Pihole or other network-based ad blockers might be able to do a lot of the same things. Or an ad-blocking DNS set in the phone’s settings. But I don’t know of anything else that has the same on-device VPN implementation as the DDG tool.

I don’t think ActivityPub is set up for one server storing and forwarding a whole feed of everything, like Usenet. Right?

But you can, in fact, be too careful. Availability is one arm of the security triad.

If whatever complex configuration you have set up to avoid exposing something to the Internet is incompatible with something and what you wanted to do can’t be done, or if you look and see that setting all that up would be too hard and don’t bother to expose the service at all, then your security posture is incorrect because your service is just as unavailable as if someone else broke it.

That certainly sounds like a thing you would want, nay need, to fix.

It would definitely reduce the attack surface. And even though Windows has “security” issues patched all the time, rarely are they ones so severe that you can just roll up to a machine and send it a weird HTTP reply and get admin access. Usually it’s stuff like if you have a shortcut file on disk it gets to run code when you look in the folder, or something. Not great for working with downloads, but hard to exploit unless at least one other thing happens (like visiting a malicious page, which then starts a download that the browser accepts).

But the browser calls out to the OS to do a lot of stuff (render images, render fonts, play sounds, etc.). It mostly assumes the OS can do those things without popping open a remote shell because too many emojis were rendered in a row or something. That is not always true, and when it isn’t you want an OS patch to fix it before you go on a site where someone can post the Magic Emoji That Hacks You.

But you are right that you can browse around trustworthy websites on an unpatched system behind a decent firewall for quite a while before you notice something bad happening. But also, a lot of bad things can have been happening for quite a while before you notice.

Probably.

Sounds like a lot of people are out there selling defective hardware.

I mean if you put up an Internet-facing unauthenticated file acceptor it will quickly become stuffed with all sorts of garbage and aspiring malware. You definitely don’t want to hook that up to an untar and exec loop, even with some notion of sandboxing. It will just start mining Bitcoins or sending spam or something.

But if it is built properly, with only authorized users being able to upload stuff, and a basic understanding of not dropping stuff where the web server will happily execute every PHP web shell someone sticks in the slot, and the leverage to threaten people into not uploading pictures of their own or others’ butts or Iron Man (2009), I don’t see why all but the file-uploading professionals should immediately give up.

You could definitely build something like this. You definitely want either human review before execution or a fair amount of sandboxing for whatever your students submit.

Do you want students trying to brute force or exfiltrate whatever test data lives in the server? If not, either they should just have the test cases already, or they can get back how many/which of the secret test cases they passed along with their grade, so showing them the results live might not be so important. Unless you want something like “you have 3 tries to pass the secret tests so you can get a hint that your own tests missed a case and go back and try to guess what it was”.

You also might want to invest time first in test harnesses for the students to run themselves, because you want them to learn good practices like coding against a test suite. If nothing else it makes it easier to make the auto-grader later if the students’ code is all already hooked up to the same test framework.

Teaching students how to use fully use a multi-user Unix system can for some topics put unnecessary faffing about between the students and what they are trying to learn (are you teaching front-end web dev or something?), but in a lot of cases your students might actually be better served by something that makes them touch the deep magic than by a slick web UI that handles everything for them, as long as you turn it into a learning experience and not a protracted period of bafflement.

Does your school not already have some kind of shared CD department server/Unix environment for the students that could get you out of account management?

Also, the Right Way to get the code to the server is probably going to be Git and not a tarball. The students could/should be set up with a Git forge and indoctrinated in never leaving their code on their laptop to be sat upon and lost.

It’s OK, they have a Tabaxi already.

The kind of “privacy” you get by using a VPN or avoiding Facebook tracking your web browsing is absolutely not appropriate for using against a threat model that includes three-letter agencies or even, frankly, the local cops. They can just, like, come to your house when you aren’t there and bug it. Point a camera at your screen, station a dude in the closet, replace the computer with a cunningly painted cardboard replica of the computer which is a spy, etc. Or from the other end, they simply exploit a zero-day in every one of your seven proxies, because they care enough about catching you to burn them.

Sometimes the threat model says you just lose and you can’t actually get what you want by using computers, because you have an information technology hammer and a fundamentally legal or political problem.

If you think the police are actually on to your crimes, stop doing those crimes! If the crimes needed doing for some reason, someone else less likely to be known to the police will probably do them instead, and you can surely find less-crimey ways to further whatever they were meant to accomplish. If you’re in it for yourself for some sort of personal gain, quit while you’re ahead.

If you think you’re drastically overestimating the likelihood that the police are after you for your crimes, and it is affecting your ability to function, that’s definitely a problem for your therapist. Presumably one who doesn’t insist you explain your various crimes to them in detail, a thing which your lawyer (which you also maybe need?) might have concerns about.

Touching the system partition isn’t the only thing one would do with root. And if the ROM ships su in the ROM, there’s no problem of being out of sync with upstream or even not passing boot verification.

It does open up an attack surface against the app that provides the UI to gate root access. But that has to be considered against the “availability” arm of the security triad.

You don’t need an Invidious instance to back FreeTube. You can set it to local mode to just talk to YouTube from your IP, or to operate through a proxy.

It sounds like nobody actually understood what you want.

You have a non-ZFS boot drive, and a big ZFS pool, and you want to save an image of the boot drive to the pool, as a backup for the boot drive.

I guess you don’t want to image the drive while booted off it, because that could produce an image that isn’t fully self-consistent. So then the problem is getting at the pool from something other than the system you have.

I think what you need to do is find something else you can boot that supports ZFS. I think the Ubuntu live images will do it. If not, you can try something like re-installing the setup you have, but onto a USB drive.

Then you have to boot to that and zfs import your pool. ZFS is pretty smart so it should just auto-detect the pool structure and where it wants to be mounted, and you can mount it. Don’t do a ZFS feature upgrade on the pool though, or the other system might not understand it. It’s also possible your live kernel might not have a new enough ZFS to understand the features your pool uses, and you might need to find a newer one.

Then once the pool is mounted you should be able to dd your boot drive block device to a file on the pool.

If you can’t get this to work, you can try using a non-ZFS-speaking live Linux and dding your image to somewhere on the network big enough to hold it, which you may or may not have, and then booting the system and copying back from there to the pool.

That should just be the title bar now

I think we can trust that most phone camera apps do in fact obey the toggle they provide for whether or not to embed the GPS location data in the image.

There oughta be a law

I don’t think that’s true. For one thing, it’s easy to buy a car from a random person, without granting any permission to any car company to download stuff from your car and sell it. If a car company were to access your car without permission, you could sue for damages (see OP).

High-level polyamory.

I think you can keep doing the SMB shares and use an overlay filesystem on top of those to basically stack them on top of each other, so that server1/dir1/file1.txt and server2/dir1/file2.txt and server3/dir1/file3.txt all show up in the same folder. I’m not sure how happy that is when one of the servers just isn’t there though.

Other than that you probably need some kind of fancy FUSE application to fake a filesystem that works the way you want. Maybe some kind of FUES-over-Git-Annex system exists that could do it already?

I wouldn’t really recommend IPFS for this. It’s tough to get it to actually fetch the blocks promptly for files unless you manually convince it to connect to the machine that has them. It doesn’t really solve the shared-drive problem as far as I know (you’d have like several IPNS paths to juggle for the different libraries, and you’d have to have a way to update them when new files were added). Also it won’t do any encryption or privacy: anyone who has seen the same file that you have, and has the IPFS hash of it, will be able to convince you to distribute the file to them (whether you have a license to do so or not).