Why are they doing this? Sure, it increase their short term profit, but this surely erode their users' trust overtime. If they keep doing this, sooner or later people would no longer trust any kind of discount day anymore.
I switched to Dvorak keyboard layout almost 10 years ago and it stopped the growing pain on my wrists. Might worth a try. No need to change your actual keyboard, just set your keyboard layout settings in your operating system to Dvorak.
Just right click at the 2fa button and select "copy link", then paste the link into bitwarden TOTP field. The link you copied should already be in the format otpauth://totp/xxxx which will be recognized by bitwarden.
The commercial nginx+ has a status endpoint that can be hooked into graphana/prometheus, but as you can imagine, status endpoints is one of the money maker for nginx inc so they won't put it on the opensource version anytime soon. There is also a basic status endpoint available in the opensource version of nginx, but it doesn't return much.
This is just a matter of personal preference, but I can't stand libreoffice UI. It has more features but I don't open office documents much, mostly just some basic spreadsheets, so I can get away with using a document editor with less feature but easier to the eye.
It might. Some mods/instance admins might see your comments, decided to check your instance, and found it suspicious because it's protected behind basic auth and decided to block your instance. You can see in the modlog that people sometimes bans private instance (instance that don't let you see anything unless you're logged in) out of suspicion that they are a source of bots traffics.
A better way is probably to only protect your search page behind basic auth so no one can hook in new communities in your instance.
What are you gonna do? Disprove their claim by downloading a cracked copy of the benchmarked game and compare their performance? You can't because no one (that I'm aware of) crack denuvo games anymore, which is why denuvo can pull off stunts like this. They'll use new games with no crack available to "prove" their DRM has so performance penalty.
If you want some peace of mind, there is nothing wrong to keep your home assistant instance locked up behind your lan. You can still access it externally using a VPN, or zerotier/tailscale. If you need notification support, just configure sms or email notification so HomeAssistant can still send you alert via SMS or email.
If you're ok with not being able to use HomeAssistant mobile app, then you can add some extra security by putting your home assistant instance behind an authenticating proxy. This means your home assistant will be protected by two login pages when you attempt to access it from outside your network.
Some authenticating proxy options are Cloudflare Access or OAuth2 Proxy.
If you're already using Cloudflare, then using Cloudflare Access might be no brainer. If you're already have experience with setting up your own OIDC providers using keycloak, auth0, okta, or Google oauth2 provider, then putting your home assistant instance behind OAuth2 Proxy might be a good option. Those auth providers usually have stricter login pages and you usually can add even stricter rules to the login page (e.g. disallow login from certain countries, rate limit, add captcha in addition to 2fa, etc). How strict your extra login security will be is entirely up to you.
For Google assistant integration, you'll need to enable the API in your GCP account as mentioned in this page. But it does require your home assistant url to be publicly routable from GCP servers so Google assistant can reach it, which means you can't put your instance behind an authenticating proxy or keep it behind your lan. You might still be able to whitelist certain path from the authenticating proxy (e.g. the /api/google_assistant endpoint), but I haven't tried it yet.
You'll need to either subscribe to bitwarden premium ($10 / year), or deploy vaultwarden in your own server and have your bitwarden extension/app use that vaultwarden server instead of the official server.
You can put steam OTP there too? I'm tired getting locked up from steam whenever I format my phone. If I can put steam OTP into bitwarden, that'll be really great.
Finally, to IBM, here’s a big idea for you. You say that you don’t want to pay all those RHEL developers? Here’s how you can save money: just pull from us. Become a downstream distributor of Oracle Linux. We will happily take on the burden.
Oh shit, Oracle and IBM are going to duke it out. Where is my popcorn?
No need to enable hotspot on your phone. Just install Termux from f-droid if you're on android, or Prompt if you're on iOS, and use SSH directly from your phone.
They already got millions of users. Depending how they'll implement federation, the sudden influx of millions of unmoderated users into the fediverse might wreak havoc to small instances. So personally, I prefer no. 3, defederate (wait and see).
Why are they doing this? Sure, it increase their short term profit, but this surely erode their users' trust overtime. If they keep doing this, sooner or later people would no longer trust any kind of discount day anymore.