In my system, the raid arrays seem to do periodic data scrubbing automatically. Maybe it’s something that’s part of Debian, or maybe it’s just a default kernel setting. I don’t think it helps much with data integrity – I think it helps more just by ensuring the continued functionality of the drives.

When it’s running, you can type cat /proc/mdstat to see the progress.

That command will also show you if there is a failing drive, so that you can replace it.

We need protections limiting the length and level of effect of clickwrap agreements.

For now, I will continue using “inspect element” to change the text “agree” to “disagree”, and completely skip proprietary phone apps.

Sure. First you set up a RAID5/6 array in mdadm. This is a purely software thing, which is built into the Linux kernel. It doesn’t require any hardware RAID system. If you have 3-4 drives, RAID5 is probably best, and if you have 5+ drives RAID6 is probably best.

If your 3 blank drives are sdb1, sdc1, and sdd1, run this:

mdadm --create --verbose /dev/md0 --level=5 -n 3 /dev/sdb1 /dev/sdc1 /dev/sdd1

This will create a block device called /dev/md0 that you can use as if it were a single large hard drive.

mkfs.btrfs /dev/md0

That will make the filesystem on the block device.

mkdir /mnt/bigraid
mount /dev/md0 /mnt/bigraid

This creates a mount point and mounts the filesystem.

To get it to mount every time you boot, add an entry for this filesystem in /etc/fstab

The man page at https://btrfs.readthedocs.io/en/latest/mkfs.btrfs.html says:

RAID5/6 has known problems and should not be used in production.

So those profiles have unknown, unspecified problems.

But btrfs is safe on top of md-based raid1/5/6. It also has the advantage that you only need to encrypt one volume.

Have you imported the tails-signing.key yet? Usually you can double-click on that to import it using whatever graphical gpg frontend is set up on your system. It may ask you how well you trust the owner of the key. You can answer that question however you want without affecting this verification process.

Next, it looks like you run the instructions from this page: https://tails.net/install/expert/index.en.html#verify

Some of those command line parameters look a little paranoid. The basic command you want to run is: gpg --verify somefile.sig somefile.img

Don’t thank God. God was a supporter of the 6-day work week.

Thank a labor activist.

The easiest way to disable unnecessary services is to uninstall them with aptitude, or whichever package manager you like. Try terminating services one by one, and see if anything bad happens. If nothing bad happens, you can probably uninstall it. On the other hand, if the system does get wonky a reboot should fix it. Or, you can research the services by name and decide whether to uninstall them. (avahi-daemon for example is a good idea to uninstall.)

To make the GUI not run, uninstall your display manager (gdm, xdm, nodm, or whatever) and uninstall your xorg server or wayland server. There may be GUI programs remaining after that, but they will only be consuming disk space, not RAM or CPU.

If the battery is old and holds little charge, you may save a few watts by removing it and throwing it away, instead of letting the system keep it topped off.

Get a power meter, such as a Kill-a-watt device. Then, experiment with different settings. If it’s consuming less than 30 watts, you’re probably fine. If you live in the US, one watt-year is about one US dollar (or a little more), so for every watt it consumes, that’s about how much you will pay per year for its electricity.

NTFS is considered pretty stable on Linux now. It should be safe to use indefinitely.

If you’re worried about the lack of Unix-style permissions and attributes in NTFS, then getting BTRFS or ext4 on Windows may be a good choice. Note that BTRFS is much more complicated than ext4, so ext4 may have better compatibility and lower risk of corruption. I used ext3 on Windows in 2007 and it was very reliable; ext4 today is very similar to ext3 from those days.

The absolute best compatibility would come from using a filesystem natively supported by both operating systems, developed without reverse engineering. That leaves only vfat (aka FAT32) and exfat. Both lack Unix-style permissions and attributes.