You create a (self-signed) CA certificate, put its certificate as the client ca in your web server.
Then you can create certificates using this CA that you distribute to your devices, only devices that have a certificate signed by your CA are allowed to connect.
see systemd.unit(5), systemd.service(5), systemd.socket(5), systemd.device(5), systemd.mount(5), systemd.automount(5), systemd.swap(5), systemd.target(5), systemd.path(5), systemd.timer(5), systemd.slice(5), systemd.scope(5) systemd.link(5), systemd.netdev(5), systemd.network(5) and honorable mentions podman-systemd.unit .container, .volume, .network(...again), .kube, .image, .build and .pod
SINK RATE!
PULL UP!
The problem with that would be that it would make switching to another linux ditribution very, very easy. They would have 99.99% compatibility so a lot of people would switch to another distro if they add stuff like recall.
They would also be opening the can of worms that is massive software support for linux (which is arguably already opening.)
I doubt the os switch is happening too, some will probably switch but that will be a small amount, either they get Linux or afaik all other "popular" options require new hardware anyways (Macos)
I think many will just stay on windows 10 if their hardware doesn't support 11 but ehh
Difficult to say, that's why I'm waiting on the EOL for headlines like "millions of pcs vulnerable due to missing updates" or "maybe we were a little hard on crowdstrike"
They moved to Switzerland due to the reasons listed here.
Linton said that last year the Australian Federal Police (AFP) visited a Session employee at their home in the country. “There was no warrant used or meeting organised, they just went into their apartment complex and knocked on their front door,” Linton said. The AFP asked about the Session app and company
But why
I'm just waiting for the EOL of window 10 to see which of the following will happen:
If it actually were FOSS instead of source available(do not copy), yes.
Well, on linux I'd use systemd's resolved which would listen on localhost:53 (it would also point resolv.conf there) and then set resolved's uplink server to your custom port. I don't have the exact config in mind but it seems to support custom uplink ports("expects IPv4 or IPv6 address specifications of DNS servers [...] optionally take a port number separated with ":"[...]")
Edit: found this: https://en.opensuse.org/Network_Management_With_Systemd
But...an onion address doesn't need a cert?