• 1 Post
  • 17 Comments
Joined 6 days ago
cake
Cake day: October 26th, 2024

help-circle






  • tl;dr: classic convenience/privacy. depends on your threat model. surely better than Google. models of zero trust will help.

    That’s a great question, that I have asked myself before too. It doesn’t have one answer, and any one would make their own choices based on their own respective threat model. I’ll answer you with some of my thoughts, and why I do use their services.

    I’ll take as an example my usage of NextCloud, coming as a replacement to Google Drive for example.

    let’s break up the setups:

    1. client (mobile app, desktop client, browser)
    2. communication to server
    3. server

    It’s oversimplified, but to the point: In Google’s setup, you have control of 0 out of three things.

    1. you use their closed source client, 2. they decide the communication to the server (if there’s any CDN, where their servers located, TLS version), and 3. data is on their servers, wether encrypted or not is up to them.

    In NextCloud’s setup,

    1. The clients are open source (you can varify them, or build your own),
    2. communication to server is up to you. and in this case you trust your data with CF, that’s right. gonna have to trust them.
    3. server is your server, and you encrypt the files how you want.

    From just this look, NC is clearly better off. now, it’s not perfect, and each one will do their own convenience vs privacy deal and decide their deal.

    If you deploy some sort of e2ee, the severity level of CF drops even more, because they’re exposed to less data. specifically for NC they do do e2ee, but each solution to its own. https://nextcloud.com/encryption/ this goes as an example for zero trust model. if you handle the encryption yourself (like using an e2ee service), you don’t have to trust the medium your data is going through. like the open internet.









  • I think it’s running Raspberrian. I wanted something Debian based, and thought the official image will do (it does).

    Specifically on my Pi, I’ve set it up in such a way that even if it loses power or internet, I won’t need to do anything for it to be back up.

    But I did have lottts of problems on my VPS. programs crashed, Out Of Memory crashed the OS… really, no shortage of errors. And I had service there I used all the time like music.

    So what I did is use Termux on my phone. this way I could SSH to it from anywhere. Just click the button, run a few commands and be back on with my day. It’s the most convenient way I’ve found. being able to do it from my phone on the go. And since it’s CLI it was much easier to do. Just run the command needed and leave.

    If you want I can elaborate on what Termux is and how I used it here.