Yeah. To be honest on the DNS side it would probably be far easier to just do a whitelist instead, block everything except your specific service. and yeah, its a stupid amount of work. i hate smart tvs but i’ll be damned if im gonna pay extra for a streaming box =|
just saying its possible
Not sure if you mean hardcoded DNS IPs or hardcoded “phone home” IPs. Hardcoded DNS addresses in devices are annoying, the only way i’ve found to get around that is using destination nat rules (DNAT) which requires more than a consumer router typically. hardcoded phone home IPs would get blocked by your firewall. you’re right that most firewalls are set up by default to implicitly allow outbound traffic. you set up a rule that denies all outbound traffic from the TV, then only allow port 443 (or whatever port your streaming service uses) on the specific IP/IPs that your service uses. Here’s Netflix’s published IP info for example.
edit also i’m fully aware it’s fucking ridiculous that we as consumers have to go through this much rigamarole. you shouldnt have to be a literal network engineer to do something as simple as have a tv that doesnt spy on you.
no it helps to block everything that isnt just netflix or whatever streaming service you use. you combine a DNS adblock along with blocking all the unused ports and it severely limits the communications. you could also add a vpn to add another layer of security. idk about jellyfin but most streaming services i know use https/443 to stream to your tv. so youre only allowing the specific service you want and only on a specific port. buncha great dns blocklists here https://github.com/hagezi/dns-blocklists, and a smart tv specific one for pihole here https://github.com/Perflyst/PiHoleBlocklist/blob/master/SmartTV.txt
It’s relatively easy to restrict a smart tv to TLS/HTTPS traffic only using your router and a dns adblocker.
hah, computers have had the same drive rail layout for so long that i didn’t even notice! ._.
what, do i dare ask, are the computer holes?
arch wiki is good, been using that since i migrated to cachyos in september (had been running win 11 pro for years prior to that). only major issue i had was display related lol, i use a tv that needs a custom EDID to expose 120hz mode and it was an absolute nightmare trying to generate it with linux. ended up using a linux tool to dump my existing EDID then popping it into CRU via wine to generate the new one. Works pretty damn well now, have to say.
It’s all just one big ass blast.
"If this policy is enabled, the Microsoft Copilot app will be uninstalled, once. Users can still re-install if they choose to. This policy is available on Enterprise, Pro, and EDU SKUs."If this policy is enabled, the Microsoft Copilot app will be uninstalled, once. Users can still re-install if they choose to. This policy is available on Enterprise, Pro, and EDU SKUs.
so… they arent allowing admins to uninstall it. they’re letting admins ask their users very nicely to not reinstall it.
also look on the bright side… at least they haven’t given Clippy sentience yet!
granted, but now your username is “gouthaver87”
frfr. bill gates must be rolling over in his grave.
I “early adopted” Win 11 when the Ryzen 5600X came out (late 2020 i think?) and it was objectively better at release. All MS had to do was fix the start button and then not fuck with it and I’m sure there would have been way less hatorade flowing.
Don’t worry, he won’t let them vote!
Daaaamn. The closest thing I could think of was my friend’s 96 (98? Whenever the EK body started) Honda civic that had the factory alarm and remote locks in the radio. He ended up splicing some wires and shoving the factory radio into his glove box or something to get around it.
How long until they start putting some kind of DRM in cars that prevents you from just installing an aftermarket android auto head unit?
Don’t forget eating almost exclusively fast food so that nobody can poison your meals.
to get something as flexible as my android tv i’d need an nvidia shield and those are going on ten years old at this point. maybe if/when they do a hardware refresh, assuming sideloading isn’t completely impossible by then.