The author mostly just hand waves away self-hosting. There's an analogy that compares it to suburbia, but unlike the suburbs where you have to drive 40 minutes to get anywhere interesting, … an Internet hosted service is just as accessible, anywhere. It's a vapid analogy.
The only substantive argument I can see is that the technology is immature:
> Well...without exposing our services to the public internet and forcing our friends to signup for our weird app
Which, yeah, of course the tech is, there's only like a dozen people doing this. The exact hurdle named is hardly insurmountable: in the standards, OIDC overcomes this¹, or guest links. I don't want my family signing up for my weird app either.
One of the other big hurdles is that ISPs like to sell "Internet access", but only deliver half the deal. If you're not getting IPv6 connectivity in the year 2025, I'm sorry, that's a crippled product that your ISP was defunct and didn't properly inform you of when they sold it. (It's a lot easier to self-host on the v6 Internet. Some of my personal services are v6 only b/c of that, and that it works well enough in all but the most extreme or temporary locations.)
(¹but the half-baked OIDC implementations out there might require you to pre-register your app with them. That, rightly, might be a PITA.)
I've thought deeply about this topic but from the pro-suburbia side and I actually agree with the analogy. At a bare minimum if you want to be independent you need a domain which is ~$10/year. That's a small amount but it's already more than most people will pay. (IMO this is irrational if you're paying >$500/year for cellular service but I digress.) Good home servers like Helm (RIP) or Umbrel are $300+ upfront. A good NAS that can also self-host is even more. As you said, if your ISP sucks maybe you have to upgrade to "pro" broadband that's more expensive. Ultimately you're spending hundreds or thousands of dollars on a worse replacement for services that are already "free".
Self-hosting is like spending money putting a swimming pool in your backyard when you could walk to a public pool instead.
I've always thought it would be great for the government to provide a free domain name for every citizen. There's really not much you can do without DNS.
Paying $10/yr for a domain is well worth the cost just to be free of attaching your entire digital life to a gmail etc account that can be easily taken from you with no recourse.
But beyond that self hosting is a hobby. It’s not nearly turnkey or cheap enough to justify unless you enjoy the process of self hosting itself.
There are other benefits outside the monetary equation of course like control of which the value is dependent on the self-hoster.
The one thing I desperately wish Umbrel shipped with was an easy way to network with other Umbrel users for backup and accessibility. Let people set limits in terms of how much storage they're willing to allocate to others. REQUIRE end-to-end encryption on backed up files. But help people create their own community micro-clouds using each other's computers.
To me, the risk of backing things up in one building is too high, but the inconvenience of going even somewhere else in my own town regularly enough to rotate my backups is too high. But if my family members and I could easily back up each other's systems from our various states? Or my group of dorky college friends who are now all over the world could easily share with each other? We'd be all over it.
Distributing your backup over the spare storage of many other NAS servers is the main idea behind Storj, which provides a remarkably cheap price per TB per month.
What I really want, though, is literally just for there to be an Umbrel "Backups" app that lets me choose as a backup location one (or more) friend's Umbrel(s).
Redundancy is the main thing all these Docker-wrapper systems are missing for general use.
You get this wrong. The expensive part isn't the tech at all. You can self-host a lot of things on a old laptop in a drawer while you access it via your routers wireguard VPN connection, without any domain renting.
The expensive part is aquiring the skills needed to pull that off.
I disagree. From experience (see my username), self-hosting is hardly expensive. A $50 ex-corporate SFF with a couple of large M.2 or SATA SSDs will be a lot more powerful and easier to set up and manage than a Raspberry Pi, while not drawing much power. The ongoing costs are larger than not self-hosting, but not terrible - unless you want a symmetric connection, the domain name renewal is the expensive part.
Nope, normies pay with sovereignty. Given the entire ecosystem (Microsoft, Apple, Google and Meta being the main ones) is trying to rob me of it, I'm happy hosting what I need and can handle admining, paying for what I need and can't handle admining, and saying no to the rest.
How is responding nope make sense? Many people don't know to build immich or ZFS etc. I do know some self-hosters losing data from just a poweroutage etc. So there are self-hosters that also cry.
The problem is that people still believe that if they don't pay money, a service is free. But so many do not question why it is free. Hint: Not because Google just wants you to succeed and have a good life. And then, without any second thought, they literally upload their whole private digital life.
