The news is kind blowing this up bigger than it really is. But I find this as a good thing because I've noticed a few people FINALLY taking the advice I've been giving for years now, and that's to freeze your credit at the big bureaus and some, if not all, of the smaller ones.

That being said, I checked this data dump for my own data as well as a bunch of friends and family. Not a single person I checked was in it... Which is why I'm not finding this breach to be that frightening personally. The ATT breach was way worse. Also Krebs posted on this today... A good read for anyone interested. Main thing I took from it was a large number of these entries belong to people who have passed away already.

Hey this is pretty nice and simple, I like it. Had to hold down on the app to select the settings to change my server, would be nicer if that settings button was within the app itself... But got it pointing to my self-hosted instance and tested it out. Works perfectly! Thanks for sharing

Thanks for clarifying! Took a deeper look on my computer and I guess I learned that NoScript was misidentifying due to the cors or something. Just had to call it out before, as one can never be too careful these days :D

The security part is the reason I use NoScript to do this. We've all typo squatted sites we visit, I'm sure. But if I typo squat a site I frequently visit and see the JavaScript disabled, it forces me to recheck I'm on the right site. Granted it's only happened once where I didn't realize I typo'd until seeing it was disabled, but it only takes 1 time to lose everything...

Not sure the fingerprint concerns are too major for me either. Hopefully most scenarios, I'm flagged as a bot or crawler and out of some data that would otherwise have been collected. Who knows. I imagine that JavaScript makes up for way more fingerprinting though.

I use iperf3 with Speedtest's servers, personally. But for a browser, yes JavaScript is needed.... But needing JavaScript files from like 20 different domains is typically a red flag for me on any site.

My solution to this question a year or so ago was to take my gaming desktop, which was collecting dust after I moved to my gaming laptop, and gut it down to a 4U server rack case. Best decision I've ever made. 12 core Ryzen and 128gb memory. Got a 10g adapter in the pci express, 8xHDD for data and then 2 mirrored nvme for the OS itself. Only thing I kept out was the video card since I had no use for it (yet)

An equivalent "server" on the market would probably cost a fortune and cost you a ridiculous amount of electricity.

The NoScript list terrifies me a little though... Not sure what's going on there, but that's a lot of JavaScript lol.

I've been doing this for a while now with opnsense being what masks the whole network behind the mullvad VPN.

Pros:

• Even fresh new devices that have all that crap junkware installed get routed through the VPN, meaning no tracking to you immediately (unless they sniff the rest of the network and relay your network AP I guess)
• one device instead of many, leaving extra devices available to use for a single mullvad account (limited to 5 devices, at least for wireguard)
• if using wireguard, you honestly won't be hit with network performance issues. Just don't choose a server across the world from you. I chose one in the same country as myself and get an average 95-97% of my internet speed, and that's because I also have IDS/IPS enabled

Cons:

• as others mentioned, increase captcha annoyances
• some banks may lock your account if you try to log in with the VPN
• if the VPN server goes down, the whole network will. This may be a good thing since your don't want traffic to leak, but just pointing out you now have another single point of failure outside your ISP
• when someone's hoarding the entire VPN server you're connected to, you'll probably witness a slowdown

That all being said, if you're not very technically savvy on the networking side or haven't ever setup a custom router/firewall, this will be a pain. But it you want to learn something new and are up for the challenge, eventually it gets down to almost never having to worry about it. I've been doing it for a long time now, so for me personally, I've gotten to the point of only needing to login to the firewall for a VPN setting update or server change maybe once a month

I've had the opposite experience and was actually referring to this generation in my comment, specifically for the series X.

With Xbox 360 and even some Xbox one games, I was able to come home with the game and put it into the console knowing I could play it right away from the disc (or install for the Xbox one and play). When I buy a game now, referring to physical copies, I'm unable to play without requiring internet. I understand some games have limitations on disc size, but once upon a time, that's where multi disc came in. Just the other day I forgot to unplug my console from the network to play a game and was hit by a firmware update request that I couldn't say "later" to. Once that finally finished, I unplugged but I guess the console already got wiff of an update for the game I wanted to play and said I need to be connected to the internet to continue.

This is definitely not something I ran into with older generations, personally. That being said, it sounds like your experience was different, so I suppose mileage may vary

Nice! Guess I can add it back to my wishlist and consider buying it soon! Been holding off on it too long

Just to get it out there... I checked this out about a year ago. It's not completely open source. The project consists of many executables and "pre complied dependencies" that don't appear to share matching checksums which may indicate modifications of some sort. Looks like a great tool, but I'm extremely skeptical of what's going on under the hood.

Hopefully they do truly open source it and prove me wrong, I'd love to give it a try some day.

Got mine connected to the network so I can take advantage of a local install of Emby, but blocked from Internet access, and every time it makes a DNS request (still blocked, but logged), it's added to a personal hosts file for the entire network just in case the kill switch doesn't work for some anomalous reason