I do it. Postfix+dovecot+spamassassin managed with ISPConfig running on a VPS. Works just fine, but my domains already have a long-ish good reputation so that may play a part on my experience. Biggest headache is to keep things running, which occasionally means jumping trough hoops microsoft(mostly) and others throw at you by flagging your server as spam for no apparent reason.

It’s quite likely that any given IP, unless you get one from shady VPS provider or something, is “clean”. And if it’s not it’s usually not that big of a deal to get it cleared from major blacklists (spamhaus, google and microsoft covers quite a lot). You just need to dig up proper forms to tell them that you’re a new owner of said IP and promise to play nice.

Same goes with domain names, but if you get a new one that’s a non-issue. Just set up SPF-records properly (and preferably DKIM/DMARC, but those aren’t strictly necessary and need a bit more than a single TXT-record) and you’re good to go.

And then you of course need to stay away from those lists. If you configure your SMTP to act as a open proxy you’ll be on every shitlist on the planet pretty quickly. So, reasonable measures against compromised account (passwords, firewalls, rate limits…) and against other threats (misconfigured/unsafe web service used for spam and stuff like that). Any of those alone are not too difficult to accomplish, but there’s quite a few things you need to get right.

If people are paying someone to “install” their printer, why would it be different with Linux.

With printers spesifically I’d bet people don’t need to pay for support with Linux as much. Sure, there are models which just won’t work, but in general my experience is that printers are mostly plug’n’play with Linux.

A few months ago I did a helpdesk gig on one local small business. They consume a lot of paper due to requirements on their business and they have some fancy KonicaMinolta photocopier. They guys who installed the printer had struggled for hours to get that thing to work on their Win10 machines. I did what was requested and they asked if I could print out notes I wrote for them for reference but immediately started to wonder if that’s feasible as the printer was so difficult to install. It took less than a minute for my mint-laptop to locate the printer and start using it. No idea if the printer company techs were just incompetent or if the software for it is bad, but apparently I’m now some kind of tech-deity in their office…

Maybe easier to get anything runnin quickly. But it obfuscates a lot of things and creates additional layer of stuff which you need to then manage. Like few days ago there was discussion about how docker, by default, creates rules which bypass the “normal” INPUT rules on many (most?) implementations. And backup scenario is different, it’s not as straightforward to change configuration than with traditional daemon and it’s even more likely to accidentally delete your data as a whole.

As I already said, docker has its uses, but when you’re messing around and learning a new system you first need to learn how to manage the ropes with docker and only after that you can mess around with the actual thing you’re interested of. And also what I personally don’t really like is the mindset that you can just throw something on a docker and leave it running without any concern which is often promoted with ‘quickstart’-type documentation.

You absolutely can run services without containers and when learning and trying things out I’d say it’s even preferable. Docker is a whole another beast to manage and has a learning curve of it’s own.

Containers can of course be useful but setting everything up, configuring networking, managing possible integrations with other components (for example authentication via LDAP) it’s often simpler just to run the thing “in traditional way”. With radicale you can just ‘apt install radicale’ (or whatever you’re using) and have a go with it without extra layer of stuff you need to learn before getting something out of the thing. And even on production setups it might be preferred approach to go with ‘bare metal’, but that depends on quite a few variables.

On residential connections it’s a bit pain in the rear, but if you get VPS (or something similar) it’s perfectly manageable. You just need to maintain stuff properly, like having proper DNS records, and occasionally clear false positives from spam lists. The bigger issue is to have proper backups and precautions, I’ve hosted my own emails for over 10 years and should I lose all the data and ability to receive new messages it would be a massive personal problem.

My TV is also 4K but my amplifier which eats all the inputs can only do 1080p. 4k quality on that 65" is better, but not by that much that I’d throw 500+€ for a new amp since the current one works just fine and it fulfils all my needs on a TV/media set.

Docker spesifically creates rules for itself which are by default open to everyone. UFW (and underlying eftables/iptables) just does as it’s told by the system root (via docker). I can’t really blame the system when it does what it’s told to do and it’s been administrators job to manage that in a reasonable way since forever.

And (not related to linux or docker in any way) there’s still big commercial software which highly paid consultants install and the very first thing they do is to turn the firewall off…

This actually is a really good idea.

Yes, for the reasons you mention. And very, very much no. My corporate hat immediately thinks about a crapload of stuff our network drives have which is under various NDAs, restrictions to store outside EU/ETA, restrictions to store even outside our country and so on. At least our accounts have mandatory MFA and other standard safety features, but cloud storage has a different threat model than our local hardware which also makes it’s own little headaches.

I don’t play on the contract/legal field on corporate at all, but I do know that some of those NDAs have numbers big enough to bring the whole circus down and other clauses which can even throw someone in jail if things really go wrong. I just hope I’m not the scapegoat at that point.

There’s plenty DIY projects around the net with various raspberry models. You just need some knowledge, preferably access to a 3D printer, an soldering iron, some tools and other bits and bobs. It’s definetly doable, but I can understand if someone prefers to throw some money on the table and get one pre-built.

VPN, Tor (and similar, like I2P), every imaginable P2P network, proxies, all non-http protocols (smtp, ftp, nntp, xmpp and other instant messengers and so on) can all transfer any kind of data, porn included. And a ton of other things. Heck, I’m quite sure there’s a minecraft mod where you can assemble JPG-images out of the blocks and view them that way. And then you can use stuff like uuencode where you can use anything that can move plain text to transfer binary data.

There’s no way to block all of that unless you shut the whole internet down. And even then you can still trade good old playboy-magazines with your friends. VPN in itself has very little to do with the actual problem, beyond that someone apparently noticed that their current “save-the-children” iteration had pretty large holes in it.

If they were really after kids watching porn (or even porn in general) it would be technically somewhat simple to force ISPs to provide filters on their end as a subscription service. I’m pretty sure I’ve even heard that kind of services in the past. Make it even opt-out if you really want to.

That way ISPs would just ban everything from pornhub and others unless you spesifically want it allowed or even provide a portal where you could block reddit, twitter, tumblr or whatever you wish on your account. That kind of technology already exists and it’s used on many corporate setups.

There’s obviously ways around that, but there’s no technical way to block every possible way to move bits between computers. Even if they would shut down the whole internet there’s still ways to build mesh-networks or even buy USB-drives from a shady alley.

But as we all know, it’s not about porn and not about children.

I’m not in the US, but here where we have snow and all the fun that comes with it using garage can be actually harmful to your car (and your garage) unless you spend a ton of energy to melt and dry all the snow every night. If there’s some snow or ice on somewhere it doesn’t really do anything but bring it in a lukewarm garage and then you have water (and likely road salt) all over the thing. So your car corrodes faster and there’s a ton of moisture in the garage for mold, rot and everything else prospering inside.

I’m driving old, cheap cars. Keeping them dry them every day during winter in the garage would easily cost me as much as the cars themselves in a year. So cars stay outside and garage stores my tools and other valuables in a good condition so that I can fix those old shitboxes.

I’d bet they get some investor funding due to already known brand, struggle to exist without massive userspace for few years and silently die again in next 3-5 years.