I have a .net domain that used to point to the nameserver at my house. It works fine, although if your IP changes you have to update your glue records and whatnot. You can get free secondary DNS service from a several places. All I paid was the cost of the domain registration.
These days I have a Debian instance running at DigitalOcean that costs me $6/mo that acts as my primary DNS, with my home server as the secondary. I'm paying more, but I use that Debian instance for a few other things as well so I don't mind. The major benefit is I no longer worry about my IP changing at home, but it's not absolutely necessary.
I totally agree. I see this "people don't want to do hard stuff" argument used all over - completely disregarding tens of thousands of years of people doing hard stuff.
It comes off to me as the author not wanting to do the hard stuff of working towards their values. Just kind of defeatist and trying to make a splash but leaning on a pretty weak premise.
Most people do not give a rat's ass about the security of their data. They know their social media apps are tracking where they go and who they meet, and they'll say it's creepy if you ask them, but they don't actually care enough to lift a finger to do anything about it.
> completely disregarding tens of thousands of years of people doing hard stuff
a) Just because humanity as a whole did hard things, doesn't mean that most humans did or were willing to. It's perfectly possible that all the hard things we did were accomplished by a handful of remarkable individuals, doing things that the majority never would have been willing to.
b) just because people in one age have been willing to do things, doesn't mean they are willing to do so in all ages. So it's not like the past necessarily proves anything here.
If you want to be relatively certain hetzner cannot access your data, you need your own server and confidential computing enabled, that’s not cheap anymore.
You yourself have hand-waved away an important part - security. It's not (just) about the friction of signup (though, I'll get to that later) - it's the fact that you'd be utterly insane, as an individual developer without a full-time security team, to expose a self-hosted application to the Internet.
And sure, you can give them a login to your VPN, but that doesn't negate the next part...
> and forcing our friends to signup for our weird app
> in the standards, OIDC overcomes this
It's not the signup that's the hurdle. It's the fragmentation. Sure, if you implement OIDC, your friends can sign up to your photo app. And they can sign up to Sam's, and Joe's, and the app of the cute bakery on the street, and a couple others. What then? The whole value of a network is that the components are interconnected and can intercommunicate. If I have to upload my photos seventeen times to seventeen different partitioned applications for my various social groups to see them, I'm just as likely to not bother.
Fediverse-like ideas go some way towards addressing that, but they don't seem to be in any state of usability for anyone non-technical (I say that as someone who was using Mastodon as my only social media for the last couple of years)
> you'd be utterly insane, as an individual developer without a full-time security team, to expose a self-hosted application to the Internet.
You don't have to. The article mentions Tailscale--the whole point of which is to not have any Internet-facing app exposed. Everything is done peer to peer between clients that are behind firewalls. There's nothing listening on an Internet exposed socket for random connections to come in.
Read on in my comment for the more important point about fragmentation. Average non-technical users won't - and shouldn't have to - accept having to switch between different Tailnets to access different instances of similar apps hosted by different people. Heck, most average users would bounce off of the idea of having to install and use Tailscale in the first place.
(I use Tailscale myself for accessing my own private applications while on the go - but I don't believe it's a practical solution for generic widespread access)
I think both cases pose similar risk from security standpoint. I'm not perfect, they aren't either. There's a lot of nuance about attack surface, available tech/resources, effort of average employee vs mine etc. But all in all let's call it roughly equal.
I just prefer to host by myself and I think it's perfectly reasonable alternative. Far from "utterly insane".
The only substantive argument I can see is that the technology is immature:
> Well...without exposing our services to the public internet and forcing our friends to signup for our weird app
Which, yeah, of course the tech is, there's only like a dozen people doing this. The exact hurdle named is hardly insurmountable: in the standards, OIDC overcomes this¹, or guest links. I don't want my family signing up for my weird app either.
One of the other big hurdles is that ISPs like to sell "Internet access", but only deliver half the deal. If you're not getting IPv6 connectivity in the year 2025, I'm sorry, that's a crippled product that your ISP was defunct and didn't properly inform you of when they sold it. (It's a lot easier to self-host on the v6 Internet. Some of my personal services are v6 only b/c of that, and that it works well enough in all but the most extreme or temporary locations.)
(¹but the half-baked OIDC implementations out there might require you to pre-register your app with them. That, rightly, might be a PITA.)