How to Get Secure & Sovereign Personal File Storage - The Sovereign Computing Show (SOV006)

In this episode of the Sovereign Computing Show, hosts Jordan Bravo and Stephen DeLorme delve into the importance of self-hosting to maintain control over your digital data. They highlight the benefits of using NextCloud, an open-source suite that can replace Google Drive, iCloud, and other big tech solutions. They discuss various hosting options, including third-party providers like enclaive.io and the ease of self-hosting with StartOS. The episode also explores how to setup photo and file syncing, and why this approach enhances your digital sovereignty.

Chapters

• 00:00 Introduction and Personal Experience
• 00:33 Welcome to the Sovereign Computing Show
• 00:50 Sponsorship and Community at ATL BitLab
• 02:01 Discussion on DOGE and Data Security
• 08:35 Minimizing Your Digital Footprint
• 17:13 Boosting and Main Topic Introduction
• 17:55 Self-Hosted Files with NextCloud
• 20:50 Confidential Computing and Enclaive.io
• 26:02 NextCloud Features and Getting Started
• 37:14 Alternative Self-Hosting Solutions
• 42:32 Conclusion and Call to Action

Links

• Jordan Bravo
• Stephen DeLorme
• Boost in on Fountain.FM
• Perplexity Deep Research Chat About DOGE
• NextCloud
• Enclaive
• Immich
• SyncThing

Transcript

Jordan Bravo: [00:00:00] It just kind of quietly does its job sitting there next to my router. And I don't really think about it too much. And I got to say the wife approval factor is two thumbs up. We've been able to have transfer all of our data, all of our docs, our file, our photos, our videos. And, um, it automatically uploads from each of our phones. My wife is using iOS. I'm using Android. And we can also share things together.

Jordan Bravo: Welcome to the Sovereign Computing Show, presented by ATL BitLab. I'm Jordan Bravo, and this is a podcast where we teach you how to take back control of your devices. Sovereign Computing means you own your technology, not the other way around.

Stephen DeLorme: This episode is sponsored by ATL BitLab. ATL BitLab is Atlanta's freedom tech hacker space. We have co working desks, conference [00:01:00] rooms, event space, maker tools, and tons of coffee. There is a very active community here in the lab. Every Wednesday night is Bitcoin night here in Atlanta. We also have meetups for cyber security, artificial intelligence, decentralized identity, product design, and more.

We offer day passes and nomad passes for people who need to use the lab only occasionally, as well as memberships for people who plan to use the lab more regularly, such as myself. One of the best things about having a BitLab membership isn't the amenities, it's the people. Surrounding yourself with a community helps you learn faster and helps you build better.

Your creativity becomes amplified when you work in this space, that's what I think at least. If you're interested in becoming a member or supporting this space, please visit us at atlbitlab. com. That's A T L B I T L A B dot com. Alright, on to our show.

Jordan Bravo: Welcome to the Sovereign Computing Show. I'm Jordan Bravo, and I'm here today with Stephen DeLorme.

Stephen DeLorme: [00:02:00] What up?

Jordan Bravo: Today, we have, rather than a specific news article, we're going to talk about something that's been in the news in the past. The last few days or so, and that is the Department of Government Efficiency or DOGE and all of the, uh, data that they are harvesting and gathering from various government agencies, and there's been some controversy or concern about whether these, whether, whether DOGE is doing this in a secure manner, whether they are going through the proper channels and hoops and various regulations to do these properly, or whether they're irresponsibly grabbing data and doing all kinds of AI analysis with it and just being, um, less than secure with it.

Stephen DeLorme: Yeah. And instead of pulling up a single news article, uh, I went to perplexity, which I acknowledge isn't the most sovereign way to compute, but, [00:03:00] uh, I do like my AI tools, especially for information gathering. I asked, what evidence do we have of DOGE collecting the personal information of us citizens?

Please try to be as specific as possible. For example, which departments did they get the data from? What kind of information is it? First name, last name, address, something more serious like date of birth, social security, or really serious like medical info, tax info, etc. And do we know what sorts of safeguards are in place for this data? And it used a DeepSeek model and like scoured the internet and it came up with this kind of stuff. Um, and so it looks like, you know, well, before I like launch into this, I think it might be good to just like mention overall, but like trying to like separate out the, like what data was accessed. And was it protected separate out that matter from like politically how we feel about DOGE?

