Agreed, this is a nice inclusion. I also hate sudoers with a passion - I already use doas but it's not standard (in the Linux world anyway), but with systemd providing an alternative means that it'll become a standard which most distros would adopt, and I hope this means we can finally ditch the convoluted sudoers file once and for all.
I personally use a ThinkPad Z13 (all AMD; it's nice but pricey), but I'd recommend getting a Framework (which wasn't an option for me back then). I think modular and repairable laptops are cool, plus they seem to be well supported by the Linux community.
Samsung midrangers like the A15 / M15 / A25 etc have both the jack as well as an sdcard slot. There's also the Motorola G34 and the G84. And finally, there's also a flagship - the ASUS ROG Phone 8 Pro. And a whole bunch of Chinese phones which I won't bother mentioning.
You might be interested in these things called mouse jigglers, they range from a tiny USB dongle that simulates a mouse, to motorised movement pads that you can place under a real mouse, which would be undetectable by software.
if any one of my Windows or Android units got stolen and somehow cracked into or something.
This shouldn't be a concern if you're using disk encryption and secure passwords, which is generally the default behaviour on most systems these days.
On Android, you don't need to worry about anything as long as you've got a pin/password configured, as disk encryption has been enabled by default for like a decade now.
On Windows, if you're on the Pro/Enterprise edition, you can use Bitlocker, but if you're on Home, you can use "device encryption" (which is like a lightweight Bitlocker) - but that requires a TPM chip and your Windows user account linked to a Microsoft account. If that is not an option, you could use VeraCrypt instead, which is an opensource disk encryption tool. Another option, if you're on a laptop, could be Opal encryption (aka TCG Opal SED), assuming your drive/BIOS supports it.
TL;DR: Encrypt yo' shit, and you don't need to worry about your data if your device gets stolen.
The answers here are only partially correct. If you want to use your device internationally, there are four things or categories you need to consider:
Carrier locked devices
Region-specific devices
Carrier whitelisting
Regulatory requirements
Carrier locked devices are exactly that, these are the ones sold by your carrier and subsidised, they usually mention that you can't use them with other carriers. Eg the SM-S928U of the S24 works only on AT&T. If you have one of these, you may be able to buy an unlock code online to unlock your phone. Depending on your model, you might also need to flash compatible firmware or unlock additional bands from the service menu, if you want to be able to actually use it with your destination carrier.
Region-specific devices generally have limited cellular bands, meant for usage in that country. Eg although the SM-S928U1 variant of the S24 is factory unlocked (unlike the SM-S928U), it may not carry all the bands required for operation outside the US. If you're unsure about compatibility, use this website to check the bands for your target country/carrier. Generally though, if you travel a lot, it's recommend to buy the international / global variant of a phone. As an alternative, if you have a US variant Samsung, you could use the service menu to enable all bands. Though regardless of the variant, it's always a good idea to check the band compatibility before you purchase the device/travel.
Carrier whitelisting is a recent annoying thing which carriers have started doing for some technologies such as 5G, VoLTE, VoWiFi etc. Some of these features may or may not be critical for you, for eg, if the destination carrier no longer offer 2G/3G services, that means you must be able to get VoLTE in order to make calls. And VoWiFi is needed if you're in an area with poor reception, but have WiFi access. Finally, 5G would be a bonus thing but most carriers allow only whitelisted models to connect to their 5G services. Samsung normally should work in general, but given how many variants Samsung makes, there's no guarantee that your specific variant would be able to use some/all of these services. So you'll need to check with your target carrier in advance to see which of their services your phone would be able to support.
Finally, some countries may have regulatory requirements which may legally prevent shops/carriers from selling you a SIM card, if your phone isn't in their database. For instance, in Japan, it's technically illegal to operate a device without a "giteki" mark - and if your phone doesn't have this, operators may refuse to sell you a card. In this case however, you should be fine if you order a compatible SIM/eSIM online before arrival (eg from Sakura Mobile).
It's easiest to just register a domain name and use Couldflare Tunnels. No need to worry about dynamic DNS, port forwarding etc. Plus, you have the security advantages of DDoS protection and firewall (WAF). Finally, you get portability - you can change your ISP, router or even move your entire lab into the cloud if you wanted to, and you won't need to change a single thing.
I have a lab set up on my mini PC that I often take to work with me, and it works the same regardless of whether it's going thru my work's restricted proxy or the NAT at home. Zero config required on the network side.
Waydroid works, but there's three main things you need to get things going to replicate a typical Android device:
OpenGapps: For GApps/Play Store. You'll also need to register your device to get an Android ID.
Magisk: Mainly to pass SafetyNet / Play Integrity basic checks.
libndk / libhoudini: For ARM > x86 translation. libndk works better on AMD.
Widevine: (optional) L3 DRM for things that need it, eg Netflix
There are some automated scripts that can set this all up. I used this one in the past with some success.
Also, stay away from nVidia. From what I recall, it just doesn't work, or there are other issues like crashes. But if you're serious about Linux in general, then ditching nVidia is generally a good idea.
Finally, games that use anti-cheat can be a hit-or-miss (like Genshin Impact, which crashed when I last tried it). But that's something that you may face on any emulator, I mean, any decent anti-cheat system would detect the usage of emulators.
Don't use Flatpak etc for VPNs, it's limited, insecure and pointless.
It's highly likely that the Flatpak version is not routing your DNS queries, thus leaking your location. I wouldn't be surprised if other traffic is being leaked as well.
Yep. I ran it on my 450MHz Pentium III back in the day - was incredibly fast and felt so ahead of it's time, especially it's multimedia and multitasking performance, as well as the fast boot speeds. It was my second favorite OS back then.