azdle

I asked nicely why do I need to give my phone number and I was told that to register me as a member so I can get the discount.

I declined and said I don’t want to join and would like to just pay.

I've just said "I don't have one" when asked this for awhile. This never seems the phase the cashiers, I'm guessing they know what that really means. Half the time I still get whatever discount, though I've never tried to sign up for a membership saying that.

If it's an online form my phone number is just (local area code)555–5555. I've never had that not take, except for one case where it automatically enabled 2-factor auth and I had to create a new account.

They may block IP addresses associated with consumer ISPs. Assuming that's the case, I would guess you're seeing that as an HSTS/TLS error because their network is trying to trick your browser into redirecting to/displaying an error page hosted by some part of their network.

[edit: To be clear, I assume the part that OP is not sure if it's satire or not is "or switching to a more privacy-conscious browser such as Google Chrome."] The emphasis in

Firefox is worse than Chrome

is in the original. To me that clearly implies that they are of the opinion that in general Google & Chrome are worse on privacy than Mozilla & Firefox. The comment at the end is just tongue in cheek snark alluding to the fact that in this particular case google did better for privacy in Chrome than Mozilla in Firefox.

or switching to a more privacy-conscious browser such as Google Chrome.

Definitely satire, the context from earlier:

2. Firefox is worse than Chrome in their implementation of ad snitching, because Chrome enables it only after user consent.

Unless you're working with people who are too smart, then sometimes the code only explains the how. Why did the log processor have thousands of lines about Hilbert Curves? I never could figure it out even after talking with the person that wrote it.

C was originally created as a "high-level" language, being more abstract (aka high-level) than the other languages at the time. But now it's basically considered very slightly more abstract than machine code when compared to the much higher level high-level languages we have today.

IMO, the best free option is https://freedns.afraid.org/. The biggest downside of that one is that you have to login a couple times a year (IIRC?) to keep it active. I actually still use this even though I have a paid domain, I just CNAME my real domains to the afraid dynamic name. That was easier than changing the config every time I become unhappy with my domain registrar and have to reconfigure everything after swapping.

You're not mistaken, it is definitely possible with at least RSA, though, I would guess it may not always be possible. It also sounds like it's still a bad idea unless you know all of the parameters used to generate the keys and can be sure what information is actually encoded in the keys.

Less commercial interest means only hobby level development

Podman is developed by RedHat: https://github.com/containers/podman/graphs/contributors

As others have said, it's quite good on privacy. For the truly paranoid, IIRC you can even self-host the sync server.

From the security perspective of privacy, do make sure to use a good password for the Mozilla account, the account password is also the encryption key for the E2E encryption.

Unfortunately, no. Samba needs a different label. Doing that relabels things so that only containers (and anything unrestriced) can access those files.

IMO, yes. Docker (or at least OCI containers) aren't going anywhere. Though one big warning to start with, as a sysadmin, you're going to be absolutely aghast at the security practices that most docker tutorials suggest. Just know that it's really not that hard to do things right (for the most part[^0]).

I personally suggest using rootless podman with docker-compose via the podman-system-service.

Podman re-implements the docker cli using the system namespacing (etc.) features directly instead of through a daemon that runs as root. (You can run the docker daemon rootless, but it clearly wasn't designed for it and it just creates way more headaches.) The Podman System Service re-implements the docker daemon's UDS API which allows real Docker Compose to run without the docker-daemon.

[^0]: If anyone can tell me how to set SELinux labels such that both a container and a samba server can have access, I could fix my last remaining major headache.