You're right, I missed that.

I personally use a reverse proxy and Wireguard setup to access remotely.

I agree with you, that's exactly what my post says.

Microsoft is the trap. My point is that "Sanitised Linux" is just Microsoft-style shenanigans being forced onto our ecosystem via regulation. I literally started the post by saying Linux is the only sanctuary left.

That is a fair point. 'Sideloading' is definitely a corporate term designed to make basic ownership of our devices feel like a 'workaround' rather than a right. I used it here because it's the language Google is currently using to justify their crackdown, but you're absolutely right—it's just installing software. We shouldn't let them control the vocabulary of our digital freedom.

dist-upgrade and full-upgrade are essentially the same command but yeah, I won't be using apt upgrade again in the future! Like I said in my post, the joys of being self taught is that you learn by my making mistakes and that's part of the "fun" 🤣

Thank you for the heads up, turns out it was the custom html code in the code blocks causing the issue. Fixed now.

It’s why I treat everything cloud-based as a rental now. If I can't install it locally and back up the data myself, I don't really own it.

My real worry isn't that Debian will cave, but that the services we use every day—banks, government sites, DRM-heavy media—will start checking for a "compliant" kernel. If those "invisible borders" get built, you might have a truly free OS that's effectively useless for 90% of the modern web.

It's not about the distro failing; it's about the "compliant" versions becoming the only key to the door. We have the choice now, but the gap between "free" and "functional" is definitely getting wider.

User agents are just the tip of the iceberg. Between TCP/IP stack fingerprinting and modern hardware attestation (TPM/Secure Boot), pretending to be a different OS is becoming a lot harder than just changing a string in your browser settings. The 'handshake' I mentioned before is at a much deeper level than that.

I have a dedicated VPS with reverse proxy connected to my network via Wireguard. It acts as the front door to my network so I don't have to port forward or rely on Cloudflare etc. I used to use Tailscale as the go between but switched to WG recently. Both work fine for streaming content whilst self-hosting all other services including my website.

My bad, GOG is absolutely the gold standard for DRM-free ownership. Personally, I buy on Steam for the convenience and the Proton support but I still collect every free titles on GOG

It is a myth, always has been. But the worry isn't the "Year of Linux" happening, it's the corporate version of it being forced on us via regulation.

Dedicated PC on LAN talks directly to VPS via Wireguard. The local machine acts as an exit node so when I add a local IP and port to my reverse proxy the whole thing acts like a local network.

I wrote about my setup last month; https://the.unknown-universe.co.uk/...

Glad you found it useful. I'm the same, I can't stand those long posts that make you read a life story before getting to the commands, even worse when a page is riddled by ads or behind a paywall!

I figured if I’d missed it, a few other people probably had too.

ChromeOS is basically the blueprint for the "Gold Cage". My real worry is that "security" is just becoming a convenient excuse to swap user ownership for corporate control. Once that "masses" version becomes the legal standard for compliance, the rest of us are basically looking at digital exile.

The systemd age-storage drama was a massive red flag. It showed how easily a "safety" mandate can be used as a wedge into the lower levels of the stack.

My worry is exactly what you said: politicians creating "compliance" requirements that are fundamentally toxic to the GPL or the way community distros operate. It’s not about making Linux better; it’s about making it legally unviable for anyone but a massive corporation to maintain. Digital enshittification via regulation.

It's not that I didn't like it, I just wanted to back to basics! A simple config file on each machine, job done

No, apt isn’t just a rename. apt upgrade largely replaces apt-get upgrade, but it’s a bit more aggressive: it may install new packages if required as dependencies (it still won’t remove packages). If an upgrade needs to remove packages to resolve dependencies, use apt full-upgrade (same as apt-get dist-upgrade).

Fair play, you’ve done a proper deep dive there. I’ll hold my hands up—I’m a sysadmin, not a journalist. I use tools to help structure my thoughts because my natural writing style is about as readable as a kernel panic. As for the 'social media' bit, the share buttons are a default plugin I haven't stripped out yet, and Mastodon is the only place I actually hang out because it's federated. I'm just a guy in a home lab trying to share some tech stories; sorry if the 'robotic' prose put you off

Those are solid resources but I built mine specifically for the folks who don't want to pipe a remote bash script into their shell during a malware outbreak. My goal was simple, a private way to audit the list without needing to clone a repo or install Python dependencies.

Use the forensics scripts if you’re a power user, but if you just want a quick, client-side check that doesn't touch your filesystem, that's what the tool is there for.

Mostly, yes. Firefox doesn't use the specific Chromium internal resource API that LinkedIn is exploiting for this. However, since the script relies on hidden GET requests, I still recommend Multi-Account Containers to isolate LinkedIn entirely, plus a custom uBlock Origin filter just to be sure.