Uncle Jim's Cloud
15 min read

Uncle Jim's Cloud

Part 2 of the "Becoming Uncle Jim" series. It is up to you, the motivated individual, to provide these services to your friends and family members, so that data linked to yourself is not being kept in an undesirable manner.
Uncle Jim's Cloud

"I don't have anything to hide"

How many of us have heard this in response to privacy concerns? This classic comeback is rooted in the human brain's innate belief that you, yourself, are a "good person" and surely not doing anything criminal. So why hide? I would argue this entire framing is incorrect, as it immediately puts one on defense of "hiding". Privacy is not about hiding. Privacy is having the ability to select what you reveal about yourself to others. Unfortunately, default behavior in today's digital world removes that ability, and makes certain determinations about what is revealed to big tech companies for you.

But who cares? I can assume with a fairly high likelihood that anyone reading this cares where there data is stored, and who is able to access it, sure. But besides us, really, who cares? It can be very frustrating, and sometimes downright depressing, to see how careless others are with their data. Personal data points are the hottest commodity on the market these days. Nearly every service we see and use is simply looking for their "in" to be able to properly place an advertisement in the hopes a profit can be made. This is a bit annoying at times, sure, but I can't honestly say I am at all surprised about it, nor am I actually all that upset about the act of advertising itself. I have some problems with the way this data is collected, naturally, but customers being served advertisements that are targeted toward goods or services that they are more likely to buy should be a given.

Surely we can do without the ads, but okay. We are the consumers after all. What should be very concerning, however, is this glaringly obvious societal shift we are all a part of today, to some sort of twisted, perverse form of Puritanism that is dictated not by logic, facts, or laws, but rather by emotional appeals and fear. What should be concerning to any freedom loving individuals is the ease with which government agencies are able to access our data using the ridiculous 3rd Party Doctrine loophole. It should even be extremely concerning that the big tech companies generally tasked with storing our data--be it Google, Dropbox, Facebook, Microsoft, or Amazon--have all essentially pledged their fealty to this odd sort of mob rule currently sweeping through especially the United States, but quickly spreading to every corner of the globe.

Now regardless of your stance on this cultural shift, there is no denying it is taking place and it moves at a breakneck pace. What is considered "acceptable" today, culturally speaking, could very easily be seen as a moral atrocity within a matter of weeks, if not shorter. But what does this mean for you, Uncle Jim, and your close friends and family members? It means that at any time they so choose, these big tech platforms could either refuse to service you or store your files and data, or even in certain cases turn incriminating evidence over to authorities for investigation without having to notify you at all.

It should be noted here that I am in no way advocating for criminal activity, nor attempting to assist you in breaking the law. The entire point is the swiftness with which the law can change. As an example, one tool in the "freedom tech stack" touted by many is that of 3d printed firearms. The ability to manufacture your own firearm in your home using a relatively cheap 3d printer and supplies is considered by many a necessary part of being free to protect yourself and loved ones. The problem with this is, depending on your jurisdiction simply possessing the CAD files used to create these weapons on your devices can be considered illegal. At the very least it would very likely be enough to enable government agencies to open an investigation into your activities, which then does away with the little bit of protection offered individuals by these big tech providers.

"I Still Don't Really Care"

Because why should they? They aren't downloading 3d printed gun files, they aren't on Twitter advocating for others to do everything they can to weaken the power of the State. So then again--why should you offer to help by hosting tools yourself, outside of the control of governments and their corporate cronies? Why would you put in the effort to help someone that very plainly has very little interest in helping themselves? Once again, the responsibility of becoming Uncle Jim falls to you precisely because you understand the dangers and pitfalls, and because you inevitably do communicate and share data--sometimes very sensitive data--with other people still happily asleep in their pods, being good little batteries.

I can virtually guarantee most--if not all--of us have at some time or another shared a compromising piece of data with one of our close friends or family members that very likely made its way to the servers of one of the big tech oligarchs. The default behavior of nearly every app pre-installed on whatever mobile device we choose to use is to backup all of our uploaded data or pictures to their cloud storage solution. And for good reason, mind you, as things such as pictures can be considered priceless by users. After all, what is life but a collection of stored memories at the end of it all?

So there needs to be a solution for users to easily, automatically upload pictures and/or files to a storage solution that allows for users to access them with various devices in the case that your phone is stolen or lost, or if you just upgrade to a new version. There must be something offered which gives us the ability to backup our digital lifelines without having to also conform to the ideals and beliefs of the company offering that solution, or even necessarily to the laws or societal norms of the countries in which we live. If you become Uncle Jim, you have the power to offer just this type of solution today, easily, virtually free of charge.

"So What's the Difference?"

The difference is, by self-hosting your own instance of a service like Nextcloud instead of relying on Google or Microsoft to store your files and other data, you can instead take responsibility of this storage yourself. The previous article provided you with a simple introduction into taking responsibility over storing and creating strong, secure passwords through self-hosting your own Bitwarden, which is a necessity in today's digital world. Nearly every service we use requires a password, which is often times the only defense standing between yourself and would-be onlookers eager to get a peek into your personal data.

