Yes 2FA is good, but most people default to their phone being the tool, but your phone number can be ported by scammers, or is often the target of theft

The solution to that is you purchase a backup key and enroll both when presented with the QR image for new OTP links, or add a secondary FIDO key on some accounts. Then you store the other one in a fireproof box.

Or you use a cryptographic key and print it out using shard tool. The shard tool lets you specify how many splits and how many required for a tebuild. It prints out the shards and you distribute to safe places or people. They are useless by themselves but if you scan in the required amount of pieces the tool will rebuild your cryptographic key

Use a yubikey hardware device, only the person with the hardware in hand and password can unlock your accounts

Just takes a brute force or 0 day vulnerability to get master password access, then they have everything.

Something that seems secure never is online, like the 2017 Intel managetment vulnerability where remote attackers could access your computer by sending a null password, and access your keyboard and camera etc

If you want it that way, but then I’d have a mix of synced folder and regular folders inside Documents.

I like to keep if completely separate, for backing up user documents via dejadup differently than the synced stuff.

Hardware folder (synced via sync thing). All hardware PDFs, notes images etc get subfolders by manufacturer. It is helpful for keeping track of use manuals, firmware or config settings for each piece of hardware.

Not sure about the distro being used, opensuse makes a docker zone to put docker interfaces on, those have their own ports and rules separate then the Ethernet assigned zone ports/services to allow. For me I had the opposite issue, I couldn’t reach my docker containers from my lan, onky from the local machine because the Ethernet was on an internal zone and Docker was on its own zone. I’m not a superskilled networker dude so I just turned on forwarding and masquerade so the incoming LAN zone would forward to doocker zone and pretend to be the local machine connecting and not a LAN or remote IP. I guess if you moved your dockers too the public zone you could get in trouble

Could be signing, if removing secure boot changed behaviour. The proprietary nvidia kernal module needs you to enroll the key in MOK interface at boot after an install or some updates.

You should have gotten a blue screen at boot that said options like, continue or enroll MOK, delete MOK, cancel, etc.

Hardware raid is fine as long as you can still get the same hardware RAID card or Motherboard.

With OpenSUSE are you using the open source nvidia driver, or did you add the nvidia hosted repo and install their proprietary drivers?

The nvidia owned repo did work better for me.

But could be memory leak.

For anyone with laptop, and onboard graphics and nvidia RTX I had to install an opensuse swicher package to ensure appa start on the right GPU (right click option on the app) I forget the app name at the moment, it wanst the bumblebee or optimus, it was something else, Switcheroo maybe.

Yep, it is helpful for corporate applications, where nothing can introduce possible behavioural changes, that affect users, program function or the application development.

Stable will still get security patches and bug updates, just no new major kernel jumps or new features.

Wireguard between you and remote device like a pi. Set pi to portfowarding and masquerading on. It will then let you be on say a 10.x.x x network remotely but will send info on the remote LAN like it came from that pi local IP

Its the short thumb being the issue, I buy the smaller phone screens on purpose

Most common letter E is too far right to be useful as single hand Typer (LH)

Is your system writing logs?

Binary blobs

Binary blobs

It is very expensive, so ideally join a uni or school program that has acedemic licenses.

FreeCAD is a step below the AutoCAD suite. On shape is comparable for mechanical design. Siemens NX is top tier only matched in high end functions by CATIA. NX and CATIA dominate in Automotive, and Aerospace.