OK, Hans. I'll show you. Stand to your reft.

Local adversaries in the TOR adversary model sense, and that would of course be in the best case. Just saying that the device is practically just a L3 anonymizer VPN, but even that could be enough for some cases. This is assuming that they do not MITM HTTPS connections, or scrub even the plain HTTP, which I doubt.

This anonymizer works primarily against local adversaries. The target sites, and $deity forbid tor exit nodes, can deanonymize the traffic quite easily. In addition, it may not be plug & play in all regimes, as exemplified by the chinese tor blocks, which require manual bridge configuration.

I would also be concerned about life cycle management of such a box. Although, they could offer updates from a hidden service quite easily, as an unattended service it might cause some trust issues. Also, seeing how the tech appliance market works in most cases, I would imagine that it will not update its OS.

How strong is the key to your encfs? Where do you store the key, if not in your memory? Who has access to the encrypted blob? Does your threat model involve those people, or is it special in that sense? How generalizable do you think your solution is from the point of view of implementation difficulty and threat model uniqueness (scale 1-5)?

Enough questions?

Bugmenot is rather interesting example, since it kind of shows that the cost of leaking a password can actually be negative (for the society).

Easy for you to remember translates into easy for an attacker to guess. Whether you're adding random chars to the password string (entropy), or using your mangling rules (Kolmogorov complexity), the attacker effort to guess and your effort to remember will be the same in both cases. The other only being harder to estimate. Complex looking transformations may still have low Kolmogorov complexity, in the worst case your mangling rules can be approximated or short cutted with much simpler rules.

Except that you really cannot use a password manager for the critical accounts. Unless, it's a local one, and then its suddenly not that portable anymore. There is some promise in mobile phone based password managers, though.

With online password managers there is only your master password holding your passwords from the operator of said service, and that is in the best case when the service is implemented with client side decryption. How much entropy you can expect from a master password anyway? I would say that for most users it's around 30 bits maximum (under some near optimal password cracking entropy model). This translates to around 12 character pronounceable autogenerated password (one can only give upper limit for entropy for human generated ones). How long it takes to brute force it depends on the key derivation function, which is limited in strength by the maximum login delay.

However, you could use a password manager for the shit-tier accounts...

The repairman can do something else, if he is not actually creating value in his current profession. Sounds horrible, and it is to some extent. Pretty soon we'll discover that it will be best for everyone to just do nothing.

The supply chain for the replacement parts will have to be different from the B2B side of things. It will most likely also include a lot more human handling per unit. This all consumes resources, human labour is particularly environmentally unfriendly. Trained first world human labour even more so.

Fixing your own gear by yourself hides these cost from you, and you may even enjoy it so it does not matter. I have serviced a couple washing machines, and apart from blood everywhere because of sharp edges it is mostly fun tinkering. It is not for everyone. People tend to buy new washing machines when the drain pump gets clogged. That is still more about the people being less informed, rather than any conspiracy by the device manufacturers.

The obsession about major appliances is pretty much your own if you read back. Planned obsolescence is not usually even a phenomenon for those things. Still, many people could do with less well built ovens. It is quite hard to build those to fail, though. Majority of the things that people buy are small and dispensable. If majority does not mean the greater number of things, then my language skills have failed me severely and I apologize.

What is a major appliance to you might not be major to everyone else. There are people who use bread machine daily, and others who just stuck it in a kitchen drawer after buying it. You don't know anyone who uses his/her oven approximately once a year to burn a pizza to a charcoal?

So, you throw the penny into a bypassing plane which goes to California where the penny drops inside your friends pocket? No individual handling required, just mass transport. No storage facilities, everything works in sync. It's almost like we would be living in a dream world.

All this time I have been a fool who assumes that logistics includes a lot more stuff. But apparently mass transport is everything that is needed to get the crude resources, shaped into a thing on the way, to hands that need it.