With Cloud “Drives” I mean end-user cloud storage like Dropbox, Google Drive, iCloud Drive, Nextcloud, etc., not “dumb storage”.
So, I never really used cloud drives, for privacy reasons. I think anyone that’s really into IT, knows that (most) cloud storage can’t be trusted. You can consider anything you put into one of these clouds to be “public information”, i.e. don’t put anything on it that you don’t want to be public (seen by the provider, leaked with hacks or security holes, NSA, etc.).
First some background info about the current state of things, the desired state of things, and then my conundrum.
Backups (current state)
Instead, I use a Synology NAS with several HDDs running with RAID6. But as you probably know, a RAID is not a backup. If the NAS falls off the shelf, or the place burns down, and the disks are ruined, the data is gone. And buying a secondary NAS and fill it with HDDs as backup, gets too expensive too quickly (large HDDs in particular are costly).
So, for now, I use the NAS as dumb backup storage (samba), with the original data remaining on my devices, as it’s unlikely that both will fail at the same time.
Sharing (current state)
Synology NAS provides “Synology Drive”, which also allows you to sync and “conveniently share files”. I barely use it, and just sync some files. Here’s the thing, though: While I would like to use it to share files, I don’t trust it to share files publicly: Synology NAS updates arrive with quite some time in-between them (for my taste), my upload is not that fast, and I don’t want bad actors to try to DDoS my home network. In other words, it’s technically publicly accessible, but I wouldn’t want to share it/link to it publicly when I want to share files. I just don’t trust it and don’t have the bandwidth. It’s OK to share with close friends, though, where I know they won’t re-share or do anything funny, but that’s limited to small files, as again, I can’t compete with the bandwidth of cloud drive providers.
Backup (desired state)
I wish I had some properly redundant, always-online, backup solution. I mean, where I can back things up somewhere, and there’s almost no chance of “accidental data loss”. Of course, one should always have a backup of the backup, too… 😰
Sharing (desired state)
I wish I could just securely and easily share files, without DDoS or bandwidth being my problem.
I could, of course, properly self-host Nextcloud. But to reach the level of redundancy/fault-tolerance/almost no chance of data loss, I’d have to build a cluster, set it up at two physical locations, have off-site backups etc. and the amount of money, time and effort to do this, is beyond anything reasonable for one person.
So, the next best thing, would be to rent some servers somewhere, and build my cluster there. It would save a lot of maintenance work/time and costs. But I’d still be responsible for it to operate well, to back things up, and it’s all a lot of work (when you do things properly, that is, I’m not speaking about “set it and forget it”).
So, further down the line, one could simply pay for managed Nextcloud, where the provider manages the cluster, they do the backups, they guarantee a reasonable level of uptime and redundancy. This would pretty much cut down maintenance to zero, and costs would be lowered massively, too.
Going even further down the line, one could simply buy into Dropbox or similarly big provider, where uptime, redundancy and bandwidth are industry leading, and costs are down to a minimum, too. And as a bonus, these commercial solutions are usually well polished with an advanced set of features, and things tend to work more reliably in general.
But, do you notice a pattern?
We started with something, that has an unreasonable amount of maintenance and cost, but probably unbeatable privacy. Then we went down the line, and the further we moved towards lower maintenance and cost, the less privacy we had. I also feel that further down the line, your data is safer (in terms of not having to fear data loss).
So, this is my conundrum. I’d like to have something as reliable and polished as Dropbox, but with the privacy of self-hosting Nextcloud.
I even considered to actually buy into Dropbox, and then just stuff everything into Cryptomator (encrypting files before upload). But if I have to stuff everything into Cryptomator first, I am defeating the “conveniently sharing things”. I just wouldn’t feel safe (privacy wise) with Dropbox. I’d feel a lot safer (privacy wise) with Nextcloud, but not as safe in terms of data loss (because of DIY screw-ups and such).
I used to self-host Nextcloud at home, BTW. But that was a simple solution, just to sync a few things. Nothing where I would have archived/backed up things for good, for the same reason as the Synology NAS nowadays.
I recently saw that Hetzner has extremely cheap storage, which is what made me re-evaluate my backup strategy. I also saw that they provide managed Nextcloud, which also intrigued me. I don’t know how that looks in practice, but as for data-loss, they claim: “[…] chances of a complete failure very minimal”. They have redundant disks, and perform backups several times a day (to a separate host), which sounds good. Update: Hetzner **only** backs up managed Nextcloud, they do **not** back up their storage boxes.
I could perhaps also do a mix of “dumb storage” with BorgBackup, for proper (and encrypted) backups, and then managed Nextcloud to store some documents, sync things, and as public file share.
But I also evaluated Dropbox, I even have it installed right now. I’m happy with the features it offers, but I don’t feel comfortable at all with it (privacy), and it’s almost all in Cryptomator.
Note: Google Drive, iCloud Drive and Dropbox offer similarly priced plans (best pricing I found), but Dropbox is the only one that also offers a Linux client and advanced features. Also, I’d never use Google for this sort of thing. And yes, there are old reports from back when the NSA considered including Dropbox into one of their programs, unfortunately we don’t know if that happened, but I wouldn’t be surprised.
Ugh. Why can’t we just live in a world where people are nice, don’t judge each other, and respect privacy, so that I could just use whatever without having to worry?
I sometimes envy those people who don’t care/worry about these things. It makes life a lot easier, they just use whatever works for them, and are happy, and seem to be mostly doing fine.
I usually end with a conclusion, but this time I just feel lost.
The goal of this article was to share some thoughts, some personal pros and cons, to hopefully get insightful feedback from my readers (like you!).
I usually write guides and help people, now it’s your turn to guide me. :D
I had some thoughts since, and I describe them here.