Because like, you know, personally, I kind of like the idea of like trimming, you know, trimming the fat of the U S federal [00:04:00] government. Not everybody's going to agree with me on that. Um, but that's how I feel having said that I can still, you know, analyze, like separate out this issue in my mind of like, Well, yeah.

What kind of data does the government has have on all of us and was it accessed? And so, uh, we'll put a link in the show notes to this, um, perplexity chat that you can look at, but it does a very good breakdown. So stuff was accessed from treasury department. Office of Personnel Management, Department of Education, Student Aid Systems, Internal Revenue Service, Health and Human Services. And it cites sources to like news articles and stuff like this. And so it then breaks down for us the data sensitivity and risk profiles. Tier one, identity theft enablers. Social security numbers, uh, full names, birthdates, financial identifiers, like bank account numbers. So some of this data was accessed. Then you have tier two stuff like exploitable health data. That's medical [00:05:00] diagnoses, prescription histories, and disability status. Um, so apparently some of this was accessed. And then tier three, national security adjacent information, security clearances, um, classified agreement records, and the military service data. Um, and then it goes into a breakdown of the safe safeguard implementation or lack thereof. And it is interesting. This is where it gets into a little bit of, I don't know, territory where it's a little bit hard to kind of parse if there's actually a problem or not, um, because it does go in and break down to like, okay, um, you know, for example, DOGE access systems using shared efficiency underscore team at DOGE dot gov credentials. Rather than individual PIV cards violating OMB M2209 requirements for multi factor authentication. Wow. That was a mouthful. Um, but like, and we can break down that for a second. [00:06:00] It doesn't necessarily mean that like, okay, the email address that they used was insecure. What it means is that the way in which they accessed the data in that scenario was not up to par with a pre existing Um, government standard and like one thing I can tell you is that like there is all kinds of like security theater out there in the corporate world and probably in the government world to, um, where it's just like here is our standard operating procedure for how like, you know, sensitive data is handled. And it is a bureaucratic rule that the standard operating procedure be followed in all cases. It doesn't mean that there aren't five or ten other ways of handling the data that aren't also secure, right? It's just that those aren't the approved ways of doing it. So, do we know that this data was handled securely?

I, I, I don't necessarily know. We do [00:07:00] know that it wasn't handled according to standard operating procedure. Um, so yeah, that's a whole mess of information. I'm going to stop right there and let you chime in on this, Jordan.

Jordan Bravo: I haven't followed this too closely, but from what I can gather, it sounds like you have the, these processes in place in the federal government, which is notoriously bureaucratic, and you have DOGE coming in and saying, we need all All of this data and the, the typical response would be, okay, well fill out form a, b, c, d, e, and f and do all of these things, follow all these procedures and, um, and DOGE just sort of overrode that and said, no, we don't have time for that.

We're trying to be efficient. We're trying to move quickly here. So we'll just ignore a lot of these regulations and processes and just grab the data and do what we need to do with it. And, you know, regulations be damned. Um, [00:08:00] so I, I really have no opinion on whether that's a good thing or a bad thing. Uh, but here is, here's the way I see it. If the information was already in government databases, that's I think that's a problem to begin with or, or rather having too much of our personal data to begin with. It, to me, it doesn't concern me anymore if it's in the hands of DOGE or if it's in the hands of some federal bureaucracy. Uh, I'm concerned with how can I minimize that data getting there in the first place. And so a lot of the things that we've talked about in the Sovereign Computing Show so far, um, one of our previous episodes, we talked about email addresses and decoupling it from your identity, as well as using aliases for different sources. That would certainly help out minimizing your digital footprint from any, being in any of those databases in the first place. Another thing we talked about in a previous episode was, [00:09:00] Phone numbers and how you can decouple those from your identity and have multiple phone numbers for different purposes. Again, this would help you minimize the amount of databases that you're in with your number and your identity being attached. And that includes these government databases so that if you have an entity like DOGE or, or maybe it's someone else that is completely untrusted, like Chinese hackers or some other hacking organization. and they get the data, and then it's leaked onto the dark web. This would, these are preventative steps that would help that, regardless of who gets their hands on the data.

Stephen DeLorme: Yeah, I think that's a, a, a good way of putting it, because, um, when you think about it, it's like, okay, let's say DOGE was not in there accessing this data.

