Cloud Storage and Sanity
I have a lot of Apple devices in my house hold, my family and I have become accustomed to the ease of use, and deep integration of iCloud in iOS and MacOS devices. Appleâs recent announcement to add their child safety technology to iOS 15 and MacOS Monterey has been met with a lot of concern, not all of it unfounded. The EFF has written a few fairly compelling pieces about the dangers of this technology.
The flurry of news and opinions circulating through my normal reading lists has really started to tickle some of the more paranoid neurons in my tiny brain. I have to admit I go through cycles of digital privacy paranoia every so often, and not just for my own personal data - but also to make sure Iâm not contributing to the problem of digital surveillance by stripping this site down to just the bare essentials - see my privacy policy for details.
Personally, I am of the opinion that you canât expect absolute privacy from cloud providers. They need to protect their services in order to stay in business, and I sympathize with some of the concerns they have. For instance, I host a few sites for family members and have considered opening up hosting services for others, but any hosting on my end would come with a caveat that if you host egregious shit - Iâm going to shut off your site, lock you out, and turn you over to the police. What would count as egregious shit would be completely up to me. Why would I expect anything different from Apple, Google, or Microsoft?
As far as iCloud goes, Iâm actually less concerned about the photo upload hash comparison than I am about the iMessage component, but Iâll let you make your own judgments.
This post is really about the wayâs I think about cloud storage when Iâm not bogged down in anxiety over a foreign or domestic intelligence service aggregating my data. If that's a legitimate concern for you then please disregard anything I have to say here.
This post is my attempt to avoid the tin foil hat lifestyle
I think the best way for me to start would be to illustrate why I think self hosting is not the best option for most of us.
Self hosted is not an option for most individuals.
The cost alone of self hosted options makes it unreasonable for most people. Most cloud storage providers will give you 2TB of storage for around $10 a month.
To purchase a bare minimum NAS with comparable storage, youâre looking at $500 dollars on the very low end and if you replace it every 5 years (good luck getting 5 years out of a cheap unit) youâre spending a little over $8 a month (not including electricity) on something you have to maintain yourself.
Unless youâre tech savvy you wonât be able to access your files outside of your home network and even if you are tech savvy your storage and sync wonât be as reliable from a slow upload connection at home as it is from the cloud.
I can already hear someone screaming at me through the void âI have great upload speeds, with no problems!â Go ahead and add the cost of your fast upload speed to the cost of your NAS.
Self hosting is simply not an option for most people. It costs too much, requires too much know how, and is only more secure and private if you know what youâre doing, and have the money to spend on upkeep. A misconfiguration or software bug in your NAS, network, or endpoints could quickly kill any privacy gains.
About security on self hosted storage.
Privacy is not the be all end all of security. Can your NAS survive a fire, tornado, earthquake, or volcano? Not to mention a toddler knocking it off a shelf, a stray football thrown in the basement, or a random sudden disk failure. Data protection isnât just protection from bad people - itâs protection from all sorts of things. Do you really want to risk losing all your family photoâs, because your teenage son and his friends were playing games too close to the rack that holds your NAS?
People tend to focus their security practices on confidentiality, while forgetting about integrity, and availability. Data on a home NAS is almost unquestionably more confidential than data in a public cloud, but data integrity due to mechanical failure, fire, or some other cause of loss is just as important for data security and I donât think a $500 investment is going to get you anything even remotely comparable to what you get for $10 a month from OneDrive, iCloud, Dropbox, or Google Drive. Often youâre still going to need some offsite, probably cloud type, backup.
Not that you donât need a cloud backup if youâre using a sync service like those I listed, you do, but if the point is to remove a public cloud vendor from your life you canât do it for just the cost of a cheap NAS - you still have to trust someone along the way.
You really need to ask yourself if what you are gaining in confidentiality (if anything) is worth the trade off in availability, and integrity. I doubt most people will get any benefit from a home NAS - especially since many people will want to have access to it from the internet and will unknowingly expose themselves to other attack vectors by opening access into their home network.
How long can you really expect to self host?
I recently turned 40 - if Iâm lucky I have another 40 or maybe 50 years to live. Of those 40 or 50 years probably at most 30 of those years will be in house large enough to justify the space for local storage, and after the age of 70 will I want to keep up with a home network? Maybe, but probably not - plus if I were to die along the way would the other members of my family know how to operate my self hosted storage systems? Probably not - and Iâm betting most of you donât have families who could or would be able to operate something like that either. As I get older Iâd rather make it easier for family to get access to financial documents and photos, over the endless worry of government surveillance.