As was discussed in that article, true personal responsibility simply does not scale. Most people quite simply do not and will not ever want to be solely responsible for maintaining their own passwords, data, and/or finances. They just want this stuff to work; privacy and security are an after-thought, if even a thought at all. So it is up to you, the motivated individual, to provide these services to your friends and family members, so that data linked to yourself is not being kept in an undesirable manner.

There are several ways to accomplish this goal, including using pre-built Docker, Snap, or Virtual Machine images. As mentioned before this rabbit hole can get quite deep, and unfortunately I have found that many actually get distracted by the depth of knowledge. Instead of incorporating an easy to use, no frills solution to just get the data into a more secure location, they spend days and weeks learning to reverse proxy the reverse proxy while using double HTTPS over Tor and generating randomized onion addresses until finally they are left with a super complex setup that only they understand--and that virtually no one else in their life can or will use.

I would instead once again recommend trying out Yunohost for an exceedingly easy option to get up and running with your very own cloud storage today. The instructions to do this using a Virtual Private Server, or VPS were covered in an earlier article that can be found here. This solution is very simple and cost effective, and gives you both privacy and security, though not quite at the highest level. I want to stress again though, this endeavor can very quickly turn from a productive and useful move toward better options into an endless time-sink whereby weeks are spent looking for ways to do one more "cool thing" to enhance security or sovereignty a little bit more. I urge you to turn away from the temptation of the uber deep dive for the moment, and focus on the goal right in front of your face.

In case you skipped over hosting with Yunohost until now, I will provide a very generalized overview of what you can expect, with links to more detailed explanations if you need them. Yunohost has very easy to follow instructions for installation on a variety of platforms, including using VirtualBox, a Raspberry Pi, or a regular computer, if you choose to go one of those routes rather than with a Virtual Private Server as in the article linked earlier. The service allows for you to use a domain name specific to the Yunohost images if you do not own your own domain. If you would rather purchase one of your own, several providers offer domains for sale today for bitcoin, including Namecheap and others. This allows you to keep your true identity shrouded if you like, as the registrar information collected by Namecheap can be as accurate or as vague as you would like.

Once you have your Yunohost instance up and running, access the Administrator web interface, and choose the "Users" section displayed there. You will need to first add yourself as a normal user, which will enable you to access the applications you next choose to install. Enter the information asked for here, and define a password which will be used to log in to applications in the future. Also be sure to set up an email as well, as important information is sometimes passed to you necessary for further configuration.

From the Administrator page you will be able to navigate to the application catalog where you will find Nextcloud able to be installed with a click. Install the service on either your personal domain or your newly created nohost.me domain and watch as everything is created and configured for you in real time.

Once installed, if you used a domain you own you will need to be sure and configure your DNS records from the domain service provider, as this cannot be done on Yunohost. Instructions for how to do this can be found either here or in my previous article VPS Hosting Made Easy With Yunohost. If you have chosen instead to opt for a nohost.me or other Yunohost specific domains the DNS configuration will be done for you. Getting the DNS records right is important, as you will want to install a Let's Encrypt certificate so that your friends and family won't be met with a scary warning upon visiting your site.

All this is made much easier using the Yunohost administrator page, as one click will show you the exact DNS configuration needed to be entered at your domain provider, and another single click when finished will install the Let's Encrypt certificate for you, enabling HTTPS for your Nextcloud domain. Once you are spun up and ready to rock, simply visit your domain on any web browser and login with the username and password you defined earlier in the process.

I've Got Hosting, How 'Bout You?

Once you've logged into your own self-hosted Nextcloud instance, you will find the ability to configure exactly what it will be used for, and whether or not others will have access to it as well. The entire idea of becoming Uncle Jim hinges on the desire to provide this service not only for yourself, but to anyone else you have contact and communication with, and thus which may be in possession of pictures, files, or data you would prefer were not on the servers of self-appointed moral superiors.

Nextcloud can be used for many purposes, and depending on the amount of technical resources you decide to dedicate to it, has an enormous amount of applications that can be added for integration. For us, for now, what we want is to allow new users to register, because our goal is getting those closest to us onboard. Click on your administrator initials in the top right corner of your Nextcloud dashboard and then select Apps. Once on the application page, from the list on the left side of the screen choose Tools and then scroll up until you see an option to download and enable an application called "Registration".

Once that is done, click on your initials in the corner again and choose Settings, then go to the list on the left side and scroll down into the Administration page and select Registration. From there you have the ability to disable the requirement for email verification, which will save you the trouble of having to set up a proper SMTP email relay for this instance, and let friends and family sign up unencumbered.

You can also choose to require your admin approval for new members to join at the bottom of this screen, so that no one you don't want joining will be able to take up any of your alotted storage space. Again, as noted above there is a ton of stuff you can do with this Nextcloud instance, including enabling server side encryption, enforcing password rules, and linking several more apps. Don't yet get lured off the path by the shiny security and privacy objects though, and instead just get hooked up with your mobile or desktop devices to start storing data on your own server rather than an authoritarian one.

