I like the article, but agree with so many of the comments here as well.

Ultimately I think one thing I’d love for would be a way to simply provide services (like Immich) for people but where the client is end to end encrypted, and neither the user nor the service has to worry about the how.

Example: how can I share an Immich with my family and friends, but where I don’t have access to any of their data. I.e. what signal does, but immich or any other service. I want to share my server with friends/family, but I don’t want access to any of their data. It isn’t a lack of trust, it’s that I don’t want that as even something they have to worry about

That same concept then extends here to community hosting. If we can solve the problem for a few, it should be scalable to many.

This guy didn’t want to do the leg work of emailing his photos to his friends, and declares self-hosting isn’t the solution to a social net? I totally see the point in community hosting, in fact I’m all for that.

But really? You don’t have to make your servers public facing, you just white-list the people you want to see your stuff and make sure to organize your drives with public and private pages.

He went through all that and didn’t take it far enough.

I agree with the premise that selfhosting is not something the layman can or want to do, but the assumption that self-hosters only host software that serve themselves is very, very dumb, and clearly comes from the mouth of someone who self-hosts out of hate for corporate services (same, though) and not for the love of selfhosting.

He complains that the software he uses can’t handle multi-users, but that sounds like a skill issue to me. His solution is to make his government give him metered cloud services. What he actually wants is software that allows multi-users. What he wants, by extension, is federated services.

The bulk of users on the fediverse are on large, centrally/cloud hosted instances, but the vast majority of instances are self-hosted, and can talk to the centrally hosted instances, serving usually more than the 1 user who’s hosting the instance in their attic.

The author conflates self-hosting with self-reliance, and I understand why, but it’s wrong. If you’re part of this community, you’re probably not some off-gridder who wants nothing to do with society, self-isolating your way out of the problems we face. If you’re reading this, you already know that we don’t have to live on our own individual and isolated paradise islands to escape Big Tech. Federation is the future, but selfhosting is fundamental to that, and not everything can or should be federated. Selfhosting is also the future.

Lol. So we trust local governments and communities now?

Has anyone ever worked with them IT wise?

I do so in four different EU countries and know people who do in the US and Canada. And…well…there is a reason local governments often went towards the cloud services. Do people think Joe Admin in Bumfucknowhere can operate what basically becomes a MiniDC? And who controls that?

Sorry. Either go “host at home” and only fuck up things for oneself. Or do it properly with a proper DC. Colocate if you want. But that? I know it sounds appealing, especially for someone entering selfhosting (like the author did a few weeks ago). But there is a reason hosting is a business once it comes to other peoples data.

Every city should host main public web servicies for its citizens, each one as an instance of a complex system, that’s how anarchy works.

The LinkedIn-styled writing here is hard for me to get through, but I think the general gist is that for profit platforms are easier to onboard which I agree with. This line stands out:

And what do we get in return? A worse experience than cloud-based services.

I have to disagree somewhat, it’s a different experience that is absolutely more difficult in many ways, but for those of us who value privacy, control over our data, and don’t like ads, the trade-off is worth it. Also it goes without saying that the usability of selfhosted apps has exploded in the past few years and it will likely become less and less of an issue.

I’d love to help community host stuff, but I’m terrified of someone posting cp to a server I have or getting breached.

Companies like Amazon have been playing dirty with Digital Rights Management (DRM) since the Internet’s inception.

False. They came along after the fact and sullied the waters, then lobbied to make it illegal to tinker with the DRM locks, then got richer than God.

End-to-end encryption means the service provider can’t see your data even if they wanted to

Not necessarily. All it means is that intermediaries can’t see the data in transit. You need to trust that the data is handled properly at either end, and most service providers also make the apps that you run at either end. Your library is more likely to buy whatever is cheapest than what respects your privacy the most (e.g. probably Google drive, not Tuta or Proton).

The incentives for even community-hosted services (e.g. if the library spun up its own cloud servers) to share/sell information is just too high. Maybe the library found someone uploading illegal content, and they wanted some monitoring in there to catch service abusers going forward. They’ll probably put something into the client that a third party monitors, and now you have someone snooping on everything.

Instead of this, I think P2P storage is the better option for those who don’t want to self-host. That way there’s an incentive for the person providing storage to not know what it is (reduce liability), as well as the person submitting the data (reduce risk). Unfortunately, most current solutions here are a little shady, because they either rely on volunteers (no guarantees about data integrity) or anonymous payments (again, no guarantees about data integrity).

I’d like to see something in the middle:

• apps that work off buckets of data, that the user configures
• services that provide data guarantees that users can choose (e.g. AWS S3, Backblaze B2, Hetzner Storage boxes)
• common protocol between apps for accessing this data

So if you want more storage, you buy said storage and know who is responsible for protecting it, and your app doesn’t care where it comes from.

That’s possible, but the bigger leap is getting people off the major platforms like Google’s or Microsoft’s cloud.

If you do not have physical access, it is not yours. Trust absolutely no one.

Instead of building our own clouds, I want us to own the cloud. Keep all of the great parts about this feat of technical infrastructure, but put it in the hands of the people rather than corporations. I’m talking publicly funded, accessible, at cost cloud-services.

I worry that quickly this will follow this path:

• Someone has to pay for it, so it becomes like an HOA of compute. (A Compute Owners Association, perhaps) Everyone contributes, everyone pays their shares
• Now there’s a group making decisions… and they can impose rules voted upon by the group. Not everyone will like that, causing schisms.
• Economies of scale: COA’s get large enough to be more mini-corps and less communal. Now you’re starting to see “subscription fees” no differently than many cloud providers, just with more “ownership and self regulation”
• The people running these find that it takes a lot of work and need a salary. They also want to get hosted somewhere better than someone’s house, so they look for colocation facilities and worry about HA and DR.
• They keep growing and draw the ire of companies for hosting copies of licensed resources. Ownership (which this article says we don’t have anyway) is hard to prove, and lawsuits start flying. The COA has to protect itself, so it starts having to police what’s stored on it. And now it’s no better than what it replaced.

Something that’s always given me trouble is sharing my music.

If I hear a cool song and want to send it to a friend I have to go to YouTube.

And many of my friends send me Spotify tracks. The share feature of Navidrome has been incredible for this.

I can send them a link and have a listen party with them and then erase the link when were done.

It’d be nice to have this feature in more of the self hosted apps.

Thank fuck I neither desired nor ever used Kindle. I used either my library app to read e-books or getting my booty from the high seas!