tunnel on our phones whenever home wifi is not connected. The open port on the router looks closed to the outside and only responds when the correct key is received so there’s no known way to breach the network.

Everything from my phone is run through WG and it only uses a tiny amount of additional mobile data. Syncthing adds nothing of consequence except when syncing big files. Battery life is fine even with both WG and Syncthing running.

Once set up it’s required zero attention or maintenance.

Technology websites should just add a top level menu - “Google Abandoned”

This is like holding a car manufacturer liable when a teenager drives to a liquor store and uses a fake ID.

deleted by creator

IMO the average person (and multiple people I know) no longer likes using their computers since W11 was forced down. They’ve heard good things about Apple and are ready for a change.

IMO most of the the demand is due to Windows 11, not Apple. People are done with Microslop’s crap.

Having no problematic posts only because you have no posts at all is not the flex you think it is. Instead you make problematic comments when you whine about other people’s posts.

It’s sad you don’t have the self-awareness to be even slightly embarrassed when that’s pointed out.

LOL! After I call you out you think you can pull the Reverse UNO card? Should everyone who does post something get your personal approval first to make sure it meets your lofty standards?

It’s always the ones who contribute absolutely nothing who whine most bitterly about what is being contributed by others. If you don’t like what’s being posted you can get off your fat ass and post something yourself.

This you?

What are the tunnel subnets? Are you using a reverse proxy to access local devices, or DNS rewrites?

I’d start by looking for subnet overlap somewhere.

I’m not clear about your setups at all sites. In the details for case 4 there’s a Firestick (customized Android) connected to WG (WG running on the Firestick?) but in your summary there’s a laptop in case 4 and the Firestick isn’t mentioned.

I suspect at least part of the problem is that Android does not tunnel hotspot client traffic. It provides Internet but not WG connectivity. Only the phone’s apps will be able to connect through the WG tunnel.

Running Mint for apps like Jellyfin and Icecast that aren’t critical, and Debian for apps like Frigate that are. Mint is easier to manage and more convenient, but Debian is amazingly reliable. Docker is used for everything.

Consider adding Wireguard or similar for anywhere access. I have Tasker automatically connect whenever I’m not on home wifi so everything is always available without having detectable open router ports.