> What steps did you take to make it simple enough for your family to care?
GNU/Linux desktops for all, for me NixOS/Emacs (EXWM), for relatives mostly Gnome SHell (the second capital is NOT a mistake, but they want something like that) and XFce, no wifi, at least I have few MikroTik APs but powerd off, powered on only if I have a guest and he/she can't use wired ethernet. Desktops have "proper" WebVM [1] with user.js/various extensions etc all regularly kept up to date backed up and casually restored around once or twice a year when I upgrade from a major release to another. IoT stuff (domestic p.v. + related tools) offline on a separate network with a homeserver (Home Assistant pip-installed, not the absurd docker image) bridging the WebUI part from the desktop's LAN.
> Did you retain any restorative powers? As in keeping master passwords to certain things and/or emergency accesses like in LastPass?
I have a printed copy, "encrypted" with a simple letter substitution scheme those who need know it, of some passwords, so they can ask for help someone who know GNU/Linux if I have some health issues/I can't really help for some reasons, but it's not much a tested setup just something do and explained a bit without really having ever used it so I can't really know how much it can work, it's a potentially serious issue but so far no one seems interesting in that, I'm healthy etc so...
In iron terms I have enough iron to survive various faults on both desktops and homeserver/mini-small-rack side, in software terms everything is almost reproducible with org-mode documented and tangle-ed NixOS configs and relevant custom ISOs ventoy-deployed locally or deployed via LAN depending on the case. Not everything is fully covered but it's enough.
> Which subjects spurred the most discussions and how did you solve it?
Well... The "family policy" a bit against my will is "you are the techie, we do not care" so there aren't really be discussions, just few explanations/training etc
> Which items do you share amongst all family members?
Phone system (Grandstream UCM PBX + GXP phones simply because when my old Asterisk card die and I see an offer for the PBX I was a bit tired of Asterisk), video surveillance, witch is only outside and physically powered off when someone of us is at home. Aside the small p.v. system witch, sigh, is to be counted in the "digital" things since it's full of FWs and to be effective enough (like piloting the hot water production depending on the sunlight) it demand a home assistant...
Essentially my general policy is:
- restricting as much as possible the attack surface
- restricting connected stuff (witch count in the attack surface) as much as possible, still leaving a bit of comfort
- be reproducible
- have a bit of redundant gears, not for anything, too expensive and demand too much space, but for something yes. For instance a VoIP spare phone + two analogs (with the PBX that have two fxs ports), around a desktop (ssds, mobos, CPUs, ram etc) and a half as spare parts, two 16 ports spare switches against a 48 ports in production one (not all ports used, of course) etc.
[1] monsters mostly called browsers for legacy reasons, like Firefox or Chromium that actually are not much more "browsers" than a JDK...
> What steps did you take to make it simple enough for your family to care?
GNU/Linux desktops for all, for me NixOS/Emacs (EXWM), for relatives mostly Gnome SHell (the second capital is NOT a mistake, but they want something like that) and XFce, no wifi, at least I have few MikroTik APs but powerd off, powered on only if I have a guest and he/she can't use wired ethernet. Desktops have "proper" WebVM [1] with user.js/various extensions etc all regularly kept up to date backed up and casually restored around once or twice a year when I upgrade from a major release to another. IoT stuff (domestic p.v. + related tools) offline on a separate network with a homeserver (Home Assistant pip-installed, not the absurd docker image) bridging the WebUI part from the desktop's LAN.
> Did you retain any restorative powers? As in keeping master passwords to certain things and/or emergency accesses like in LastPass?
I have a printed copy, "encrypted" with a simple letter substitution scheme those who need know it, of some passwords, so they can ask for help someone who know GNU/Linux if I have some health issues/I can't really help for some reasons, but it's not much a tested setup just something do and explained a bit without really having ever used it so I can't really know how much it can work, it's a potentially serious issue but so far no one seems interesting in that, I'm healthy etc so...
In iron terms I have enough iron to survive various faults on both desktops and homeserver/mini-small-rack side, in software terms everything is almost reproducible with org-mode documented and tangle-ed NixOS configs and relevant custom ISOs ventoy-deployed locally or deployed via LAN depending on the case. Not everything is fully covered but it's enough.
> Which subjects spurred the most discussions and how did you solve it?
Well... The "family policy" a bit against my will is "you are the techie, we do not care" so there aren't really be discussions, just few explanations/training etc
> Which items do you share amongst all family members?
Phone system (Grandstream UCM PBX + GXP phones simply because when my old Asterisk card die and I see an offer for the PBX I was a bit tired of Asterisk), video surveillance, witch is only outside and physically powered off when someone of us is at home. Aside the small p.v. system witch, sigh, is to be counted in the "digital" things since it's full of FWs and to be effective enough (like piloting the hot water production depending on the sunlight) it demand a home assistant...
Essentially my general policy is:
- restricting as much as possible the attack surface
- restricting connected stuff (witch count in the attack surface) as much as possible, still leaving a bit of comfort
- be reproducible
- have a bit of redundant gears, not for anything, too expensive and demand too much space, but for something yes. For instance a VoIP spare phone + two analogs (with the PBX that have two fxs ports), around a desktop (ssds, mobos, CPUs, ram etc) and a half as spare parts, two 16 ports spare switches against a 48 ports in production one (not all ports used, of course) etc.
[1] monsters mostly called browsers for legacy reasons, like Firefox or Chromium that actually are not much more "browsers" than a JDK...