Para_lyzed

It runs JavaCard OS, which is developed by Oracle and not open source. Even though it also runs JavaCard OS, I’d recommend the flexSecure JavaCard from Dangerous Things (for the same price as the Apex Flex), because all of its applets are open source: https://dangerousthings.com/product/flexsecure/. It isn’t quite as “seamless”, because it doesn’t have the closed-source app store available for it that the Apex Flex does, but it instead uses open-source applets that you can load onto it. Regardless, either option will run a closed-source OS, but as far as secure verification goes (by using challenge-response instead of static keys which could be read and copied like old RFID tags), JavaCard is currently the best option. And as far as implantable chips go, the flexSecure JavaCard and the Apex Flex are the 2 best chips on the market to my knowledge.

The silver lining is that there are plenty of open source applets you can run on JavaCards (like the flexSecure ones written by Dangerous Things)

I’m talking mostly about musl, but Void with glibc still requires more work than a “just works” distro. As such, I didn’t see a point in trying Void with glibc, because the biggest benefit I saw to switching was for musl. It’s great for some, but not for me, just as I wouldn’t use Gentoo. There were a lot of things that didn’t run, I don’t have a full list. I know for a fact that Steam (or any Steam games) wouldn’t run, I’m fairly confident that the OnlyOffice suite wouldn’t work, I believe that EasyEffects wouldn’t run which was a big problem, since I use that for system wide equalization, and for my microphone filters. I probably could have figured out how to set everything up with bare PipeWire, but it’s basically the same story for everything: it just requires way more work. My VPN (Mullvad) isn’t compiled for musl, nor was the Nextcloud client, and many things I use every day. Those are just the things I remember having issues with off the top of my head, and it may not have only been musl that was the problem, but it’s very likely it was.

Void Linux with musl. I wanted to try setting up a distro with Musl, but many things I use daily simply don’t work with it, and the hassle of troubleshooting everything was a bit too much. I went back to Fedora Workstation, and I’ll likely stay on it for my workstation (though I’ll switch to Fedora Kinoite when Fedora 40 releases). I also use Fedora Server for my personal server, since it’s very familiar to me, and there’s not a huge point in switching to CentOS anymore with the recent changes, so I’ll probably just stick to it.

The post explains them quite well. HRIR (Head-Related Impulse Response) and SOFA (Spacially Oriented Format for Acoustics) are standards for representing spacial audio (surround sound) in audio files and streams. A convolver is something that performs convolution (a mathematical term for taking one function, applying it to another, and then producing a third function as a result), and a spatializer is more specifically something that, as the name suggests, gives “space” to audio (distorting audio to represent sounds coming from more than simply 2 directions, or again, what you call surround sound). So HRIR Convolver is simply a method to apply the HRIR function to audio to represent it in a way our brain would interpret as 3D audio, and SOFA Spatializer is simply a method to do the same thing, just with the SOFA standard instead of the HRIR standard. Based on the comments of the post, it seems that they recommend you use SOFA.

In either case, Pipewire supports both standards, and it is trivially easy to implement them through filters (as the post covers in depth). You could try both if you want and see which you prefer. If you’re unfamiliar with managing Pipewire and need further resources, the Arch wiki has an entry in great length about it here. I’d recommend reading the comments to that post first if you struggle with anything, such as persistence. Everything you need to set it up should be accessible in that post and its comments.

I’d also like to recommend that you read the post and comments to the post, or simply use a search engine if you come across unfamiliar terms. You can find answers to all the questions you’ve asked through the linked post and a simple search.

Perhaps it’s useful to provide some clarification here. As the other user stated, Linux is set up for multi-user setups and provides logical protection, but you seem to misunderstand how operating systems and file permissions work.

If someone steals your unencrypted hard drive and boots into their own operating system, they are able to circumvent all access control and permissions on your hard drive. This is because when they mount your hard drive your operating system isn’t running; they’re simply reading the stored data, so the access control and permissions set up by your operating system don’t mean anything. This happens with ALL operating systems (Linux, BSD, Windows, MacOS, etc.). Logical protection like access control is only useful while the OS is running, and it cannot help otherwise.

This is why encryption is important, because it prevents unauthorized access when the OS isn’t running. If you’d like to see just how easy it is to access unencrypted data, make a live USB and boot into it on any unencrypted computer (assuming you have permission to do so if you don’t own the computer). You don’t even need to extract the hard drive in most cases to read file contents, you can simply boot into a live USB. The only situation where this isn’t the case is when USB booting is disabled in the BIOS and the BIOS is password protected, but you could always just remove the CMOS battery to clear the settings to bypass the BIOS password anyway.

Unencrypted data will always be trivial to retrieve when the attacker is allowed physical access to your computer.

1984.hosting is great, I’ve been using their service for a couple of years now. They’re based in Iceland (really strong privacy laws) and have options for crypto payment if you don’t want to reveal yourself through your payment method. As with all registrars, they’ll need an email address (or alias) to reach you at in case there’s a domain dispute, and while they also ask for address and phone number, they’ve never had me actually verify anything beyond the email. If you give a fake address and phone number, then you’ll just need to understand that if someone challenges your domain, it will be very difficult for you to prove ownership with fake details (not as if that’s likely to happen unless you’re allowing the site to be crawled by a search engine though). I only have a domain through them, not a hosted webserver, but they seem to have good options for hosting. I know that they handle Let’s Encrypt certs automatically for hosted sites, and they run off green energy (geothermal) if that matters to you.

Talking on the YouTube front, a trivially small donation will support them far more than watching ads ever could. Even something as small as $1/year is often far more than they would ever make from you in a year. As far as donations to developers go, it depends entirely on what you feel comfortable with. Most people who work on open source projects are unpaid volunteers, so it isn’t expected that you donate, but if you choose to do so it can be quite helpful to sustaining the project. If many people in the userbase were to make small donations, that would go a long way.

In reality, ads almost entirely benefit exploitative multi-billion dollar companies such as Google and Facebook, so my personal philosophy stands against them. I much prefer donating to people directly to cut out the exploitative middle-man.