Is it possible to force a corruption if a disk clone is attempted?

Anything that corrupts a single file would work. You could certainly change your own disk cloning binaries to include such functionality, but if someone were accessing your data directly via their own OS, that wouldn’t be effective. I don’t know of a way to circumvent that last part other than ensuring that the data isn’t left on disk when you’re done. For example, you could use a ramdisk instead of non-volatile storage. You could delete or intentionally corrupt the volume when you unmount it. You could split the file, storing half on your USB flash drive and keeping the other half on your PC. You could XOR the file with contents of another file (e.g., one on your USB flash drive instead of on your PC) and then XOR it again when you need to access it.

What sort of attack are you trying to protect from here?

If the goal is plausible deniability, then it’s worth noting that VeraCrypt volumes aren’t identifiable as distinct from random data. So if you have a valid reason for having a big block of random data on disk, you could say that’s what the file was. Random files are useful because they are not compressible. For example, you could be using those files to test: network/storage media performance or compression/hash/backup&restore/encrypt&decrypt functions. You could be using them to have a repeatable set of random values to use in a program (like using a seed, but without necessarily being limited to using a PRNG to generate the sequence).

If that’s not sufficient, you should look into hidden volumes. The idea is that you take a regular encrypted volume, whose free space, on disk, looks just like random data, you store your hidden volume within the free space. The hidden volume gets its own password. Then, you can mount the volume using the first password and get visibility into a “decoy” set of files or use the second password to view your “hidden” files. Note that when mounting it to view the decoy files, any write operations will have a chance of corrupting the hidden files. However, you can supply both passwords to mount it in a protected mode, allowing you to change the decoy files and avoid corrupting the hidden ones.

It sounds like you want these files to be encrypted.

Someone already suggested encrypting them with GPG, but maybe you want the files themselves to also be isolated, even while their data is encrypted. In that case, consider an encrypted volume. I assume you’re familiar with LUKS - you can encrypt a partition with a different password and disable auto-mount pretty easily. But if you’d rather use a file-based volume, then check out VeraCrypt - it’s a FOSS-ish [1], cross-platform tool that provides this capability. The official documentation is very Windows-focused - the ArchLinux wiki article is a pretty useful Linux focused alternative.

Normal operation is that you use a file to store the volume, which can be “dynamic” with a max size or can be statically sized (you can also directly encrypt a disk partition, but you could do that with LUKS, too). Then, before you can access the files - read or write - you have to enter the password, supply the encryption key, etc., in order to unlock it.

Someone without the password but with permission to modify the file will be capable of corrupting it (which would prevent you from accessing every protected file), but unless they somehow got access to the password they wouldn’t be able to view or modify the protected files.

The big advantage over LUKS is ease of creating/mounting file-based volumes and portability. If you’re concerned about another user deleting your encrypted volume, then you can easily back it up without decrypting it. You can easily load and access it on other systems, too - there are official, stable apps on Windows and Mac, though you’ll need admin access to run them. On Android and iOS options are a bit more slim - EDS on Android and Disk Decipher on iOS. If you’re copying a volume to a Linux system without VeraCrypt installed, you’ll likely still be able to mount it, as dm-crypt has support for VeraCrypt volumes.

• 1 - It’s based on TrueCrypt, which has some less free restrictions, e.g., c. Phrase "Based on TrueCrypt, freely available at http://www.truecrypt.org/" must be displayed by Your Product (if technically feasible) and contained in its documentation.”

Is it supposed to sound like an airplane noise?

Do they also pronounce the E? “Guh-no-meh?”

I was able to read it by clicking the stop button mid-refresh, but it took me a few tries.

They do, but they’re a bit more expensive. They have a list at https://www.brother-usa.com/color-laser-all-in-ones (that includes printers without scanners but you can add a filter).

Ah, in that case I probably could have gotten even more life out of the starter toner - I ordered a replacement as soon as I got the warning about it being low but my prints weren’t washed out at all by the time I replaced it.

I have the Brother HL-L3270CDW, which prints in color. Ran me about $300 (it’s $270 directly from Brother now) plus the cost of the high yield toner cartridges I bought with it, but you can probably get away with the included toner for a while - with my B&W Brother the included toner lasted me over a year. It says the starters are supposed to last 1000 pages and the high yield 2300, but I’m pretty sure those numbers are very low based on my own usage estimates. I definitely went through more than two 500 page packs of paper in that first year.

