I like to judge software based on its actually merit and not on the theoretical possibility it is vulnerable. It very well could be vulnerable, but without auditing it we are just speculating, which in the real world means nothing. Every project starts somewhere, without community, followers, and “5 years of support”. I am not saying I would trust this software in a security critical situation, just that your speculation means nothing.
And? It lowers the attack surface of Immich. Attack surface is about the surface, whatever an attacker can use to get leverage. This acts as an intermediate between Immich and a public viewer, controlling how a threat actor can access a private Immich server. It helps reduce external attack surface while increasing overall system complexity. Since the project is small, it is easy to audit the code.
Magic Earth isnt FOSS though, which was specifically requested by OP
It would be easy. Just install Waydroid and install an android app on the Android system. Look at Waydroid official install guide and maybe watch a video.
It shouldn’t be too taxing on the Pi 4 or 5, Waydroid runs an LXC container with x86_64 LineageOS. It works well, but requires Wayland.
It does not use adblock plus lists directly. The lists are hosted by Cromite. uBlock Origin is not available for any android chromium browser (other than kiwi I guess). The adblocker works well from my tests. I recommend adding filterlists from https://divested.dev/pages/dnsbl
It is not security hardened from what I can tell. Most of Librewolf’s patches could be applied to build Zen with security hardening. Alternatively, patch Zen browser with Arkenfox user.js (upstream project to Librewolf’s security hardened default profile)
Use Cromite. Fully open source, adblocking, and security hardened. See this browser table for conparisons: https://divestos.org/pages/browsers
Privacy.com allows you to create virtual cards, allowing you to set up rules for how money can be used through them. It also masks the receipt details that your bank would normal get access to so they can’t sell that data about what you purchased.
InnerTune (A fork of InnerTune, a Material 3 YouTube Music client for Android) https://f-droid.org/packages/com.malopieds.innertune/
Are you using the fork? It gets more frequent updates.
Also nice because you can better isolate these Android apps instead of Waydroid which intentional has no isolation or selinux policies and runs in a rootful LXC container.
According to the Gitlab repo for the Android transition layer, yes.
Notesnook has a desktop app. Does it not work with self hosted implementation?
I haven’t had great success, it causes more problems than it is worth if you aren’t willing and knowledgeable to troubleshoot any finicky behavior. The nvidia drivers just end up causing a headache. I would never recommend anyone buy an nvidia GPU if they dont have a specific requirement like run local AI/LLMs using CUDA or raytracing (I guess). AMD can also run local LLMs using ROCm, just not supported for 5000 series or lower.
The only Linux distro I (and my friends) have had any success with nvidia GPUs is Bazzite/Aurora. Bazzite is gaming focused and has special nvidia OS images.
AMD is easier to use with Linux. Get a rx6700xt or greater.
Some/most places outside the USA heavily rely on WhatsApp for communication. This is like saying “you dont need to be able to talk with your friends, family, or employer”
You can give a Flatpak the necessary permissions to modify disks. All the permissions needed by Veracrypt could be granted.
Also, what do you mean the distro repo will update never? You just type the update command (eg. sudo dnf update -y) and software gets updated. If you dont like manually typing command, just set it up to auto run at boot.
Ente Auth