Wouldn't advise turning off ipv6. We are probably getting near the point where some public services will disable or offer v4 as only best effort, and when this happens, your connectivity will be broken for certain things if you disable v6. Heck, it's to the point now where all my home hosted services are v6 only.

The better solution is to just get a VPN that supports ipv6 like airvpn or mullvad. I think pia disables ipv6 while the tunnel is up, which is better than disabling ipv6 altogether.

To validate the tunnel is working properly you can use something like this.

https://ipleak.net/

There is also a Torrent Address detection section, that when you activate it, will provide a magnet link that will show your ip to ensure that it is tunneled properly.

DNS doesn't really matter for piracy, but it can help improve privacy and security.

DNS over TLS will ensure all your dns requests are encrypted, and most clients actually validate the certificate so attempts to hijack the connection are not easily possible.

Firefox can bypass your systems DNS and use DoH. I think windows also supports DoT.

For Linux, systemd networkd and resolved also support DoT.

Keep in mind that some software does not obey system dns settings and can do their own DNS.

BitTorrent v2 allows this also. In v1, torrents with multiple files are hashed continuously (cat) together without respect to file boundaries. A side effect of this that many people notice is that to grab a specific file may require downloading some of the files before or after the one you want.

Under v2, each file is hashed separately, so this fixes the aforementioned problem and should allow sharing of files across torrent files.

If you were willing to spend money, why not just get it from RH directly.

They can do both, and if their stance is at all ideologically motivated, then it is necessary to focus on more than just the low hanging fruit of doing reviews.

The free software movement is more than just the free software existing. It is also congruent to the laws that permit it and extending rights

Right to repair is about more than simply fixing things. It's about going after companies and lobbying to get actual rights enshrined into law.

Many ISPs are no longer handing out even 1 public ipv4 address per account, and instead opting for CGnat which further breaks and stratifies the internet.

Tmobile for example is 464xlat which is even worse than cgnat since it requires tampering with dns responses.

Given the situation many ISP are in, most serious companies offering services on the internet have supported ipv6 for a long time now in order to offer the most competitive service possible. And with cloudflare now serving up a large amount of traffic, a lot of all traffic is v6.

Believe it or not, but IPv6 is here and gaining ground.

DNS vc is used for any dns request, not just zone transfers. UDP can sometimes fail in some situations, in which case the client will fall back to TCP which will keep it working.

Immigrants shockingly often vote conservative.

https://www.pewresearch.org/religion/religious-landscape-study/compare/party-affiliation/by/immigrant-status/among/state/florida/

I am not sure what these results mean exactly. Perhaps the third generation is some specific type versus the second.

Why would you strip ipv6 if mullvad supports it. The reason people disable or block v6 are for 2 reasons, ignorance, and/or the vpn providor doesn't support ipv6. V4 and v6 can and usually do run at the same time (this is called dual stack), so if the vpn only touches the v4 side of things, v4 will be tunneled while v6 will be unaffected.

Also, the firewall doesn't matter if you use a torrent client that can just bind to the wg interface (assuming there is no nat being performed from the wg interface to the physical interface). The client will take one or all of the ips on the interface, which will make it impossible to leak IP directly assuming your switch or router doesn't also have an ip in the same subnet as your wg interface ip.

I don't know UFW, but if you run iptables-save or nft list ruleset i can take a look to see if it is sane.

But what i can tell is that it might work. You appear to be only allowing public traffic to wg. It should be noted that this setup will likely fail at some point because you are hard coding the IP. It should fail safe, but the public internet will not work.

Hardware encoders are common and "cheap" these days. They may not be as good as properly tuned software based encoders, but they are fast.

It can and will work, but it will not be optimal. You will be able to connect to other peers, but other peers will not be able to connect to you. This usually isn't a big deal, but it's not great in situations where there are not many peers, and you need every connection you can get.

No, you should keep both udp and tcp port 53 open going out. blocking dns vc/tcp will result in dns being partially broken.

Maybe, but in practice nothing happens. Microsoft has had numerous issues reported to them before, years ago, and the issue reported to them was never fixed or taken seriously. Then years later, the issue is sometimes rediscovered and they find the report from years earlier, and nothing happens.

Until legislation gets passed to force companies to take liability of their software, nothing will change.

Bottles is pretty good. It's available on flathub.

No matter what you choose, encrypt the data you store to avoid drama.

