Just letting this pdf here about security of Seedboxes: https://media.defcon.org/DEF CON 31/DEF CON 31 presentations/Anon - Mass Owning of Seedboxes - A Live Hacking Exhibition.pdf

I could see the real source IPs for all other users in last logs.

Accessing their web interfaces shouldn’t be a risk, as you’ve already paid them and thus left a paper trail. But the point about accessing the IPs from the last ssh (or sftp) logins might be worth using a VPN for. If another user is able to get them law enforcement could too (not that it’s likely).

Sadly there isn’t. The talk wasn’t recorded (to protect the privacy of the presenter I presume).

No, but there’s quite a bit of help for new users with docker, gluetun and qBittorrent out there. Just make sure your VPN supports port forwarding.

Depending on the tracker once you notice a stolen API key it might already be too late. E.g. if they tank your ratio or break the rules in another way.

I could see the real source IPs for all other users in last logs.

Also, they mention in the slides that some seedbox providers allow users to find the IPs of other users connecting to the seedbox. Using a VPN for ssh might be advisable to protect your privacy from other users.

Otherwise your right as it won’t impact your network at home.

Like others mentioned, request Google Takeout which gives you all your photos. I recommend keeping the original zip/tar.gz for future reference (e.g. you need specific metadata not included in the photos directly).

Also, make sure to keep backups. E.g. upload it preferably encrypted, and store the password in a password manager. Make a copy on a USB SSD, and not just the Steam Deck (you might wipe it, lose it, …).

This makes me glad to no longer be running prowlarr on a seedbox (or anything else for that matter). Unless you’re racing, or you’ve too slow of an upload, having a torrent client bound to a VPN (or gluetun/namespaces/…) is cheaper and seemingly more secure.

If the person would answer almost instantly, 24/7, without being annoyed: Yes. Checking important information is easier once you know, what exactly to type.

These tools are also useful for finding large files in your home directory. E.g. I’ve found a large amount of Linux ISOs I didn’t need anymore.

Do you delete all your files on a reinstall? Documents, photos, videos, games?

Fclones is a great tool, but it’s for finding duplicate files and replacing them with sym-/hard-/reflinks.

I recommend using the --cache option to make subsequent runs extremely quick.

If you need a more interactive method, gdu is awesome. And if you’re using btrfs, btdu gives preliminary results instantly (which get more precise over time).

You’re right that self hosted GitLab (or Gitea) is ideal if they host it with a privacy respecting host that allows customers to stay anonymous. And/Or proxy I2P/Tor like they mentioned.

Gitlab also follows DMCA.
Codeberg is a bit different, since they aren’t based in the US. However, they’re still required to forward copyright complaints. I don’t know of any examples of them taking down repos.

Edit: German law, which applies to Codeberg, is quite strict when it comes to what is considered circumvention of copy protection, so it’s not unlikely that Nintendo would have a good chance there too. IANAL.

qbit_manage has a feature where it’ll check whether a hard link exists outside of the torrent directory, and deletes the torrent if it’s only in the (qbit-)torrent directory.

This would’ve automatically removed the torrent once you’ve deleted the files from *arr. I recommend against deleting files from Plex, as *arr could detect them missing and redownload them.

Great to see people switching to actually secure alternatives.

Matrix won’t necessarily download all state/messages automatically, but if your client requests a non-available message your matrix server will query other matrix servers for it (backfilling).

E.g. if you scroll up to older messages, it might take a a few seconds but your client should eventually show them.

Matrix server use a back-off for servers sending messages, so if your server is offline for many hours, it might take a day for your servers to get messages pushed to by other servers again.

Given it seems to be a single guy doing his thing I don’t expect them to get bought out.

It’s a great service and incredibly cheap. With advanced pricing I’m only paying ~0,40€ per month. My domain + purelymail is less than I’d pay for other providers email only.

Edit: If Amazon increases their prices they’ll have to pass it on, but those should be pretty consistent. If you use your own domain (or an alias service) switching email providers is simple anyway.

If you want to get in to private trackers at some point, Mullvad isn’t an option because they don’t support port forwarding. Just a PSA because Mullvad does monthly payments, so you’ll be able to switch anytime.

Proton VPN and AirVPN do support port forwarding.

As your already on Linux I’d recommend running qBittorrent with Docker behind gluetun.
This makes it so only qBittorrent is behind the VPN and all other traffic (e.g. browsing, gaming) goes as if there was no VPN.

The “stunning victory” the MPA wanted to have might not be as good of an deterrent, as it seemed at first. They only focus on a few movies, half of them might not even be relevant to the case, and the operators didn’t make much money on them, so they won’t be able to pay much damages.

If they don’t receive a prison sentence, and only need to pay below 20.000 USD where’s the deterrent for other operators overseas?