I have seen 6 port minipcs like this one https://cwwkpc.com/products/mini-pc-firewall-c6 so number of ports is not an issue as long as you are prepared to pay for it. I think you’ll find more ports with similar keywords (industrial, firewall, fanless, etc).

My setup, which I think works well, is to have OPNsense on the miniPC as router/firewall, and separate WiFi APs. This setup has lasted me around 5 years now and will probably last as long as OPNsense and openWRT (for my APs) had decent support for my hardware. Well worth the money and effort in my opinion, and separating the router/firewall from the AP allows you much more flexibility.

This is the way

https://inv.nadeko.net/watch?v=DDZJJnQgACk

Actually not bad advice if they are into you badly speaking their language to them at first 😂

The description of the last post was literally about sexually harassing Qbittorrent chan… amazing the levels of degeneracy some people reach

https://help.vimeo.com/hc/en-us/articles/38597306882193-About-age-verification-for-the-UK-and-the-EU

Looks like that’s because its not rolled out here… YET

Beautiful 😅

This is why you should do a manual texlive install… unless you really need bleeding edge LaTeX features

3. Don’t click past unexpected https certificate warnings

Why trying to avoid Netbird?

But you see they can sell this! Can’t sell “fallow fields”…

Exactly. At the federal level the U.S. is an oligarchy completely controlled by the Epstein class.

Probably got the idea from the manosphere. That being said, actually sticking to that particular habit is something to be proud of, and is completely harmless… when you are that low, anything you can be proud of is a win.

The approver of the pull request does…

Of course, no question that with threat modeling you can arrive at /e/OS being an acceptable choice. However threat modeling is difficult and the devil is in the details, which is why I’m responding (mostly for the benefit of other readers of this thread) to provide the GrapheneOS side of things and avoid the impression that /e/OS offers unique or generally superior features in the areas we are discussing.

Here is GrapheneOS’s network location implementation details. https://grapheneos.org/features#network-location

From the official GrapheneOS response to exactly this same debate, it seems that the issue is MicroG’s reliance on having signature spoofing enabled. Which is a security hole that can be exploited by anyone, not just MicroG, as it allows anything to masquerade as Google Play Services to an app that wants to use it.

https://discuss.grapheneos.org/d/4290-sandboxed-microg/11

Yes, Google Play Services is closed source and contains functionality that would be considered “spying on the user”, and “malicious”. But that is the same for any closed source app; you can’t prove it isn’t trying to spy on you or compromise your device. What you can do is rely on the App sandboxing and fine grained permissions control that GrapheneOS allows to disable such functionality if it exists.

Of course, if even having a closed source app on your device is too much, then honestly you wouldn’t even be using MicroG as you wouldn’t want any apps using Google’s proprietary libraries for accessing Firebase or other proprietary services anyways…

So, GrapheneOS offers the most sane approach in my opinion, without opening any security holes. By default the entire OS (not talking about pixel firmware blobs, just the os and kernel drivers) are open source and you can use only open source Apps via Fdroid, Accrescent, direct with Obtainium, etc. But for the average user enabling sandboxed Google play and managing its permissions is the best compromise between security and privacy.

This is bullshit lmao