I think a possibility is a series of open source anvil or nixos scripts that you can run on most hardware with minimal changes, in an extendable architecture of some kind to add or remove functionality and they perhaps get maintained by the community or some structure of the kind of Linux distributions.

This could enable people with minimal skills set up and maintain a reasonably useful but secure environment just by changing a few variables.

I can’t imagine any system of influence running an exposed ssh without some further protection from connection abuse like fail2ban.

Perhaps this was written much earlier than v5.

Maybe this is useful https://tunnelbroker.net/

Are you on an enterprise subscription / office 365 work or school account or something like that?

Since both PCs are running windows just install powertoys and use mouse without borders

Of course that means can only be controlled after booting, no Bios control.

Same. If a newbie can’t get stuck inside, is it even a text editor?

Sorry, probably not.

This is meant to run hosted (like a website), so it needs a server setup.

If it all sounds like gibberish then you don’t understand what a lamp stack or a docker container is it’s unlikely you’ll be able to install it on your own in a way that is useful or that you can maintain for security.

You could possibly hire someone to install it on your behalf - but given that it’s dealing with your finances I would be hesitant to do so.

If you are on Android try the Cashew app - has a paid tier but it’s unlikely you’ll need it and is minimally intrusive.

The Organic Maps app implementation is pretty neat.

All business models are aimed at company profitability. Customer satisfaction is an expensive early necessity which you can largely do away with as you become entrenched.

Unless you want a hosted solution I find pdf-arranger to be lighter and self contained.

I’m assuming it’s aimed at people trying to avoid tying the hosting IP to the publicly consumable service.

That vignetting blur in a lot of your album and the super saturation makes it look like a render.

Looks delightful though.

Ideally you need a double-blind checking mechanism definitionally impervious to social engineering.

That may be possible in larger projects but I doubt you can do much in where you have very few maintainers.

I bet the lesson here for future attackers is: do not affect start-up time.

From what I read it was this observation that led him to investigate the cause. But this is the first time I read that he’s employed by Microsoft.