What you might be referring to is the question whether you’d like to import the GPG key for that repository. That happens when you first install a package from that repository. Could that be the one? I’m not aware of any other prompts.
I’m not sure, it depends on your configuration and blocking list. I don’t use native tracking protection, and my blocklist (oisd) prioritizes functionality over blocking, so in my case everything just works and I don’t have anything special added to my whitelist. I don’t like DNS blocking to be in the way and I also share my configuration with some family members, so that’s why I’ve made this choice, but if you prefer a stricter approach you might have to do some whitelisting.
If the iCloud Private Relay ODoH DNS server is used it will show up as a DNS leak, even if the IP address from its response isn’t used for browsing. For privacy it doesn’t matter, as with ODoH the DNS resolver doesn’t know your IP or identity, the most important thing is whether it will bypass the NextDNS blocklist. In my testing I couldn’t visit any website that was blocked by NextDNS, meaning that the iCloud DNS resolver wasn’t used as the primary DNS resolver, which matches with their documentation (that page 10 that I linked to earlier). Note that Apple will only use a custom DNS resolver if you’re using the native DoH option, so for example the configuration that you can get from https://apple.nextdns.io/.
You can easily test it yourself: block a hostname in NextDNS that you haven’t visited recently (due to cache) and try to visit it in Safari.
I don’t know why Apple still uses the Cloudflare DNS resolver even if it seems to be ignoring its responses. Maybe they use it for some custom metadata that’s sent along with the request which somehow is important for the relay. All I know is that I’ve never seen it bypassing the NextDNS blocklist, which again is exactly how it’s documented by Apple.
So for some reason Apple keeps using their DNS resolver even with a custom DoH resolver configured, but in my testing it didn’t affect the blocking capabilities of NextDNS at all, meaning that the answers from their resolver are just ignored (or used for some other purpose). The way NextDNS knows that you’re using another resolver is by letting the browser resolve some unique hostnames, so that way it will show up even if the answers from that resolver aren’t used. As to why Apple does this I don’t know. In theory it could be the case that Apple just used whichever answer arrives first and that NextDNS just happened to be faster in my testing, but that doesn’t match with how it’s documented in their PDF.
Which one to pick (if you don’t just want to use them at the same time) depends on what your goal is. I use iCloud Private Relay + NextDNS + AdGuard, but nowadays I mainly use another browser with a built-in adblocker, so iCloud Private Relay and AdGuard aren’t used in that case.
I use NextDNS everywhere I can and use a list that prioritizes not breaking anything. It’s a nice backstop. It’s not a replacement for an in-browser adblocker in my opinion, unless you don’t care that it’s less effective.
Contrary to common believe, iCloud Private Relay and NextDNS are compatible and can both be enabled at the same time, see page 10 of https://www.apple.com/icloud/docs/iCloud_Private_Relay_Overview_Dec2021.pdf. When you try to visit a blocked hostname in Safari, you’ll see that it won’t work. This is something that I’ve personally confirmed.
What NextDNS solves and iCloud Private Relay doesn’t, is blocking hostnames system wide, thereby completely blocking some ads and tracking. What iCloud Private Relay solves is hiding your browsing traffic a bit better within your local network and from your ISP, as well as hiding your IP from trackers and hiding your identity from their DNS resolver (not from NextDNS, though).
Some background information why using HTTPS together with encrypted DNS doesn’t fully hide which websites you visit (yet): https://blog.cloudflare.com/announcing-encrypted-client-hello.
If I had to choose, I’d go with NextDNS for system wide blocking and I’d add an adblocker browser extension to block trackers and ads that can’t be blocked with DNS based blocking. But you don’t have to choose and can use both at the same time.
For me it works fine, but I guess that might be because I use the flatpak version of Firefox.
Maybe to make the article seem shorter, so you’re more inclined to keep reading. Once you’re halfway through, you’re more likely to want to read the rest. Both halves are probably filled with ads, so the longer you stick around, the better.
For general usage, it doesn’t really matter. Distrobox is inspired on toolbox and provides some added functionality and configurability, like init scripts and the ability to run different distros, as well as creating desktop shortcuts on your host system. If you don’t need all of that, I’d stick with toolbox, as it’s preinstalled and works well.
Is there information available about the noise levels of the case? I only see noise levels mentioned for the active cooler.
Agreed. In the past you would pay for calling and text messages and data was often unlimited at the higher tiers, but since nobody pays extra for calling and texting anymore, they’re now charging for data. Luckily they can’t charge extra for EU roaming anymore.
Data caps on landlines is something that I haven’t seen for a very long time in my EU country. The last time I had a subscription with a data cap must have been with a 56k modem, if at all. Cable and DSL might have had fair use policies back in the day (or maybe they still do, who knows), but no hard cap. Or at least not that I can remember.
Internet nowadays is way too important to have data caps, especially at home. 5G should definitely be next. Differentiate in speed all you want, but ditch the caps.
Well, all communities that people on your instance have subscribed to. But the comment your replied to didn’t say it wasn’t, right? They use it to discover new communities to subscribe to.
Without filter lists and no custom filters it doesn’t do anything helpful.
Host based blocking can never be as complete as blocking inside your browser and there is no way around that. The reason is that host based blocking falls short where tracking content and ads are served from the same hostname as the actual content. Furthermore, some tracking hosts might be whitelisted because just blocking them would break functionality.
I personally use uBlock Origin with ETP at its default setting, which works well for me without breakage, but judging from your post you might be looking for a solution without browser extensions. The ETP tracking protection is supposed to block tracking, sometimes without letting the website know that it’s disabled, by replacing the tracking code with dummy code. On strict mode you run more risk of things breaking, similar to how strict host based blocking breaks some websites.
That’s slightly different and more often than not completely ignored. This is a better alternative: https://feddit.nl/comment/1153941.
That already exist: https://community.mozilla.org/en/campaigns/firefox-cookie-banner-handling/. There is also a flag to enable it in the GUI (to let it appear in the settings).
The base os is immutable, but you can still change configuration files, compile and install local software (but not in the immutable directories), install desktop environment extensions, add custom repositories, etc. You can also layer packages, but most graphical software is best installed as flatpaks (but not mandatory). So it depends on what tinkering means for you. If it means messing around with binaries in the default locations, like /usr/bin, then it’s not for you, but for many other things there is a way, it’s just a matter of getting used to the separation between the immutable base layer and the things that you build around and on top of it.
In the Netherlands it’s now mandatory to use the lowest price of the previous 30 days as the base price. I believe that it’s based on EU legislation that will follow. I noticed yesterday that amazon.nl still ignores this and uses the “suggested retail price” instead (even if they’ve never used it).
Your title too :)
I thought for a second that the top one was an e-ink price tag, which would’ve been even dumber.
In my opinion it’s more useful to look at grams of protein per kcal. You can only eat so many calories in a day, so that dictates your protein intake for a large part. If you eat 2000 kcal worth of peanuts, you’d ingest 80 grams of protein. With chickpeas that would be 110 grams and with chicken breast 425 grams. You don’t eat just protein rich things, so the higher the value, the higher your chances of ingesting enough protein when combined with (other) vegetables, grains, rice, oil, etc.
I know that some people will read this comment as if I’m promoting meat consumption, so let me add that I firmly believe that the world would be a better place if we ate a lot less meat. I’m just using these examples for demonstration purposes, as they’re all at the right side of the graph. It’s always an option to supplement with a plant based protein powder.