💾 Archived View for zaibatsu.circumlunar.space › ~visiblink › phlog › 20190223 captured on 2022-04-28 at 17:37:08.
⬅️ Previous capture (2021-12-03)
-=-=-=-=-=-=-
One of my goals in the last few months was to move my personal data onto a self-hosted server. To that end, I spent a fair amount of time setting up a Nextcloud instance. Then, yesterday, I learned that in 2017, the Nextcloud developers scanned for all known Nextcloud instances and reported those that were not up-to-date to ISPs and security agencies[1]. I am one of those people whose ISP does not permit non-business users to have a server, so the last thing I need is Nextcloud reporting me. I won't even begin to discuss what I think of them reporting users to security agencies because this phlog would degenerate into a fury of expletives. I do understand what the developers hoped to accomplish. They did not want to be responsible for insecure servers and did not want their 'brand' tarnished by security breaches. I get it. But I think this is the last time I will ever install any open-source software from an entity that has for-profit leanings. They just don't get what open source is supposed to be about. If I want to run an insecure server (I don't, but if I did...) that's my business, and I don't need some dev reporting me to my ISP and the local version of the NSA/CSIS. Anyways, I closed the router firewall port to my Nextcloud instance and for now, it's only available on the LAN at home. I'll probably shut it down and start syncing via USB again. Sometimes I hate the internet. [1] https://www.reddit.com/r/selfhosted/comments/5ybmf1/nextcloud_scanning_peoples_owncloud_and_nextcloud/