SelfPrivacy is in “Open beta” and promises to make setup and use of email, messager, password management, video chat and other services simple by leveraging the likes of Hetzner, Cloudflare, and Backblaze.
I stumbled on the app while browsing the F-droid app “store” and had never heard of them. I think the proposition is neat and while I’m comfortable hosting most of these services myself, my curiosity has been piqued. Searching for it elsewhere on the web as far as privacy rating, reviews, etc has left me empty handed. I dont’ know if they’re just too new or not. So I’m curious if anyone has tried them out or looked into it further.
You can do all of that on your own.
OR, you can create a single attack vector that can potentially be exploited and put everything at risk, at the same time.
If you’ve ever worked in, or adjacent to, IT, then you’ve heard the phase “single pane of glass”, meaning you can manage all your infrastructure, or IOT, through a single terminal/UI.
This is basically a single pane of glass that you’re getting through a side loaded repo, to manage your entire digital life. That means it can also become a single pane of glass for anyone able to exploit that application i.e. supply chain attack, phone AND/OR app specific vulnerabilities, etc.
Would the Freedombox fit that description?
Not really, sort of, but different threat models IMO.
The app this thread was about is asking to become a single pane for external services e.g. cloud, which is why it requires your Hertzner API.
For the following, I’m reaching into my memory hole, so definitely check elsewhere to confirm before doing anything.
FreedomBox, if I recall, is basically Debian Linux with a variety of self-hosted tools that are easily configurable e.g. Media servers, torrents, NextCloud, etc. It’s been around for a while and I don’t recall ever hearing anything bad about the project.
Ultimately, sure, you’re still trusting the maintainers to some degree, like with any distro/spin, but that’s a judgement you’ll have to make for yourself.
If you’re going to use Freedom box for all of your most critical and private parts of your digital life, then you should probably weigh the risks more heavily, than if you’re just going to make it a media and torrent box.
I guess my question was geared more towards what would happen if you chose to host the entire box on a VPS server somewhere, or heck, even had it at home from a publicly accessible IP address / port. At that point, wouldn’t it essentially be the same “single pane of glass” setup as you describe above?
I guess when it comes to trusting the distribution maintainers, I take that for granted… After all, if I didn’t, at that point one would have to write off a ton of Linux distributions entirely for server usage… I think. If I understand the argument correctly, anyway.
Anything with “Freedom” in its name sounds sketchy.
I think that software package is an exception to the rule, but I see where you’re coming from.
The other side of that being Security through Obscurity.
If you’re not running all your stuff through a major well-known host like Google or Amazon you’re less likely to be a target than if you’re just self-hosting.
Supposedly Google and Amazon have “good” security, but they still get hacked.