APU board? They are going EOL soon, but these devices are built like a tank. Full Linux x86_64 support, coreboot bios. https://www.pcengines.ch/apu.htm A few sellers in the EU still have them.

where?

Do not expect you can offer this service for a competive price against cloud prices. Caring for a company IT system is a big challenge and requires more work the more users there are.

For a company this size: make a clear contract. Consider how much time you need for setup/installation, monthly hours for maintenance, monitoring and at least daily(!) backups. Let them choose if they want it with a failover and charge for the required hours and material. Also put in the contract when they can expect support from you, including a clause for a holiday substitute admin (if needed). Then put a pricetag on support hours for holding people’s hands when they “can’t find that file they uploaded a week ago and it is surely a server issue” and put a pricetag on engineering hours for any modifications they might want, like installing any plugins they deem useful for themselves. Hardware prices, traffic, rack space and power should be included as well. Have a good plan for updates, choose your distro wisely, do not rely on autoupdates.

Play all this through in your head, add up the hours, choose a fair rate and then you have your pricetag.

Cloud will always be cheaper, because they have their infrastructure already deployed. Building from the ground up is more expensive, but I think it is worth it. Will they?

GoogleTalk once federated with XMPP/jabber, good times until their userbase was big enough to deferedate again, crippling the jabber network. It will happen again if we let it.

Metas plan is to draw users into their network and use the fediverse as an initial catalyst (“look! so much content already there!”). Once their userbase is large enough, they will deferate again claiming protocol difficulties or something equally vague, but they will just want to start rolling out advertising which would not be displayed to users from other instances. Most users will not keep two accounts and jusy stay with the big corp and leave the original fediverse again.

I still like reading manga on the kindle paperwhite, the eink display is much more easy on the eyes and the weight and battery life are far better than any full blown tablet. Calibre can easily transfer/encode the comics to it, so no proprietary software needed.

i never knew! fantastic!

Set it to airplane mode the day it arrives and never let it go online with the stock firmware if you value privacy - these beasts even send amazon the page you are reading currently on. Calibre is the best tool, it autoconverts anything if needed. It also has an RSS-to-newspaper feature that can create a custom newspaperlike magazine from your favorite feeds for you. Reading manga on Kindle is really fun.

Disappointing that 2/3 of the remaining users seem to vote for reopening.

if you enjoy this, there are various CTF “crackme” challenges available - the most famous one being the radare2 tutorial crackmes. The have different diffuculties from really easy to mind-bendingly difficult.

Oh, of course there is a way. Just open the binary in radare2/rizin/ghidra and look for suspicious code. Of course this is quite time consuming to do this with a binary file, so if you compile opensource code yourself you can at least read the annotated source. If you do not have the expertise to do this, you have to choose who you trust and be careful in general.

A sandbox VM can be just a Linux or Windows VM that is running on your local hypervisor and properly firewalled and configured for security, or in a container (less secure). If a software goes rogue it will likely infect only the VM (unless it knows a hypervisor escape). Proper virtual firewalling can help protect your home LAN.

An operating system that helps you do all this without requiring too much manual work is for example QubesOS.

Don’t know about that app, but it is very easy to create a file that contains malicious code that is not flagged on virustotal at all.

‘joe sandbox’ and ‘hybrid analysis’ offer online services where the file gets executed to test it for malicious behaviour. Of course a seasoned malware developer can detect sandboxes and make the malware hide itself while inside the default sandboxes.

Just avoid running random binaries from untrusted sources; prefer open source or, if you must, use a hardened sandbox VM yourself to run untrusted code.