Well, the data is already, you know, it's still sensitive data, and it's still sitting there on all these government servers to begin with. Somebody inside the government could screw up, right? Like It, it acts, you know, act, [00:10:00] whether nefarious, whether intentionally nefarious or just by accident, somebody could screw up and his data could leak anyways. And so if the data leaked, well, you know, shit, your data just leaked. Another scenario that's kind of, you know, again, just gets into it, like how ludicrous are, um, uh, you know, digital world is, is that a lot of times when you want to like onboard, you know, use a business and they need to KYC verify you, or they just want to, you know, uh, mitigate risk, they ask you for all of this personal information anyways, like you apply for a job.

I remember. I remember working behind the counter at retail when I was like a teenager and people would just like write their social security number on the job application and we'd have a stack of like 50 of these things behind the counter and it's like, we weren't like trained in like data security and all this shit.

There's like tons of social security numbers. That we had access to. So a lot of times you're signing up for all these services online. They want [00:11:00] all of this personal information anyways, just so that they can ask the government or use a tool like LexisNexis or something to verify, Hey, like, is this a real person or something to that effect?

So, and if it, if it wasn't the government leaking the data, it would be these third party services. Leaking the data that we're already using anyway. So I think the question really is, how do you protect yourself? And as you already pointed out, if you're worried about things like email addresses and phone numbers, you can use the tools discussed in previous sovereign computing episodes for that. Um, I think another thing too, might just be like the mindset of like, um, thinking about what kind of data you give out when you sign up for services. So, you know, really think about like when you are like filling out a form for a website. Do they need your home address, like do they genuinely actually need your home address for identity verification or are they just, you know, asking, you know, like, you know, so they have as much data as possible because you could [00:12:00] give a fake address, like they don't, they're not entitled to your personal information. You could also give a P. O. Box. You could have a P. O. Box where you have, um, mail or packages shipped to, because you might not want to share your personal address with everybody on the internet. Um, you know, obviously be careful with your social security number, but the fact of the matter is, is that social security numbers have been leaked so much on the internet already that I don't really see it as like a valid form of identity verification anymore.

Anyways, that's just part of the kind of ludicrousness of the world that we live in, um, trying to think, are there any of the like pieces of data other than email, phone number, address that we could like. Reliably obscure and in this, uh, you know, data collection apparatus, we live in?

Jordan Bravo: Nothing comes to mind.

And to a certain extent, some things that exist in a government database are going to be. Unchangeable. So if you are a tax paying citizen, for example, there's going to be some of your [00:13:00] financial information in the treasury departments and the IRS is databases, right? Just by necessity. So I don't think there, you can't scrub your, your, all of your information out of these databases. Period, uh, assuming you live on the grid and have a paycheck and pay taxes and that kind of thing. But, um, we can certainly minimize our footprint.

Stephen DeLorme: Yeah, I guess you could, uh, you know, live off of Bitcoin forever. And, uh, I mean, there are people who do that who just like have no bank accounts. And, uh, you know, for a lot of people, that's a tough way to live, you know, especially, uh, you know, if you have like a mortgage and, you know, you're raising a family and all that, but hey, these are options that are available to you.

Yeah. I mean, you can, you can put in your safeguard. So if your bank account information does get leaked, I mean, think about the basics. Do you have a strong password on your bank account? Do you have two factor authentication on your bank account? Um, one thing I think that's under discussed with stuff like bank accounts and all these is. A lot of times, they ask us for really [00:14:00] stupid stuff, like, especially like, older, more archaic um, uh, online banking systems. They'll ask you these like, security questions, like if you lose your password, like, what was your mother's maiden name, what was your first car, what was the first concert you attended, and all this kind of stuff.

And it's like, At first glance, that seems simple, but no, people will guess that stuff. If they, if they've gotten your data in a data dump, they might, they probably already know your mother's maiden name. They probably know where you grew up. And so they can interpret like, or they can intuit like, okay, you probably went to like one of these 10 high schools. they they can, you know, there's a lot of these things they can just guess. And it's probably a lot easier to guess where someone went to high school or what their mother's maiden name is rather than a random number. So one thing you can consider is just make up bullshit security questions. Like if you have your password manager, um, and somebody, um, ask [00:15:00] you, uh, what the first concert you attended was don't actually put the first concert, put some bullshit answer and store it in your password manager.