Grab your mobile device or open your desktop and get the Nextcloud application installed to manage what files you want to automatically sync. There is an application available for Android either through Google Play or F-droid, as well as being offered for the iPhone in the App Store. Bear in mind as well that Nextcloud is open-source software, and so source code is available on Github, and Android apk direct download is an option if you so choose. Once you have downloaded one of those releases, open the app and you should be presented with various options to connect to a Nextcloud server.

You would choose Login to Your Nextcloud, as we already have a viable server up and running to connect with. Next you will be asked to enter the url for your Nextcloud server, which will be your domain.

Finally, once the domain is entered, you will have the ability to choose whether to sync all the folders on the device you are connecting, or to instead choose certain files while leaving others. Most likely you will be fine to simply choose Next here and allow the files to be synced with your server.

Once finished syncing, on your mobile device you can access the Settings area and choose which files on your device will begin to be automatically uploaded to your Nextcloud server upon every new entry.

When you select this option, you will be taken to a screen which shows all the available folders on your device to be auto-uploaded, such as your camera. You can either select the cloud icon to link everything in the default settings, or you can select the 3 dots menu next to it for further configuration.

In the further configuration menu, if you so choose, you will need to toggle on the switch at the top, which enables the menu selections below. Depending on the file type you are configuring, you can have further decision making in what happens to the original file when syncing as well.

This allows for the original to either be destroyed, kept on the original device, or copied and kept both locally and in your cloud.

Once you have selected which folders you wish to automatically sync from this device in the future, you are freed up to further explore other settings in the application. These settings include enabling dark mode (a must for any serious privacy and security advocate), setting an app passcode, or syncing a calendar and contacts using DAVx5. Yes, you read that correctly, you can begin the process from right there on your mobile device to download and install DAVx5 application and sync your contacts and calendar using your Nextcloud instance. What does that mean? It means a nice chunk of this ridiculous number of apps that Google uses to collect more data than anyone on you can suddenly become far less damaging to your personal privacy and security. Today. Right now.

Watch the Man Behind the Curtain

Because he is certainly watching you. He is watching you with every available tool at his disposal, which includes apps that many people take for granted as just being part of life today. This is where your job gets truly difficult. Setting up your own self-hosted password manager and cloud storage, while it may take a bit of time and effort, is the easy part for you. That is because you know the worth. Things that appear frivolous to us are often discounted and concerns handwaved away. Too often the damage must become too much to bear before we finally decide to alter our behavior and be more cautious in the ways we expose ourselves.

This extra caution often gets overlooked once again when dealing with friends and family, however. You can have all those pictures of you either in compromising positions or holding a weapon that could cause you to be considered a criminal tomorrow on your own self-hosted cloud provider, sure, but did you send that to your best friend to check out? Send some naughty pictures to your spouse one particularly spicy Saturday night? Or did you write an opinion piece about the demise of our society that could be considered "harmful" or even "violent", and send that to a close friend to check out? Wonder how many of those above examples ended up on a Google server. A Microsoft server. An Amazon or Dropbox server. They can sing their own praises about security all day long, but the problem isn't so much with how secure they are to hackers; they don't need to be hacked to hand over the secrets. That's the entire problem. And don't think for a second they would be above simply terminating your use of their service without explanation if something stored on their servers was brought to their attention for some reason, even if it is not criminal. You certainly don't have to be a criminal to be investigated and have your life altered forever.

If you were able to successfully talk your friends and family members into allowing you to place the Bitwarden app on their device and hook up to your server, then perhaps now they are willing to listen and be more receptive about using alternative apps to accomplish the tasks they need done. After all, most people simply want their applications to "just work", they don't want to have to think about them or what is going on in the background. Remember as well if they are more receptive and willing to entrust you with the task of storing their files and photos, and perhaps of storing their contacts and calendar--you must understand the responsibility you are undertaking. Don't begin experimenting and as soon as something is spun up begin throwing your friends and families data on there, as inevitably you will have made a mistake or need to make a major change which would cause the entire process to start over again. To you that may just be "part of it". To them it is a sure sign that they just need to go back to what has seemingly worked for them for years now. Sure, they get an advertisement every now and then for something they mentioned to only one other person in a closed room one night, but hey, I'm sure it is fine.

The frustration and disappointment with the lack of interest in these topics can either lead to you feeling depressed and cynical, ready to throw in the towel, or they can work as fuel to your fire, knowing that if no one else is going to help protect you from what you know is happening around you, then it's all up to you. The tools for all this surround us daily, yet we take them for granted or we become so distracted by the "coolness" of finding out we can do some obscure thing that we forget to do the simplest things first and foremost. Stop reusing bad, insecure passwords across multiple sites and storing them in unsafe places. Run your own Bitwarden_RS server and hook your devices up to it. Get your password game together. Stop storing all your files, pictures, and data on big tech cloud provider servers. Run your own Nextcloud Hub synchronization client and begin taking control of your own. Then open up the registration of both of these tools, and do your best to bring your close friends and family members along on your journey out of this terrible spiral toward a panopticon we find ourselves on today. It can be as simple as a few clicks away.

Enjoying these posts? Subscribe for more