LedgeDrop

Thanks for the comprehensive write-up. It convinced me to migrate back to Firefox.

I was on Firefox (8 years ago), moved to Chrome (I liked the non-admin/transparent update feature and Websites didn't break like they did with ff), then moved to brave (basically chrome + more privacy), and now I'll go back the Firefox (I hope I won't encounter too many non-FF websites)

Microsoft creates thousands of tons of ewaste for no reason...

Of course there's a reason, you said it yourself: TPM.

With TPM, Software will be able to cryptographically verify that the OS and Hardware are all unmodified. This'll be an end to piracy and end to unauthorized modifications to your PC ("We've detected that you've installed an Ad Blocker, please remove it before accessing your banking website")

This won't happen overnight, but the forced hardware upgrade is all about control (Microsoft over you) and creating a walled garden to drive profits (like Apple).

You can take a look at Android's attestation and how it prevents running your banking apps on a rooted cellphone as an example of things to come.

You have a valid point, and if your using this service to download dark web "illegal to possess" content (like CP) - then, yeah, you probably don't want to use it.

However, if you "find" the random movie/tv-show: The copyright holders are usually chasing people who are distributing content (like you do with torrents) as opposed to the people who may accidentally consume the content. ... but IANAL

... or you could pay approx $2.70 / month for real Debrid. Replace jellyfin with stremio + torrentio and your family can immediately stream whatever shows they want w/o asking you and without needing to wait for the torrent to download.

The defederation topic and how it impacts me.

I'm an adult, if I find something offensive I'll either block it or ignore it. However, not giving me the choice offends me and IMHO goes against what Lemmy and the fediverse was suppose to deliver.

I understand (and read) the reason's why site owners defederate and I view it largely as "Lemmy isn't mature enough to support more granular blocking - yet", so I wait patiently and hope this trend towards defederation doesn't turn into a powertrip by site owners "for the good of their users...."

I'm curious, how would you do this in such a way that it wouldn't come at the expense of effecting your high availability?

If the server were on-prem or in the cloud... and the system crashed/rebooted, how would you decrypt (or add the passphrase) to the encrypted drive?... cause the likehood of the kernel crashing or a reboot after and update is higher than an FBI raid... and it would get tiresome to have the site being down, while we wait for Bob to wake up, log in, and type the passphrase to mount the encrypted hdd.

You could use something like HashiCorp Vault, but it isn't perfect either. If the server were rebooted, it could talk to Vault and request the passphrase (automatically) , but this also means that the FBI could also "plug in" the server (at their leisure) and have it re-request the passphrase. ... and if Vault were restarted there's quite a process to unseal (unlock) a vault - so, it would be as cumbersome as needing to type in the passphrase on reboot.

My point / question is: yes, encryption (conceptually) is easy, but if you look at "the whole life cycle / workflow" - it's much more complicated and you (as an administrator) might ask yourself "does this complexity improve anything or actually protect my users?"

STOP! You're scaring the children!