Either that, or it’s the new way of installing applications on your own computer. These just happen to be web accessible.
Also, Trust, but Verify.
Even if we had fantastic regulations, we’d still have scammers and hackers out there.
If my data never leaves my systems, my risk of exposure is far smaller.
I’ve self hosted long before the privacy nightmare of modern cloud/SaaS platforms was a thing. I do it because I enjoy it (and at the time I got started, I had crap internet so having good local services like offline Wikipedia was important).
Not everyone has to self-host. I run lots of services, mostly for myself, but friends and family who don’t know a system driver from a bus driver also use them. So the expectation that everyone self host is and always has been “pie in the sky”. And that’s okay.
Privacy regulations are all fine and dandy, but even with the strictest ones in place, you still do not own or control your data. You’re still subscribing to services instead of owning software. You can’t extend, modify, or customize hosted software. Self hosting FOSS applications addresses all of those.
So rather than expect everyone to self-host, we should be working towards communities offering services to one another, pooling resources, and letting those interoperate with each other.
To make fun of an old moral panic in the 90s: “It’s 11pm. Do you know where your data is?” Yep, it’s down the street in Matt’s house.
You can’t extend, modify, or customize hosted software. Self hosting FOSS applications addresses all of those.
But:
rather than expect everyone to self-host, we should be working towards communities offering services to one another
How exactly are “communities offering services” a different thing than “hosted software”?
Trust.
I trust my brother more than Google. Same with Jim down the street.
I trust my circle of acquaintances more than Google (et al) , especially since Google (et al) have demonstrated, repeatedly, to be untrustworthy.
In fact, they’ve demonstrated they are outright adversarial to me and mine.
How exactly are “communities offering services” a different thing than “hosted software”?
I think what they’re saying is that the ideal wouldn’t be to force everyone to host their own, but rather for the people who want to run stuff to offer them to their friends and family.
Kinda like how your mechanic neighbor sometimes helps you do shit on your car: one person shares a skill they have, and the other person also benefits. And then later your neighbor will ask you to babysit their kids, and shit.
Basically: a very very goofy way of saying “Hey! Do nice things for your friends and family, because that’s kinda how life used to work.”
How exactly are “communities offering services” a different thing than “hosted software”?
It’s a lot easier to ask Matt down the street to customize or add a feature than it is to ask Google, FB, etc.
Case in point: I’ve run my own email server since 2013 or so. I’ve got friends and family that use it. One of my friends asked if there was any way to setup rules to filter emails and such. I was like “yep” and added on Sieve to Dovecot and setup the webmail (Roundcube at the time) with the Sieve plugin.
Granted, that’s a pretty basic feature that pretty much all commercial email providers offer, but the point is someone asked for it and I made it happen for them.
Also: Matt probably won’t sell my data to Palantir and ad tech businesses.
Privacy regulations are all fine and dandy, but even with the strictest ones in place,
They’re also subject to interpretation, regulatory capture, as well as just plain being ignored when it’s sufficiently convenient for the regulators to do so.
“There ought to be a law!” is nice, but it’s not a solution when there’s a good couple of centuries of modern regulatory frameworks having had existed, and a couple centuries of endless examples of where absolutely none of it matters when sufficient money and power is in play.
Like, for example, the GDPR: it made a lot of shit illegal under penalty of company-breaking penalties.
So uh, nobody in the EU has had their personal data misused since it was passed? And all the big data brokers that are violating it have been fined out of business?
And this is, of course, ignoring the itty bitty little fact that you have to be aware of the misuse of the data: if some dude does some shady shit quietly, then well, nobody knows it happened to even bring action?
Exactly. I’m just here to say that regulation isn’t a solution to corporate malfeasance - at best it is a patch until the corp lawyers figure out where the loopholes are or how to accomplish the malfeasance in a different way.
I can and do self host, but I’m not willing to provide these services for free. I don’t want to be responsible for other peoples passwords or family photos.
Thats where good, privacy-respecting services come into play. Instead of hosting for my neighbours, I would recommend mailbox.org, bitwarden, ente or a hosted nextcloud.
Note that you don’t know what the hosters know, store and/or sell about you.
There is no way to be 100% sure, but:
- bitwarden and ente have open source clients that ecrypt all data locally in a way that the provider can’t restore data
- nextcloud isn’t optimal, while you can encypt data at rest, the provider might be able to spy on you
- With mail providers it is difficult, but mailbox.org has my (personal) trust by building their business model on data protection and open source
That’s okay, too.