Jordan Bravo: Yeah, I do that. And what I would recommend is. Don't even try to come up with the bullshit name on your own. Just use your password managers, random word generation feature, and then store it in that account. And I've been doing that for several years now, and it works really well. Um, I don't think you should try to come up with it for yourself for the same reason that you shouldn't try to generate your own password. And that is that we as humans are not great at randomness. So we tend to, uh, let patterns slip into those kinds of things, even when we don't realize it.

Stephen DeLorme: Yeah, because if, if, if someone's trying to guess, you know, where you went to high school, they're going to be going through a dictionary of possible names of like normal sounding high school names. And so probably, um, so if you, even if you try to make up something, if it's like something that could feasibly be [00:16:00] a real high school name, it will end up in their dictionary. So. Uh, don't do that. It's like it, you're almost just treating the security questions. Like there are other random passwords. Um, you know, you can put automated notifications for your bank accounts.

You can freeze credit if you want to. There's things like that. So it's like, I think for me to, to, to kind of like maybe move this topic towards con, you know, conclusion at least for now, is that, um. I think that I don't know personally that I'm actually really that worried about, um, you know, DOGE leak leaking all my personal data, but the, the steps that I would take to defend myself were that to happen would be the same steps that I would already use to defend myself from third party companies leaking my data.

Jordan Bravo: Third party companies, government. Agencies really anyone that doesn't need to have that data.

Stephen DeLorme: Yeah, [00:17:00] yeah. Sovereign computing mindset can, you know, whether DOGE is an angel or a demon to you. The, the, the sovereign computing mindset can protect you either way.

Jordan Bravo: All right. Before we get into our main topic, I want to remind everyone that you can boost in with your sats and your messages. Go to fountain. fm and search for the ATL BitLab podcast. That's going to be your easiest way to send in a boost. And you can, uh, use the fountain podcasting app, or you can send it from your other lightning enabled apps.

All right, what we're going to talk about today is a great solution that is going to really take a huge step in the sovereign computing direction for those of you who have not done so yet. And we're going to talk about self hosted files. And what that, [00:18:00] what that refers to is right now, most of us use either we have Google drive or we have iCloud and all of our photos and videos and documents. Are all synced to that automatically. And it's just sort of become the de facto method of computing these days. And what we're going to do today is talk about how we can replace one of the, these big tech solutions with one that is completely under our own control. And the primary. And the third app that we're going to be using , to affect that is called NextCloud. And for those of you who haven't heard of NextCloud before, NextCloud is a completely open source suite. And you can host this on your own, or you can get a third party service provider to host this for you. And let's talk about hosting it on a third party first. Nextcloud. com And you might wonder, isn't that just as bad as having it on a third party like Google or, [00:19:00] um, Microsoft or Apple or any of these other parties? And a couple of reasons why this is actually a better solution. One is, The code, the apps itself, all the programs are open source and they've had a lot more eyeballs on them. A second one is that instead of being, if you have a third party provider, most people will not have heard of it. And instead of being a giant honeypot like Google or iCloud is, which is. They, whenever a hacker wants to breach something, they're going to go for wherever they can get the most bang for their buck, wherever they can get the most data for their breach. So if they breach Google, that's a jackpot. They've got hundreds of millions or billions of users. And so. They, they're also well known anybody who is a hacker, anybody who is a cyber criminal trying to breach data, they want to go for these big targets, whereas some third party provider that you're [00:20:00] hosting NextCloud on, they don't even know it exists. So that's one reason. Another reason is you can actually have them hosted on third party providers that have zero access to your data for technological reasons. And we're going to talk about one here in particular. Um, I want to caveat it and say that I've never used this myself, but it does seem very intriguing.

And so if you are listening, we are looking at a, a site called Enclave. It's enclave. io that's E N C L A I V. io. And the reason that this is interesting is it uses. Some, um, fairly advanced technology to host it in a way that makes it impossible for the provider here, Enclave, to access your data. Um, maybe Stephen, you could talk a little bit more about that technology.

