Sure, but you can’t access your home network anyway if your router is turned off…

of course but most routers won’t do anything like this. and by router I mean the all in one devices people have, not enterprise gear.

Asus routers, even my 15 year old tplink archer A7 could

with factory firmware?

the only router firmware I have seen be able to do that is openwrt, and maybe mikrotik’s. none of these are common though, but if you can do this then yes this is a pretty efficient solution

You can also generate your own certs and use your own ca.

I do this, with a custom root cert, but it has problems. some apps don’t accept it, some only accept it by totally disabling cert verification.

installation is also very cumbersome: you go to a weird, badly structured menu on your phone deep in the settings, and select the certificate from storage where apps could have had replaced it while you were navigating the menu.
it does not ask you for confirmation, does not show anything important about the cert, like its fingerprint you could use to quickly check its not been modified, any name constraints, validity period, etc. users cannot tell what that cert will grant its creator, because the system does not tell them anything so that they could decide, other than a generic “your connection may be monitored” message at all times. and when they refuse to install your cert, they are right, because this way it is very risky.

so please tell me “how to do things right”, or shut up if you can’t tell any useful info

Then VPN in, send a signal to the esp using one of various methods to tell it to send the packet.

this sounds like it requires another computer already turned on

yes you need if you want HTTPS that is accepted by the smartphone client apps of your services.

domains are a constant expense

we shouldn’t need to pay for a domain to be able to self host.

yes, I made a mistake when writing. I was hoping I edited it soon enough that nobody noticed

element call is still a separate thing, but I guess it’s better integrated now

element also has their own service for that, element call. that too can be used without login, or selfhosted

ps: I was wrong it’s not a fork, but a different thing doing the same and more

It’s this one: https://git.gammaspectra.live/git/go-away

the project name is a bit unfortunate to show for users, maybe change that if you will use it.

some known privacy services use it too, including the invidious at nadeko.net, so you can check there how it works. It’s one of the most popular inv servers so I guess it cannot be bad, and they use multiple kinds of checks for each visitor

there’s a fork that has non-js checks. I don’t remember the name but maybe that’s what should be made more known

its not beta anymore since 2.0

its not beta anymore since 2.0

its definetly not lossless, but it works quite efficiently

“right now” like if it couldn’t be a problem later again

nepenthes is the tool for that

Probably because its so easy to walk in and just take money out i feel like im gonna get caught for something bad that I didnt actually do.

this part made me realize the reason I have the feeling is money laundering laws, background checks and legal takeout limits

Define ultimate. Actual ultimate excludes any privacy for anyone.

Your basic home or business user only needs an unmanaged switch, good enough.

I always say vlans are useful in any environments