Assuming Iâve got another 600 months of life in me, at $10 a month for file and photo storage Iâll be spending around $6,000 on cloud storage from now till I die and I wonât have to find shelf space for it, or fiddle with fancy networking⌠I think thatâs a not terrible deal.
Things I consider when looking at cloud storage
Assuming youâre are using one of the big cloud provides Apple, Google, Dropbox, Microsoft - their security and privacy practices are probably not that much different. I havenât read all their privacy policies and this isnât a sponsored post so do your own research on that end. Iâm just telling you how I think about cloud storage in order to stay as sane as possible.
Integration, Interoperability, Data Ownership
Assuming relative equality of security, privacy, and capacity on the big cloud platforms these are the next big 3 considerations for me. If you are using a Linux desktop your storage options are going be far narrower than mine since at the moment I only use MacOS for my desktop.
Integration: between MacOS, and iOS iCloud is seamless, so thatâs a check in the pro category for me in iCloud. But OneDrive has similar features at least for file storage, and is probably better if you are in a household with mixed Apple and Windows machines. The only thing that keeps me on iCloud is that I think the photoâs app is far superior to anything on Office 365 and photo sharing between family members is way too convenient for me to give up.
Data ownership: in a legal sense iCloud is where it should be - Apple doesnât own your data. From a practical perspective itâs a little more complicated and that brings me to the next point which is interoperability - if you âownâ the data but itâs difficult or impossible to move it to another platform do you really own it?
I have set my main desktop up to keep a local copy of everything - with a backup to a different service just in case I was ever locked out. In iCloud you âownâ your data, but if you want to make sure you can move it around you should check your settings and make sure you have enough local storage to keep a local copy - I donât think this is a uniquely Apple issue one of the weaknesses of cloud storage is the lack of portability.
On the Data Ownership point I actually think Google is ahead of Apple and Microsoft here for two reasons.
- With Google drive I can actually request all my data (or parts of it) to be extracted from Googleâs servers and downloaded to my computer. Apple offers something similar in iCloud.
- Secondly, you can set up a trusted contact who can download data youâve designated for them in the event that your account becomes inactive. For example if I were to die - my wife could still get access to my photoâs without having to know my Google account info.
- On this point I suppose you can just share account info⌠but in some sense thatâs a violation of terms of service and the control you get with the trusted contact means you can set more than one person and control the types of data they can get.
Interoperability: When I say âinteroperabilityâ Iâm thinking of two specific and different things.
- Interoperation between different cloud providers. i.e Portability
- Compatibility across multiple operating systems.
On point 1 none of the cloud providers are all that eager to work with each other, so youâre unlikely to find many tools that make it easy to move your data without an intermediary. Surprisingly, in this case it looks like Apple does provide an exit route at least for photos to be migrated to Google using the data privacy tools theyâve created. As with Google drive you can also use this site to download a full copy of pretty much everything Apple knowâs about you from iCloud. At the time of writing (August 2021) Iâm not sure if Microsoft or Dropbox offers anything similar.
Ransomware Protection
OneDrive and Dropbox both offer a system of versioning your files and will help you recover in the event of a ransomware event on your home computer. As far as I know Google and Apple donât offer anything as robust for their cloud customers which is a shame and I hope itâs rolled out sooner rather than later. Iâm guessing it wonât be too long till we see a large scale ransomware attack on MacOS. I don't worry much about it at the moment because I don't download torrents - but at some point that might not be good enough.
Recommendations
- Donât listen to strangers on the internet.
- Note: Iâm a stranger on the internet. đ
- Donât trust free services.
- Note: This entire site is free đ
- Donât download random crap from the internet.
- Note: you downloaded this site from the internet⌠whether or not itâs crap is left to the reader.
- Donât try to replicate robust cloud storage systems with a cheap NAS. Unless you know what you are doing - and your claim to knowledge can be corroborated by at least one unbiased person.
- Note: I donât run a home NASâŚ
- Try not to pull out the tin foil hat.
- I havenât yet made a hat, but sometimes I think I should.
- Donât eat yellow snow.
- Note: ⌠no comment.