Stephen DeLorme: Yeah, it's, I'm not going to pretend that I understand it super [00:21:00] deeply, though I hope to one day. It's this kind of new paradigm called confidential computing, and it's, you know, I guess the way to think about it is, you know, you know, if you're a technical person, you might be familiar with like concepts like the secure enclave on the iPhone, it's supposed to be this like area where you can store sensitive secrets like passwords and key material. And, uh, it's, you know, once it's in the secure enclave, it's supposed to be, um, you know, you know, very, very difficult to get it out of the enclave without, you know, going through like an actually, you know, the user entering their password and all that. Right. So I kind of think of confidential computing as kind of like a secure enclave, but for actually running compute processes. Um, and, uh, so, excuse me. So the confidential computing paradigm, the way I understand it is that. There is [00:22:00] actually this way that you can generate a proof that like whatever output you get, um, from the computer was, you know, run on a specific kind of hardware and knowing that the kind of hardware that it was run on, you know, you can, you know, then. Uh, you know, verify, you know, just by the nature of that hardware that it, um, uh, you know, was, was not susceptible to eavesdropping. Uh, if somebody knows a lot more about confidential computing, uh, I would love it if you boost in and like school school us on it because I probably sound like an idiot if you actually know what you're talking about.

But. The two kind of confidential compute environments I understand right now are Intel SGX and then, uh, Amazon has one called AWS Nitro Enclave. Uh, so if you spin up cloud containers with like AWS EC2, you can choose Nitro Enclave as an option, um, and that's a confidential compute environment. And I think [00:23:00] actually ACINQ, the, the company that does a lot of, they do a lot of, if you're in the Bitcoin space, you might know them because they, uh, run the Phoenix wallet and all that. Yeah. Um, they have a really large lightning node called, just called ACINQ. It's on the lightning network. And I think that's actually run on a Nitro enclave. That's what I've heard at least. Um, but yeah, so this company is running, uh, NextCloud instances in, uh, confidential compute environments, which is super cool. And if you go to their website, I mean, they have all kinds of stuff. They have like, Confidential AI and all kinds of stuff. So I don't know, it's worth looking into, but that's a whole other rabbit hole.

Jordan Bravo: Does Enclave's website say where they're located?

Stephen DeLorme: Uh, they have a GMBH in their name. So I think they're German.

Jordan Bravo: Okay.

Stephen DeLorme: Um, that would be my guess.

Jordan Bravo: Yeah, that sounds right.

Stephen DeLorme: Yeah. Former executives of Germany's top five cyber companies. We're just looking at their about page. Yeah.

Jordan Bravo: It sounds like they're German.

Stephen DeLorme: I mean, this might be a good like kind of [00:24:00] point to like highlight the kind of cultural difference. I've heard that so many different. Like either government organizations in Germany are so companies in Germany use NextCloud, which is wild to think about. Cause like Google drive and Google for business just seems like the default for any small company in America, but there's, I think just, I don't know if it's just a legal thing in the European union or if it's also a cultural thing, but I think there is a different expectation around, Data privacy in Europe, um, and if you're in Europe, again, boost in and let us know, is this all legal stuff or are we correct on that?

Is there a better, uh, expectation around data privacy? And if so, is that mostly a legal thing or is it also just a general cultural norm around, um, data privacy? Um, but yeah, I've just heard the NextCloud has [00:25:00] like a lot of like usage over there. Um,

Jordan Bravo: Yeah. NextCloud itself, the company, I think they're also a GMBH. So they are based out of Germany. And so they have a lot of their clientele is in Germany, German corporations, German governments, uh, education, that kind of thing. Whereas in the U S it would be either Microsoft or Google typically. And I think it was in 2022 when it was a fairly big announcement that A large portion of the German government was switching from Microsoft Office 365 kind of deal over to NextCloud sort of self hosted or, you know, on prem kind of, uh, solutions. So, uh,

go ahead.

Stephen DeLorme: Uh, well, I was actually going to wonder, uh, it sounded like you had somewhere you wanted to go next, but I was wondering since. We're getting into a little bit into the weeds with the Nextcloud hosting and all of that. But I was wondering, should we dig into a little bit of their like photo [00:26:00] product or any of the like file sharing stuff they do?

Jordan Bravo: Yeah, I think I should talk about what it, what Nextcloud is maybe before we get into the details of it. So Nextcloud is a suite of software and it can completely replace things like Google Drive, Google Docs, Microsoft OneDrive, Office 365. Um, so the typical functionality that all of us would consider part and parcel of having a smartphone and a cloud account, you can completely replace it with something that is self sovereign, privacy respecting, that you control. So, uh, the biggest things that I use, for example, in my day to day life I, I use the photo and file syncing so that if I take a photo on my smartphone, it automatically uploads it to my personal NextCloud server. And my family and I can share that the same way you could share, let's [00:27:00] say, Google Drive files.

