I disagree with this as a default, but think it might be a good idea as something users could toggle.

deleted by creator

People in this thread have very interesting ideas of what “shit hardware” is

+1 on lower tier Intel CPU mini PC. I have a slew of different boxes by Beelink, Intel, and Asus. The N95 box I bought from Beelink (basically an N100) has been one of the most impressive for being so low power, and yet handling the wealth of services I’ve been running on it (with a lot of overhead yet).

The two are not even remotely in the same category of CPU. This is a comparison of apples to orchards.

It has for sure been there for at least a decade now. I think most people autopilot through OS installs.

It says so on the installer page where you are asked to enter a root password.

FWIW: I’m not arguing for or against Debian as a beginner friendly distribution. Just mentioning that you don’t have to set up sudo manually.

Nonfree is usually something people are going to want to enable (Nvidia, Steam, Media codecs, etc)

You can install a nonfree image, but a person could argue that needing to know which image is needed is already more advanced than other distributions.

FYI: If you leave out root password on install, it instead sets your user up with sudo privileges.

No, I mean it was debian based. When Steam Deck released, they moved to being an immutable arch based distribution instead.

It also isn’t currently made available for install outside of the Steam Deck yet.

SteamOS prior to steamdeck is an entirely different distribution FYI

You son of a bitch, I’m in.

I’ve become a big fan of mini PC’s for home server use these days (with NAS systems for storage duties). Low power, low heat, low noise, and very affordable.

Beelink on Amazon makes a good selection of them. Always watch for sales. I have several of their machines and have been pleasantly surprised by all of them. The latest addition was one of their N95 systems with 8GB of memory. It hosts Jellyfin, Deluge, Wireguard (client and server), dns, forgejo, etc.

You can say that speaks volumes about the character of the author (though you are the one assigning said “shame”). You were asking why this report deserves credence. The points raised in the report have citations such that you can decide where you fall on the presented issues.

It looks pretty well cited to me. The fact that it was written anonymously doesn’t really take away from that.

90% sure wireguard (the VPN server) is going to need an open port if you want to connect from the outside.

FWIW: I’m running jellyfin and a whole host of other services on a Beelink with an Intel n95 and 8gb of ram. Runs like a champ.

Using Firefox mobile, everything works and is mostly performance 🤷‍♂️

im a big fan of the nas device being single purpose. its life should only exist in fileserving. i have several redundant nas devices and then a big ol app server.

This is the way. Except my “big ol’ app server” is an n95 mini pc that sips power.

Because even if an attacker could gain access even as root he cannot modify system files.

Your comment was already from the position of if an attacker could gain root access. My responses were to that directly, and nothing else.