New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Carefully worded tax returns.
And because 8 or 9 out of 10 VPS I found on LET (and pondered and checked and then purchased) are solidly in the 'damn good enough' category and about a third even are "yay, really nice and fast and reliable plus decent support".
Inferior product has features a,b that I need
"Superior" product also has features c,d,e that I don't need
All things being equal, things are never equal
Depends what inferior means and what is the price difference.
I prefer the rule of 3: 3 different back-ups, at 3 different times in 3 different places. This generally protects against "inferior product" hiccup. If i can have that and save some money compared to a "superior" product but only one location, you can figure out what I would chose.
For live, dynamic hosting, not back-up, storage, etc, it is way more difficult to use something with low uptime, however, even then, there is a trade-off. It it costs me basically nothing, i prefer 1-2 days a year downtime, maybe even one week, than pay top dollar and still have some downtime.
hetzner.com is down
I think it's really down to the eye of the beholder, let's run with your example of self hosted storage vs Google Drive.
If you have no issue paying the slight premium for the conveniance of Google Drive, while ensuring the data is correctly backed up and set / forget on your part, then go with that.
If you're more interested on having a fun project, then sure buy a VM with a large raid protected drive and spin up NextCloud but I personally wouldn't put anything I wanted to keep long-term on something I didn't really have control over, and that argument can be said for Google Drive and any other storage solution out there.
And just sometimes, the Superior product from a logical standpoint is not always the best one for your individual use case.
With a VPS you can have control, just export the storage as a block device and create an encrypted container/drive you mount on your machine only. No keys are stored remotely at any time and the communication is completely secure even over untrusted networks.
Yup this is true, although it kind of takes away from having remote storage right? I personally use a Google Drive account so I don't have to concern myself with having a local backup of my backup, and I was more inferring to the VM suddenly going offline, or losing data due to misconfiguration with the RAID, or the RAID not being monitored and enough drives die to have data corruption etc etc.
They're not mutually exclusive. You pay higher for more important data and lower for less important data. Plus, you trust google with your data (or your client), not me-- you can use encryption of course but the added hassle of bringing that into the process is no different than self-hosting.
Not really, why you think that? The storage is remote, just decrypted locally on the fly.
I have trouble following again.
I don't trust anyone with my data, this is why I use encryption AND multiple back-ups. It is way easier to mount a block device somewhere than using encryption with google drive. A container would have to be downloaded in full to be decrypted. It works for back-ups, of course, but not if you would also wish to access the data live. With a VPS I have 2-in-1 AND can run various things on it, which I can't do in Google Drive.
Don't get me wrong, I get it why people would like to use google or other providers, I was just explaining there are plenty of usage scenarios when that would not be enough or simply not work. With a VPS I have a cheaper product, with much-much more functionality at the cost of unreliability. For back-up of a back-up beats Google by far.
Well it takes away from the ease of remote storage, as you'd have to download the entirety of the encrypted container to be able to decrypt it, so in cases of live data (video / playback etc) it would be counter intuitive, but as you've said in your second reply to @mosquitoguy, your use case is far more unique so a self hosted solution works best for you.
As I said in my initial comment, "I think it's really down to the eye of the beholder". Use case is a massive factor when it comes to self storage or managed plug and play.
Saving money is exactly how I spend more money. Every single time I pass on what I want for a cheaper alternative, the clock starts ticking before I admit it isn't as good and then buy what I wanted.
Too much assumption here. E.g. you can use encfs and encrypt on a file-system level instead of block level. You can use rclone with google drive as well to get the same thing. The difference is that in self-hosted, all of that plumbing is on the server side whereas with google drive the encryption is on the client side and you have to carry that baggage around if you want to access your gdrive from different places.
Nope, as noted, you can MOUNT the container or device over the network and decrypt locally. It does not have to be downloaded, the necessary blocks will be downloaded and decrypted only, this is why a block device makes sense, I have an extra drive in my device (I use iSCSI for personal reasons, other people prefer NFS and I understand that, but even CIFS can work).
One more thing, I use IPv6 only to export over, good luck scanning /64 for the ports.
Nope. Leaving the encryption server-side opens you up to attacks when the keys can be extracted from memory, the encryption must always be on your device so the keys never leave it.
Block level is, in my view, safer, no structure or any pattern can be used to guess anything. I default to the simpler and safer solution.
Once again, I am not saying my user case is the only solution, I am just clarifying some aspects I see have been misunderstood.
https://www.vice.com/en/article/v7dk8m/googles-ai-powered-inclusive-warnings-feature-is-very-broken
well thats another reason to avoid google
First, that's idiotic. You're implying everything you need to encrypt must be on your phone because it's on your body (presumably) all the time. Second, do you think computers actually process data never leaving the encryption pipeline? Forget the encryption keys. Everything that's in memory is unencrypted.
Why do toffs prefer expensive shit when it's clearly terrible value?
I guess the reason for that is most people are short-sighted. They value short time gains more than long-term value.
Not really but the keys are, this is why I need to have it on my device only. If you stopped calling names and learnt how encryption worked you would have known what I am talking about.
The blocks downloaded are encrypted until they arrive on my device to be decrypted. This means they remain encrypted even in the memory of the remote machine. An adversary would see only some random blocks read and dispatched even if has full control of my remote machine. The keys on my device will be needed to decrypt anything (or bruteforce but that would be cumbersome and long).
My hourly rate is $45-$75, sometimes more if I bill by project instead of hourly.
Then I have some products I sell from $7-$997.
Joined April 7 -- who are you an alt of?
In case it's unclear, you're misinformed and wrong. Client side encryption makes way more security sense than server side and that shouldn't come as a surprise if you had a background in security. Server side encryption allows for certain features that wouldn't be possible with client side encryption, so that's the functionality vs security trade-off.
I do know what you're talking about. end-to-end encryption works only in the context of a continuous pipeline like chatting from point A to point B, or saving a file from your house to a disk on a remote server where the data is opaque.
Transactions involving non-opaque data never uses end-to-end encryption -- there's no such thing. When you do online banking, that TLS encryption stops at the server and everything is decrypted in memory, processed, then saved to disk. Without decrypting the data, the server won't even know what transaction its looking at. It needs to know what you typed in order to execute the transaction.
You're babbling about end-to-end encryption like the solution to world hunger but my point is that 99% of the things you do online are not end-to-end encrypted.
I am talking only about storage (back-ups and live storage). If you would have bothered to read then you would have known that.
That's why I said it's idiotic. Storage by itself has no point. So you run a site that's not end-to-end encrypted, and then your backups are end-to-end encrypted? lol. If your front door is made of wood, there's no point in having a steel door at the back.
Cheap whores. Budget entertainment or nasty bags of aids? Discuss.
Another "back-ups are useless" guy.
Who says it has to be a site? I back-up my photos, videos, crypto wallets, customer data on the servers (I don't know what they have there, might be public or not and I must assume they would not like it to be unencrypted and I have to have back-ups offsite too).
I back-up my workstation, the family laptops, we keep our data "in the cloud" and we share access to encrypted containers where we have copies of documents like insurance papers, the deeds of houses, contracts, things you would like to have after a fire or earthquake, war or the like if you survive.
If you don't have a site, then you're only using the CPU as a means to access a remote drive (99% idle). Again, idiotic, but a lot of people make money from people like you and that makes the world go round.
You clearly do not know what you think you know. You should take your attitude down several notches.
Cheap is relative.
When they charge $5 for what the rest charge $100..