They would not be able to really. In theory every contributor (or at least the vast majority) would have to agree to that license change.

Yes. But it allows to define a custom storage layout based on user date time filename typ and album.

I self host because i do not trust companies. I will not even consider giving tailscale the keys to my kingdom.

The company Tailscale is a giant target and has a much higher risk in getting compromised than my VPN or even accessible services.

Understand the technology that you use and assess your use case and threat model.

You can just backup the Whatsapp directory yourself. Whatsapp creates a message backup file every day or two, even when Google Drive is disabled. To recover them you need to copy them over. Not well documented.

Does anyone really need a 1,000 Hz gaming display?

yes

Does everyone?

no

but I guess that most of them are about 2/4GB.

Do you watch your Linux ISOs on a phone or what? Even Netflix has higher quality in HD

Why not file a bug report when it does not find all your photos?

Also may file a feature request to delete photos after set period from your device via immich?

guess a username and a password.

Security by obscurity is no security. Use something like fail2ban to prevent brute force. When you use a secure password and or key this also does not matter much.

disable root login

That does not do much in practice. When a user is compromised a simple alias put in the .bashrc can compromise the sudo password.

Explicitly limit the user accounts that can login so that accidentally no test or service account with temporary credentials can login via ssh is the better recommendation.

Imagine that the xz exploit actually made it into your server, so your sshd was vulnerable. Having it on another port does seem helpful then.

Nope. Your entire server can be scanned in less than a second for an open ssh port.

IPv6 does not change the fact since when your server is attacked the hist IP is already known.

Security by obscurity is no security.

Who the hell is pulling the docker-compise.yml automatically every release? I find myself already crazy by pulling the latest release but the compose file is just a disaster waiting to happen.

This answer here covers it quite nice imo.

https://unix.stackexchange.com/questions/5017/ssh-to-decrypt-encrypted-lvm-during-headless-server-boot

Important is that you update your initramfs with the command after you edited the dropbear initramfs config and or you copied the key over.

For the client it is important to define 2 different known hosts files since the same host will have 2 different host keys, 1 when encrypted with dropbear, and 1 when operational with (usually) sshd.

Also you need to use root when you connect to your server to unlock it. No other user will work with the default setup.

How do you even encrypt a server so that it doesn’t require human intervention every time it goes down/restarts?

The only time my Server goes down, is when i manually reboot it. So waiting a minute or two, to ssh into it and entering the passphrase is no inconvenience.

I use full disk encryption for every server (and other computers).

Encrypting your data drives is a must for everyone imho. Encrypting the OS is a must for me🤷‍♂️

Password protect your phone?

When a private key gets compromised just delete the public one from the allow list?

https://en.m.wikipedia.org/wiki/Mechanical_calculator Yep it was a thing. Ever heard of “the bomb” https://en.m.wikipedia.org/wiki/Bombe.

That argument is not valid. Just because it has moving parts does not mean it has a higher power draw. Look at your CPU for example.

We talk about software that is considered stable. That has verification checks for the backup. Used by thousands of ppl. It is unrealistic.

Until they hit a hard bug or don’t support newer transport formats or scenarios. Also the community dries up eventually

That is why you test your backuo. It is unrealiatic, that in a stable software release there is suddenly, after you tested your backup a hard bug which prevents recovery.

Yes unmaintained software will not support new featueres.

I think you misunderstood me. You should not use unmaintained software as your backup tool, but IMO it is no problem when it suddenly goes unmaintained, your backup will most likely still work. Same with any other software, that goes unmaintained, look for an alternative.