Cloud storage has become ubiquitous in modern society. The most widely-used example, I think, is the one that comes prebundled with our p…

  • delirious_owl@discuss.online
    link
    fedilink
    arrow-up
    1
    ·
    7 months ago

    Again, i dont recommend nextcloud because it doesn’t encrypt everything. Same for other cloud providers. I wouldn’t use it unless everything is encrypted client-side and it cannot be turned off.

    It is a big deal if you self host. If you server is owned, your data is compromised, because the server can read your data.

    • Dark Arc@social.packetloss.gg
      link
      fedilink
      English
      arrow-up
      1
      ·
      7 months ago

      To be fair, if your server is taken over, there’s a good chance your other devices have been compromised first/as well, in which case you’re already in trouble.

      • delirious_owl@discuss.online
        link
        fedilink
        arrow-up
        1
        arrow-down
        1
        ·
        7 months ago

        No way. Servers are easier to compromise because they’re online all the time and by definition exposed to requests from the public internet

        • Dark Arc@social.packetloss.gg
          link
          fedilink
          English
          arrow-up
          1
          ·
          7 months ago

          You can have a server without a public IP; that’s totally doable. An internal server that’s only accessible from LAN or a VPN is still a server.

          Also, the majority of compromises happen because of user error (e.g., someone opens/runs the wrong thing) or an unpatched machine, not because of an exploit in server software/because the machine is always on. This is especially true in the business world where it’s often a combination of human error and the network not being segmented/ACLs not being set properly/etc (lots of cases of human error).

          It’s also not that unusual for someone to keep their e.g., desktop always on or their laptop/mobile device in a low power state where it still has network activity despite being “off.”