Last week I mentioned the open source privilege. It has a big brother: the self-hosting privilege. Escaping surveillance is one valid motive to self-host, but not everyone can do it.
Let’s design tech that solves systemic problems. Let’s include the busy ones, the families, the elders, those who don’t know and those who can’t afford to care.
Let’s take care of society as a whole.
https://ergaster.org/posts/2024/01/18-escaping-surveillance-capitalism-at-scale/
@thibaultamartin I regret so much effort are put on FLOSS web apps that need to be hosted. We need more P2P stuff: think syncthing not nextcloud. Protocols matters: http and DNS are the past, until we stick with those protocols we are stuck.
@lutindiscret @thibaultamartin HTTP server-apps are easy to develop, there's established support and tooling around.
P2P, or zero-conf self-hosting at home NAS, is definitely nicer for users.
Convenience matters.
Deployment of HTTPS apps at home NAS behind private IP is hard.
Non powers users won't do it, and will pay a service.
Power users often choose to not go through lots of effort, and opt for paying for service, too.
@lutindiscret @thibaultamartin I'm long time searching for HTTPS alternative for client-server communication, where server can be easily self hosted in network without public IP.
Something, that would allow own servers with convenience of typing address (scanning QR code) to browser.
Something, that doesn't require installation of native clients, to operate with specific P2P protocol / way of self-hosting.
Something, where I can just share a link, or QR code, zero install on their size.
@lutindiscret @kravemir @thibaultamartin the requirement of not wanting clients that support custom protocols makes it way harder. You are basically stuck with HTTPS then since there's no other protocols you can use in a browser. The best you can do then is something like ngrok which can be a proxy to your local service but then you're stuck paying for a service again. You need to use new clients if you want to break free of https.
@mauve @lutindiscret @thibaultamartin I am afraid so,...
Alternatively, are there such general purpose clients, or protocols, where people can install the client (like HTTPS browser), and open a link shared to them?
Still, in context of client-server mechanism, full authn/authz, where one data (NAS) owner revoke further access if needed.
And, if there are no such general purpose clients, do you know of (low level but reusable) protocols to build a specific purpose (app/api specific) client?
@kravemir @lutindiscret @thibaultamartin Your best bet for "out of the box" stuff would be to use the Tor Borwser and set uo your NAS with some hidden services. It's a bit slow but it's the most mature option and gets the job done. I've been looking at options to add to @agregore for this use case too. https://ipnslink.com/ looked appealing but it got abandoned. Also gonna be experimenting with #veilid once I get the hang of it
@mauve @lutindiscret @thibaultamartin
Tor's onion service looks like a "workable" solution. Though, NAS file sharing would unnecessarily burden the network, simple STUN/TURN would be enough, no location hidding needed. I have never used Tor yet.
IPNS LINK is based on IPFS, which is something like decentralized P2P file sharing/replication platform. I don't have confidence in privacy, and end-user-client to Origin (IPFS Link term) encryption.
I'll check @agregore later. And, Veilid, too.