The holy trinity, the father, the son and the holy spirit are the same entity.

It will be a long time and a lot of innovations in material science until you can implant a quantum computer into a person. So much that I am not sure it is even possible (or practical)

That is the “low tech”; works 100% of the time; will make your live easier in the future solution.

It takes longer than remounting but getting rid of a NTFS drive in a Linux only environment is a good move.

That is like saying a 12 year old should be able to be healed from being quadriplegic because they are still growing. Some medical conditions are for live (at our current medical knowledge) and it doesn’t matter if they are “physical” or “mental”.

That’s the difference between a stew and a soup where everything had been puréed

Client isolation doesn’t help. That is just the access point not routing traffic between connected devices. The problem with WiFi is it is a radio signal. Everybody in range can receive 100% of all communication on that network. Just by being in range the attacker can do passive sniffing. No wiretap needed like with cabled networks.

WiFi is encryoed if it uses a password. So any public WiFi without a password can be sniffed by literally every device in range (no need to connect to the WiFi for sniffing). On public WiFi with a password, the radio signal is encrypted but everybody knows the encryption key. So everybody connected to the WiFi can still sniff the traffic of everybody else.

That encryption is only on the WiFi level, so encrypted radio signals, not on the actually traffic level (like TLS/HTTPS etc).

The post office knows who you are sending letters to. They have to know because they have to deliver it. They do not know the content of the letter. They also dont know if the letter will be passed along by the receiver to a different destination.

Your ISP knows you are sending traffic to a VPN but not where they are sending it to. The VPN knows where you are sending traffic to but not the content of that traffic. So if you browse a website that only serves pirated content, then they knows you are consuming pirated media but not which media.

If the law requires the VPN to report any and all traffic to blacklisted sights then a “no logs policy” would breach that law.

However to make this law work, Italy would have to ban all VPNs and http proxy services outside of Italy. Italy would have to force pretty mutch the whole world to follow this law for it to work.

What happens if you run a tiny server on AWS in the USA to proxy your private traffic. Unless AWS USA is watching all traffic to see if it complies with Italian law there is no way to enforce it.

.LAN is not an official top level domain. So I assume this is either your home network or work network? In any case your problem has nothing to do with the .LAN doman.

Maybe you have “https everywhere” activated. If so, Firefox will always default to https unless you specify http in the URL. Again, unrelated to .LAN.

For the certificate: what do you mean “when available”? A self signed cert is a self signed cert. There is no “available” or not. You can import the certificate into the Firefox trust store so Firefox will trust that one specific cert but any other self signed cert will cause an error. That is expected and save behaviour (and unrelated to .LAN).

No, why would it? It will run code in the context of the current user which is absolutely enough to start a new process that will run in the background, download more code from a attacker server and allow remote access. The attacker will only have as much permissions as the user executing the code but that is enough to steal their files, run a keyloggers, steal their sessions for other websites etc.

They can try to escalate to the admin user, but when targeting private victims, all the data that is worth stealing is available to the user and does not require admin privs.