It doesn’t have a built-in scanner but it does have:

• wireless and ethernet connectivity, plus support for AirPrint, cloud printing, etc
• direct USB connectivity (though I’ve never used it)
• duplex printing (not for A4 apparently)
• a 150 or so sheet capacity tray (advertised 250) that can handle letter, legal, A4, and anything smaller all the way down to 3” x 4.57”

It says it doesn’t support printing card stock but I’ve printed small amounts (30 or so sheets) at a time, largely without issues. That said, the only times I’ve had the printer jam, I was printing card stock, so maybe there’s some truth to that recommendation.

I haven’t used third party toner but my understanding is that as long as it’s good quality the printer will work fine. It doesn’t force you to only use first party toner.

The color quality has been good enough for my purposes - substantially better than the consumer inkjet printers I used like 20 years ago, but worse than current inkjets. That said, if photo quality color is the main thing your parents print and they print regularly, my recommendation - based on research, not personal experience - is an Epson EcoTank. From their site the entry-level model (the ET-2800) is $200 and comes with about 3k pages worth of ink (and replacement ink bottles have even more capacity). Other commenters have covered it in depth.

I have a Brother color laser printer and it’s great. Just as reliable as my B&W Brother laser printer. I don’t use it to print photographs, though - I assume your recommendation is more for people who need photo quality color?

In addition to not being cheap, it’s also not disposable. Pilot manufactures and sells refill cartridges - you can get them in office supply stores, on Amazon, at Walmart, and at dedicated pen retailers. And it took me all of two seconds to discover that with a simple web search.

For the former use case, have you considered a dedicated solution? For example: https://libimobiledevice.org/

I don’t think they contributed to openairplay, but they mentioned in an open issue in the openairplay repo that they had created a separate repo to handle the auth piece. Strangely I can’t find the issue now, but this is the repo I was talking about for that: https://github.com/openairplay/AirPlayAuth

That all said, it pyatv will work for you it looks like a much better bet, anyway. Good luck!

My main experience casting to Apple TVs from Linux is with Home Assistant, which has a few different addons related to Apple TV. Unfortunately most are related to receiving casts or casting music, and it doesn’t look like any support screen mirroring. The main library - https://pyatv.dev - has only limited support for AirPlay, and its documentation indicates it lacks screen mirroring support. If you just want to stream a video, though, then it would be worth looking into.

open-airplay with the auth solution by @funtax (on Github) is the approach I would try, but unfortunately I can’t comment as to whether or not that actually still works.

Someone in another comment shared a link to this - is this what you’re looking for? https://github.com/tfeldmann/organize/

I’d expected that rule to eliminate apps like Brave (BAT), Signal (MobileCoin), Telegram (TON), etc…

Feels weird to rule out a tool because the team accepts donations via cryptocurrency when the tool itself (and presumably other tools by that same developer) has no links to crypto. Obviously this assumes that they accept donations via other means; if not then I can totally understand not wanting to use crypto to donate.

It’s funny to see someone say “I didn’t send them a donation through PayPal, a crypto exchange, because they accept donations via crypto and I’m morally opposed to crypto.”

I thought the official jellyfin images on the versioned tags (like “10.8.13”) were stable - are they not?

After the X/XS/XR phones they went to the 11. If the XS was 10 then the X would be 9. It is a bit weird for them to do 8 and 9 at the same time, though.

Re the first route, what is the network mode of your container and which ports are exposed?

How familiar are you with Docker networking? Docker docs are here and may be enough on their own to help you out. If not, there are a ton of guides and tutorials out there that can help.

Do you have write permissions on the directory?

Thanks, that’s good to know.

I’m running ZFS on my server and tried an L2 cache at first (a 2 TB NVME on a system with a 64 GB ARC and three mirrored 18 TB HDD vdevs) but it didn’t seem like it was giving me much benefit. I looked into tweaking the settings a bit (prioritizing frequently used over MRU, increasing write rates, etc) but after seeing that most of the advice online was that it wasn’t great for my use case, I gave up and repurposed the drive. However, my use case has changed a bit (I’m using my server for more things) and I may try using the spare 256 GB drive that the 2 TB one displaced as an L2ARC drive now.