I also save my documents to that. Um, and then NextCloud also does my contacts and my calendars. And so we talked about this in the episode focusing on contacts and calendars, but NextCloud out of the box gives you a syncing for your contacts and calendars. And then when you log, so you can use the clients on your phone.

There's the NextCloud client for photo syncing, for file syncing. There's also your, your native Calendar and contacts apps will sync to Nextcloud, but then you can also visit your Nextcloud server in the browser and there's an entire front end and all the apps have a front end suite that you can use in the browser. You can also use, it has something called OnlyOffice, which is like a free and open source version of Microsoft Office. 365, which you access in your browser. You [00:28:00] can also access it in your browser with NextCloud. And, um, a quick aside, there's also a downloadable and installable version, just like there is with Microsoft office. Uh, so I wanted to mention that in case you're the kind of person who likes to use it. Edit it offline because I'm like that as well. I think it's always got a snappier feel and better response when you have the app installed locally, rather than using it through the browser. But I just wanted to mention that really quickly. Um, so, so I wanted to show this off a little bit. And if you are watching the video, you could see that we are browsing the NextCloud app store. And in addition to the basic apps that I just talked about, like contacts, calendars, files. You can use, you can also download and install a host of other apps. So if you have various productivity apps, you can install it into NextCloud with a one, with one click. Um, they have a forms, which is like a Google forms replacement, [00:29:00] um, news. Talk, which is like Google talk or maybe even a Slack type of replacement deck, which I think is, uh, maybe a Kanban board.

Stephen DeLorme: Yeah. It looks like a Trello alternative.

Jordan Bravo: Yep.

Stephen DeLorme: I'd like to run that.

Jordan Bravo: Um, you can use security features like two fact factor authentication and NextCloud even has AI that runs on your NextCloud server, not sending data back to any third party, but it'll do things like. Uh, you get AI file search and AI email completions and, um, I think AI photo search as well.

Stephen DeLorme: Are all these apps that we're looking at on the screen here, because there's a lot of them, are all of these developed by NextCloud or are some of these like third party like plugins?

Jordan Bravo: A lot of these are community plugins, but they are all, uh, open source and they are semi curated by NextCloud.

Stephen DeLorme: Hmm. [00:30:00] Yeah, because I was looking and I was like, wow, there's a lot of these things.

Jordan Bravo: So how does one get started with NextCloud if they are interested? Well, like we said, you can use one of these third party providers. If you go to nextcloud. com, they have a list of other providers. One of them being that Enclave that we recently talked about that is a secure and has, has a secure computing hardware, but there's a whole host of other providers, however, For me, the holy grail is self hosting on your own server. And the way you can do this very easily is with, uh, StartOS running on a home server. So for, we've talked about this before, but Start9 is a great solution for self hosting for, uh, on easy mode. They make a operating system that allows you to run a server without any command line usage, without any Linux experience.

You can just. Point and click in a [00:31:00] graphical user interface. And one of the things that you can install, they have a list of apps as well in their marketplace. And one of them that you can install is NextCloud.

Stephen DeLorme: Does I wonder if Umbrel does it now too? Cause I know like Umbrel is kind of like pivoting. To like be, um, I don't know, like, uh, Hey, we're not just a lightning,

Jordan Bravo: the app store.

Stephen DeLorme: Yeah.

Jordan Bravo: Yeah. So, uh, Umbrel started out as being a Bitcoin and lightning node and it looks like now they have a host of other apps as well. I'm seeing NextCloud, Plex.

Stephen DeLorme: I mean, they kind of pivoted to be a little bit more like Start9 from Start9 from my perspective. Um, they, they, I think when I, they first launched, I remember them kind of marketing themselves as like, become Bitcoin woo. And then they kind of switched it to more of like, all your apps, all in one place, you know, sort of thing. So there's a lot of overlap. Um, I don't know, do you have like a preference between the two? [00:32:00]

Jordan Bravo: Um, I like StartOS, uh, for a couple of reasons. One, I think technically they have a pretty hardcore security model where they've They've taken, um, they started out with Debian Linux and they've really done a ton of work on the operating system itself to secure it. I think Umbrel from the last time I checked, I could be wrong and out of my information be out of date here, but the last time I checked Umbrel seemed more kind of like a slap dash solution that they just kind of threw some apps and scripts on top of a Linux distribution. That's no shade to Umbrel. I know a lot of people run it and it works great. But that's just the impression I got. Uh, the other thing is, is simply a character, uh, enjoyment that I get out of seeing all of the Start9 guys on podcasts, interviews, and meeting them in person, they all seem to really have the sovereign computing [00:33:00] mindset. And, um, I just think that. Seems like they have a really good mission that aligns well with the kind of stuff we talk about here.

