Matrix is less secure than Signal. While Signal and Matrix use the same encryption, Matrix doesn’t encrypt everything. This includes: message sender, message timestamps, reactions, members, read receipts, etc. All of this data can be accessed by the homeserver admin. On Matrix, you should assume that only the message content itself (text and attachments) is encrypted. Your account data is also not protected, you have to trust your homeserver admin. Signal is designed not to trust the server. It’s important to consider your threat model. Matrix doesn’t require a phone number, which makes it better for anonymity, but Signal has better security.

This is a good explanation of Matrix’s metadata leaks: web.archive.org/web/20210618055112/…/matrix

github.com/yt-dlp/yt-dlp

Try using a third-party app. I know Ice Cubes on iOS handles this really well.

Apple Maps is the best replacement for Google Maps. None of the other options even come close, but it’s only for Apple devices. Organic Maps may work for you but it depends where you are and you won’t get traffic information and the routing is very basic.

The cheapest option I’ve found is Hetzner storage boxes, they don’t even charge for bandwidth. Backblaze and Wasabi are good options too, but Backblaze charges for outbound bandwidth and Wasabi is increasing their prices.

This is a valid privacy issue, and other fediverse projects like Mastodon already solve this. The problem is that by embedding an image, you can tell the client to make a network request to your server, revealing information such as your IP address and browser. The solution is to proxy media through your instance, which is presumably trusted. this hides your IP address and browser information. And as someone else mentioned here, a Content-Security-Policy can be used to ensure this attack isn’t possible in a browser.

Any thoughts on how fixable this is?

This shouldn’t be hard to fix. Lemmy needs to proxy images, there’s an open issue for this. Right now, I don’t use Lemmy outside of Tor Browser specifically because of issues like this, and the recent XSS vulnerability is making me even more concerned. Lemmy is a great project, but it needs work and probably a security audit.

AWS Glacier will be cheaper until you need to restore the data. On AWS, you’ll pay $0.09/GB for bandwidth + Glacier retrieval fees. Over time, AWS might be cheaper but you’ll be looking at a $3000+ bill to restore 30 TB.

You might want to try the Yattee app. No ads and has SponsorBlock

I use Tailscale with my Jellyfin server.