Void Linux with musl. I wanted to try setting up a distro with Musl, but many things I use daily simply don’t work with it, and the hassle of troubleshooting everything was a bit too much. I went back to Fedora Workstation, and I’ll likely stay on it for my workstation (though I’ll switch to Fedora Kinoite when Fedora 40 releases). I also use Fedora Server for my personal server, since it’s very familiar to me, and there’s not a huge point in switching to CentOS anymore with the recent changes, so I’ll probably just stick to it.
The post explains them quite well. HRIR (Head-Related Impulse Response) and SOFA (Spacially Oriented Format for Acoustics) are standards for representing spacial audio (surround sound) in audio files and streams. A convolver is something that performs convolution (a mathematical term for taking one function, applying it to another, and then producing a third function as a result), and a spatializer is more specifically something that, as the name suggests, gives “space” to audio (distorting audio to represent sounds coming from more than simply 2 directions, or again, what you call surround sound). So HRIR Convolver is simply a method to apply the HRIR function to audio to represent it in a way our brain would interpret as 3D audio, and SOFA Spatializer is simply a method to do the same thing, just with the SOFA standard instead of the HRIR standard. Based on the comments of the post, it seems that they recommend you use SOFA.
In either case, Pipewire supports both standards, and it is trivially easy to implement them through filters (as the post covers in depth). You could try both if you want and see which you prefer. If you’re unfamiliar with managing Pipewire and need further resources, the Arch wiki has an entry in great length about it here. I’d recommend reading the comments to that post first if you struggle with anything, such as persistence. Everything you need to set it up should be accessible in that post and its comments.
I’d also like to recommend that you read the post and comments to the post, or simply use a search engine if you come across unfamiliar terms. You can find answers to all the questions you’ve asked through the linked post and a simple search.
Perhaps it’s useful to provide some clarification here. As the other user stated, Linux is set up for multi-user setups and provides logical protection, but you seem to misunderstand how operating systems and file permissions work.
If someone steals your unencrypted hard drive and boots into their own operating system, they are able to circumvent all access control and permissions on your hard drive. This is because when they mount your hard drive your operating system isn’t running; they’re simply reading the stored data, so the access control and permissions set up by your operating system don’t mean anything. This happens with ALL operating systems (Linux, BSD, Windows, MacOS, etc.). Logical protection like access control is only useful while the OS is running, and it cannot help otherwise.
This is why encryption is important, because it prevents unauthorized access when the OS isn’t running. If you’d like to see just how easy it is to access unencrypted data, make a live USB and boot into it on any unencrypted computer (assuming you have permission to do so if you don’t own the computer). You don’t even need to extract the hard drive in most cases to read file contents, you can simply boot into a live USB. The only situation where this isn’t the case is when USB booting is disabled in the BIOS and the BIOS is password protected, but you could always just remove the CMOS battery to clear the settings to bypass the BIOS password anyway.
Unencrypted data will always be trivial to retrieve when the attacker is allowed physical access to your computer.
1984.hosting is great, I’ve been using their service for a couple of years now. They’re based in Iceland (really strong privacy laws) and have options for crypto payment if you don’t want to reveal yourself through your payment method. As with all registrars, they’ll need an email address (or alias) to reach you at in case there’s a domain dispute, and while they also ask for address and phone number, they’ve never had me actually verify anything beyond the email. If you give a fake address and phone number, then you’ll just need to understand that if someone challenges your domain, it will be very difficult for you to prove ownership with fake details (not as if that’s likely to happen unless you’re allowing the site to be crawled by a search engine though). I only have a domain through them, not a hosted webserver, but they seem to have good options for hosting. I know that they handle Let’s Encrypt certs automatically for hosted sites, and they run off green energy (geothermal) if that matters to you.