For me, I only let people I know use them (friends and family) with the exception of my Lemmy instance, of course.
I’d be running these for myself whether anyone else used them or not. Unless I’m hosting for hundreds of people, the cost to run these services is the same as it is just for myself. Granted, I don’t have people gaming the system trying to backup their entire PCs to their email inbox, but that’s where the trust factor comes in (only hosting for people I know personally).
As far as being responsible for all that goes, again, the small audience of people I know personally lets me explain that it’s all “best effort”. That said, I do take my own backups seriously and they benefit from that.
Right. I think the real vision isn’t that every single person self-hosts, but every community has somebody in it who does the self-hosting for the community. Everybody can be independent like villages instead of totally centralized like empires
every community has somebody in it who does the self-hosting for the community
That’s what (e.g.) Google and Facebook do: Host software for the community.
And if you’re one of the people who can crack a beer open with the owners of Google, then you found your right community.
However, in the general case, I don’t think these count is any individuals communities. You can’t rub elbows with the people maintaining Google and Facebook. You can’t talk to them about issues you’re having, they’re not going to dynamically modify the system for special cases that are important to your community. A community is a group of people who know each other.
They host software for anyone to use, and capture all the data, usage patterns, etc, for themselves, to use for their benefit, and to use against you.
Hell, Google deleted a company’s entire dataset recently. Everything. And you want to sit here and tell me they’re the answer?
Are you just an apologist for FAANG, etc? Because you’re really sounding like one at this point.
Who’s paying you to post this disinformation?
They host software for anyone to use, and capture all the data, usage patterns, etc, for themselves, to use for their benefit, and to use against you.
So I guess that we can agree that data stored on other people’s computers will not be safe. I honestly wonder why you think other people’s computers are safer if you know their names.
And you want to sit here and tell me they’re the answer?
I would be very grateful if you would only judge what I have written and not what you think I might have meant.
Are you just an apologist for FAANG, etc?
There is no reason to attack me personally, my friend.
Who’s paying you to post this disinformation?
Just in case I’m fundamentally misunderstanding your personal attack so I don’t report it to the moderators without cause: What is ‘disinformation’ about my pointing out that Google and Facebook host software for other people (even if they have their own motives)?
That’s like saying a farmer will put cheese on a piece of cardboard for the mice to eat.
They might eat it yes, but that wasnt the reason for the whole interaction to start. The glue around the cheese was.
I’m glad that you see my point that “other people hosting your data” is not really a good idea.
If you expect your IT cousin/uncle/brother hosting the family immich/nextcloud to not be a trusted person in regards of bad actors your issue is not exclusive to selfhosting.
It’s a solution for me. 🤷
He’s right we need laws. He’s wrong that it’s a relief valve or that we take pressure off the heinous privacy violators. We aren’t even a rounding error to them. They don’t care.
the tech community keeps waiting for everyday people to take the baton of self-hosting. They never will—because the effort and cost of maintaining self-hosted services far exceeds the skill and interest of the audience.
The same argument could have been used a century ago to claim that everyday people would never switch from trains to private cars, because the effort and cost of maintaining a car exceeds the skill and interest of the travelers.
Nah, self-hosting is still a solution. And when I self-host, I don’t even need an internet connection to access my files, movies, photos, security cameras, etc.
Yes, we can fix privacy laws, and put in a lot of faith that they will be followed or that our data won’t be lost/sold. But I think everyone benefits when they are in control of their own data.
What we need are more accessible self-hosting options so that even computer n00bs can set up and cut ties with these mega corps.
before I read the article, I wholeheartedly disagree with the title.
Self-Hosting not only brings control back into your own hands, but also hones your skills at the same time.
I think it’s not as much as we expect everyone to host theirs themselves, but that it’s possible at all so multiple companies can compete without having to start from scratch.
Sure there will be hobbyists that do it, but already just on Lemmy users already have the freedom of going with lemmy.ml, lemmy.world, SJW, lemm.ee and plenty more.
It’s about spreading the risk and having alternatives to run to.
I’m confused because the article talks about self hosting on a VPS and how many self hosted services could stand up to legal action?
That sounds like it’s describing running a public service for others. Self-hosting IMO is running something for yourself, it doesn’t even need to be on the public internet 99% of the time.
Running a service for others is just plain old hosting.