See from the notification settings if this notification is categorized under some head. And if the category is not catch all, you may disable notification for that category. Otherwise blocking all notification or switching to alternative app would be the last option.

Good for privacy! But I really doubt it would work for all recognition systems.

Some funny pitfalls that may occur - Self driving cars would prefer to hit that person if had to make a choice between him and some other human. And, there is possibility that the Street mapping cars would not blur his face for the lack of detection.

From IPv6.rs FAQs I get the impression that they only provide IPv6 route through their tunnel. I think self-hosting something only reachable via IPv6 would cause you trouble accessing it in IPv4 only networks - which are still far more common compared to IPv6.

Hurricane Electric provides such IPv6 over IPv4 tunnel facility with /48 block routed to your network. I’ve only used this service for testing my IPv6 knowledge, so performance-wise I’m not sure how good it is. Thus, if IPv6.rs provides a significant performance over the HE-TunnelBroker, then I’d suggest you go with IPv6.rs given a decent price for the service.

If you are considering a simple to set-up tunnel utility for your self-hosting applications, I’d suggest you consider other tunneling options which have both IPv4 and IPv6 capabilities. Some widely used ones are Cloudflare Tunnel and Ngrok. You may also use Tailscale to connect both server and client via VPN. Using Cloudflare or Ngrok would involve some privacy concerns, as they can see the traffic passing through the tunnels in plain text.

E: better words substitution

Few things which makes achieving reproducible/deterministic builds hard are - timestamps of generated/compiled files, continuously updating versions of build tools(+support libraries), output binary difference compiled across different OS.

We can use docker based build system for this, but it would require very carefully configured Dockerfile to keep the build tools+libraries on specific version. And if we do a pre-built Docker Image, then the Reproducibility of that Docker Image has to be proven first. It is indeed a difficult task, but not an impossible one. With F-Droid providing a sound framework for reproducible build generation, I believe we would have majority of large Android Apps reproducible in next few years.

Just a reminder that even though the tunnel itself is encrypted, the whole connection is not E2E encrypted between your remote client and the server. Cloudflare as a CDN/PoP provider can see the traffic in plaintext.

In all other aspects, this is a great solution, as we even get to use the edge caching(over top of all others mentioned above) facility - which further reduces the requests to origin server.

I’m a web-app developer myself. So I don’t mind configuring things if needed. I can opt to configure if it meets my goals better. I’d check out nagios. :))

Not as part of core GrapheneOS, but an app called “Private Lock” can detect sudden force via accelerometer and disable the fingerprint based unlocking for next unlock.

But yeah, an erase passcode feature with opening a decoy profile would be a great feature to have.

E: grammar