You could take a look at wasabi. Keep in mind that I think they have minimum commit. So if you add 1tb of data, you are charged for storing it a minimum of a few months.

Backblaze b2 and cloudflare r2 are also options.

Google drive is also a decent storage platform at a reasonable price. 9.99/mo for 2tb. You can check the rclone matrix for features and alternatives.

Yes, but that is always possible with most protocols, including imap.

Take a look a FUSE and you will see all the creative things people have done with filesystems. Or DNS, lots of fun things have been done with that also.

It only applies to network devices that respect the setting. However, if you are using windows, for machines you care about, you can just configure DoT.

https://www.linkedin.com/pulse/secure-your-internet-connection-dns

Android also supports DoT, as does firefox as I mentioned above. For any given device you can search for "android DNS over TLS" and get info to see if it can be easily turned on.

However, also keep in mind if you are using Windows, then using DoT is like putting a bandaid on a gushing wound. The underlying OS is not trustworthy.

Email isn't that secure anyway (don't use email if your life or freedom depends on it), so I don't see that as much as a downside.

Note that v1 and v2 torrents use slightly different url fragments, so this won't work quite as easily as you think. It would be possible tell the difference because they use different hashes with different lengths, but most people probably won't know.

Tbh, I don't think encryption matters that much for are usually public chat channels.

The private communication should be safe since i think the users will usually pin the keys for each other.

Tbh, just stop using software well past it's prime, or pay the cost of developing the fixes.

Everything can't be free, at some point it's gotta cost something.

I more or less was just looking for a general survey of what other people used.

I agree installing a binary for this small kind of thing might be excessive.

If you want to, then sure. For torrenting, it's not necessary, but may be helpful. I do occasionally see ipv6 peers.

Google and other search engines can crawl lemmy just fine. The only downside is that the information will be split across domains unless google puts in a special case for lemmy/fediverse or something.

There are definitely differences, but usually they don't matter from a simple address and routing perspective.

For example, there is no ARP in IPv6. Instead another protocol is used called Neighbor Discovery Protocol, which actually is done through ICMPv6. Therefore, if you blindly block all ICMPv6, your network may break.

Once you have a grasp on v6, it is much better than v4 because even the smallest common v6 network size of /64 is many times larger than all the addresses in v4. Every device can have it's own global ip, so you no longer need nat at all. Everything can easily connect, assuming there is no firewall blocking it.

I don't think NixOS is used by many companies, so it's not really a skill that will likely lead to employment. Most companies use containers and tools like ansible which is accomplishing something similar to nix.

In software, keeping things small means they can be simpler. And simple things tend to have better uptime for less effort. Lemmy is rust based, so performance should be reasonable for most instances. Also, due to the federation, the work for instances is distributed like email, so the system naturally distributes load.

It's probably a lot like IRC, there will be different servers or networks with different specialities, but from a user perspective you can be on many at the same time.

As long as your ISP is handing out a block of IPs, you don't need NAT for v6.

The likely retaliation RH/IBM would take is simply banning the account, not starting a lawsuit immediately. However, rights holders may attempt sue before or after such an event, but likely after.

RH thinks they have the right to distribute code in this manner, and they can keep doing so until challenged in court. You can do actions in general without asking the court every time, I think the same applies here as well.

I personally think it is a violation in a strict sense, but at the same time I don't think it really matters too much realistically. Stream is upstream RHEL, and they are very similar, and at some points in time, should be identical. It's also not clear what you get exactly by suing RH/IBM. The likely case is that they settle or rule to have that section removed from the ToS.

Could be a bad dock or usb controller, try a different one. Otherwise just snap the sata connector off, and most people will not bother to get anything off.

It might come down to what is a restriction maybe. Support is not part of the GPL, so putting a restriction to close a users account might not be a violation, but it very well could be a violation.

You can use this: https://ipfs.io/ipfs/QmbpRxBZ5HDZDVRoeAU8xFYnoP4r5eGCxdkmfFW3JbA6mq/

That is a low tech html page that can search the SQLite database someone posted. That page is hosted on IPFS, which you can access through one of the gateways, although I posted a link to the page via one of the gateways.

On that page is a button you can press for more information on how to download it to your local computer to have a speedy local copy.

How I have been using it is: search in the following format: [name] [release year] [quality like 1080p] [encode like x265]

do note that the database is not being updated since RARBG is obviously gone now, but stuff prior and including some of 2023 is all there, most what rarbg released.