Stephen DeLorme: Do you run it on Start9? Or do you run Nextcloud on StartOS? Or do you have like a home home-rolled solution?

Jordan Bravo: I have my own Linux server that I've built up on my own. But I have run Start9 and StartOS. To play around with it. And I really enjoy it. Um, it's just that for me, I'm very, I'm a technical person.

I'm a software engineer. I have a lot of Linux experience, so I was able to set this up on my own. I did it partly for learning purposes, but also because I wanted it to be configured in a very specific way. Um, but I would say for those of you who have no interest in Linux or the terminal or any of that advanced stuff, I think one of these graphical installers like Start9 or Umbrel is, is a great way to go.

Stephen DeLorme: How, how hard is it to maintain? Like, uh, just, I'm just [00:34:00] curious. I know for most people aren't going to go to Linux and install it from command line, but. Do you find yourself needing to maintain stuff a lot on it? Like,

Jordan Bravo: Uh, no. It was a lot of work upfront to get things rolling and then now I hardly ever think about it. Maybe once every six months or once a year, I might, uh, check in on it and run an update just to make sure I have all the latest software. But then it just kind of quietly does its job sitting there next to my router. And I don't really think about it too much. And I got to say the wife approval factor is two thumbs up. We've been able to have transfer all of our data, all of our docs, our file, our photos, our videos. And, um, it automatically uploads from each of our phones. My wife is using iOS. I'm using Android. And we can also share things together. So for [00:35:00] example, we have a shared folder where, uh, I might be taking photos online.

She's taking photos on hers. They both upload to our respective accounts. But then we can drag some, some of them into our shared folder and say, Hey, these are the ones from little Johnny's birthday. Check them out. And then this is also great for sharing with the extended family.

So instead of sending a Google or requiring my family to have a Google account or something like that, or an iCloud account. I can just send them a link comes right back to my home server and it's a gallery that I've curated for them and they can click through and download high res versions of all the videos and photos that I send.

Stephen DeLorme: Oh, that's cool. I like that.

Jordan Bravo: Yeah. Um, on a similar topic, I mentioned before that they have NextCloud version of Google forms. Um, you can also do that. These are great tools to be really sovereign. I'm still like. You could send somebody a, a form for them to fill out, and that's all on your own. [00:36:00] Nextcloud, you could send them, um, let's see, what are, what are other things that we tend to send people in our daily lives, our, our digital, productive lives?

Stephen DeLorme: Polls, maybe?

Jordan Bravo: Yeah. Uh, Nextcloud has polls, I believe.

Stephen DeLorme: What?

Jordan Bravo: Yeah. So we've got polls, we've got forms.

Stephen DeLorme: He even has a podcast player.

Jordan Bravo: Oh, wow. I know there's also an app. I'm not sure if it's third party or if it's already installed with the calendar app. But it's basically like Calendly, if that's the way to say it.

Stephen DeLorme: Oh yeah, yeah, yeah.

Jordan Bravo: Yeah, so it's like, it's like Calendly, but it's on your own Nextcloud instance. So you can have people, you send them a link, they click it, it opens up a page that allows them to schedule a time with you and puts time on your calendar.

Stephen DeLorme: I like that. I really like that. Yeah, that's cool.

Jordan Bravo: Uh, any, anything coming to mind, Stephen?

Stephen DeLorme: I need to [00:37:00] give NextCloud another shot. That's all cool. I just need to set aside some time to actually give it another shot.

Jordan Bravo: Um, I'm going to talk before we completely move off the topic of self hosting. I want to give a shout out to an app called Immich. That's for those of you listening, it's I M M I C H. And what this is, it's a different app that you self host, but it's meant to be a replacement for Google photos and videos. And it's, It doesn't do standard files. It doesn't have the full kind of office suite nature of NextCloud, but it's really focused on just being a great user experience for photos and videos. It's got everything from a beautiful viewer to the kind of. Extra features that you would expect from Google photos and iCloud, where they have AI search. So you might type in, um, Paris trip, [00:38:00] and it's going to show you all of the photos from your trip to Paris or cat. And it's got all of your cat, cat photos. So it's using AI to do that search.

It's also got a feature.

Stephen DeLorme: Sick dinosaur photos. Sorry, I'm in the image demo right now. Like looking at their pictures.

Jordan Bravo: Yeah, we're looking at the image demo server. It's also got the feature that iCloud and I think Google Photos has of It shows you memories. So it'll say this time last year, and it gives you a cute little slideshow, or it shows you a bunch of a slideshow, a bunch of photos and videos from a particular event.

Stephen DeLorme: Yeah, this does seem very nice. I mean, it reminds me of what was that Google used to have some application that you could use to like upload photos to them or whatever a long time ago.

Jordan Bravo: Before Google Photos?

Stephen DeLorme: I think it might have become Google Photos. But I'm trying to think what the name of it was. I thought it began with [00:39:00] a P or something like that.

PL something. I don't know. There was like, there was Flickr that a lot of people used for photos. And then there was some other service with a, you know, clever name with like a vowel taken out or something like that. I thought Google bought them or something like that. Um. It was, um, I don't know, this like, this reminds me of it a lot. Um, just the, the UX of that kind of service, uh, it feels familiar to me. It looks very nice looking, looking through the interface. I mean, you know, it brings up all the photos, very big. There's no, like, there's not a lot of like negative space between the photos.

Jordan Bravo: And it's supposed to have really good optimization for loading so you don't wait a long time.

It's got nice resolution.

Stephen DeLorme: It feels snappy. I'm just like zipping through everything with an arrow key.

Jordan Bravo: It's also got a mobile app for iOS and Android that are [00:40:00] supposed to be pretty slick. The reason I'm saying supposed to be is I've heard a lot of good things. But I haven't actually installed it on my server yet to try it out personally.

So I don't want to, uh, speak without experience there.

Stephen DeLorme: Well, I like this timeline. It shows you the dates on the right hand side of the screen. We can go back to 2001. Wow. This person was at a hut in 2001. Uh, anyways.

Jordan Bravo: All right. Before we close out the app focus segment, I want to give a. Honorable mention to something called SyncThing. And if you are interested in a solution that doesn't have a big tech, uh, solution behind it for syncing and backing up your files, check out SyncThing. This, the reason that I'm mentioning this as an honorable mention is because it's not actually going to give you the same experience of having a server that's hosting your files. What this does is you don't need a server. You just [00:41:00] have, let's say your laptop. Your and your phone, maybe you have a desktop as well, but you just put the client, the sync client on each of those devices and it will sync the files between them anytime that they have internet access. So you don't have a centralized server.

That's ho that keeps your files, but it does keep your files in sync across your devices. But the nice thing about that is that no server is required.

Stephen DeLorme: That is pretty cool. It reminds me of how Obsidian Sync works, which Obsidian might be a good thing to discuss in a future episode. But yeah, I mean, the basic gist of how that, yeah, it sounds exactly like what you described.

Like, I can set it up on my laptop and my phone and I'll always have the same files on each of those. Just kind of nice. It's actually, it's actually kind of a clever way of thinking about it. That it's like, if you already have all of these devices. Then you can just, um, you know, instead of like paying for some backup or [00:42:00] whatever, uh, some kind of backup service, you can just keep copies on all your devices.

So that works for some things, I think.

Jordan Bravo: And it goes without saying, or maybe it doesn't go without saying, but we try to use open source solutions whenever possible. Cause that gives us a little more assurance that no funny business is happening. Um, and SyncThing is fully open source.

Stephen DeLorme: Yeah, I think that's a good idea.

Jordan Bravo: Uh, I think that, that, that does it for our topic today. If you want to boost in, you can do that at fountain. fm and search for the ATL BitLab podcast. We'd love to hear your thoughts on today's topic. And let us know if you are interested in any other topics, or if you want to know more about how to host self host your own NextCloud instance or other kinds of solutions for getting off of these big tech services.

Stephen DeLorme: Yep. Boost in everybody.

Jordan Bravo: All right.[00:43:00]

Thanks a lot, everyone. And we'll see you next time.

Stephen DeLorme: Later.

Hey, thanks for listening. I hope you enjoyed this episode. If you want to learn more about anything that we discussed, you can look for links in the show notes that should be in your podcast player, or you can go to atlbitlab. com slash podcast. On a final note, if you found this information useful and you want to help support us, you can always send us a tip in Bitcoin.

Your support really helps us so that we can keep bringing you content like this. All right. Catch you later.