Running Jellyfin off of a VPS provider seems needlessly expensive. I guess server hardware has an upfront cost, but having real hardware to host it on at home will be far more cost effective long term, especially for storage.

Yeah, that’s my main concern. I believe the Immich developers have said they have no desire to implement it, though… Which is fair enough, it doesn’t work for my desired use case though.

I want all data to be encrypted before it even reaches the server. Yes, I don’t want to trust even my own server for my image backups :), particularly since I would want to use something like Immich to provide photo backups for friends and family and I don’t even want to technically have access to their unencrypted photos unless they explicitly share them. I kind of want the attack surface for my photos to be as small as practical too. It’s almost certainly worse to have them available on my device unencrypted than a dedicated server, but it’s worse to have them unencrypted on both (and I want photos available on device so, thems the breaks).

I get that a lot of people won’t care about this and that they’d rather be able to run the image recognition features of Immich on the server and stuff, but I don’t think it’s entirely unreasonable to want encryption for this. If nothing else I’d love to be able to back up photos for friends and family and legitimately be able to tell them that it’s encrypted and I can’t see any of it. It’d be even sweeter if they could do image recognition on device and sync that metadata (encrypted) to the server as well.

I’m kind of disappointed by the lack of encryption. It sounds great, but I don’t want to trust the server.

Seems like it might be fine: https://nextcloud.com/blog/nextclouds-push-notifications-for-ios-and-android/

The mail app does not support push notifications for gmail and also does not support IMAP IDLE (my naive understanding is that IDLE keeps a socket open and potentially the radio as a result which would impact battery life), so it fetches emails on a timer. AFAIK the only ways to get push notifications is with iCloud email and with an exchange server. I know you used to be able to set gmail up as an exchange server account on iOS, but I’m not certain if gmail will still pretend to be an exchange server these days. This is probably my biggest complaint with the mail app — like I said, it’s not great :), but it’s good enough for my purposes right now.

What’s so great about the gmail app (aside from the 2FA thing you mentioned?) Personally, I’m reasonably happy with the iOS mail app (I mean, it’s bad, but it does its job and it doesn’t advertise to me, so I guess that’s a win)… But I guess I do most of my emailing on mu4e.

I consider marketing something as “for free thinkers” as a huge red flag.

For what it’s worth, this has not been my experience after self hosting my email for nearly a decade. It has not been a constant battle at all… it has just worked, and I get responses whenever mailing random people all the time and have not had delivery issues to my knowledge. That said, I have talked to people who have had issues and every time there has been something wrong with their configuration (usually DKIM or rDNS is not set up properly). There’s enough that can go wrong that I wouldn’t recommend people send important emails with it unless they’ve been doing it for a while and they’re sure it’s working, but in my experience this is all fear mongering. Self hosting your email is very doable and is generally not a constant battle against getting put in the spam slammer. There’s a lot of picky little things to set up at first, but once it’s set up it’s usually fine.

In my experience the problems with self hosting email mostly occur when something is misconfigured. I think it’s good for people to try to self host it, and if you pull it off it’s great (I love having mine self hosted, and it’s convenient to be able to have as many email addresses, storage, and accounts as I want). It is difficult to get right and debug when something is going wrong, but it’s far from impossible. If you set up SPF, DKIM, and DMARC and have rDNS pointing to your mail server’s domain name you’ll likely find success. It’s possible I’ve just gotten lucky, but I have never had a problem with IP ranges getting banned.

Tunnel broker blocks port 25 by default, but you can ask nicely and they’ll open it for you. It’s a good option if you don’t have an IPv6 address otherwise.

Having an IPv6 only mail server is potentially risky, though… some other mail servers may only talk IPv4.

I’ve had good luck on a couple of cheap providers. I think a lot of them block port 25 by default, unless you ask, which maybe gives you a better chance. Plus DKIM and stuff are starting to help. There’s probably always some stupid mail server that will block huge swaths of IPv4 if somebody farts in the neighborhood, but I think the situation is improving.

In my experience prosody is pretty easy to set up, but there’s also Snikket now which is built on prosody and hopefully makes setup even easier (but I haven’t used it).

Fair enough. I don’t use either of those features, so it’s not on my mind.

It’s always been weird to me how people use Brave. Like there’s a big class of Brave users who seem like people who would just be better off on Firefox? I guess it’s some of the best evidence I have seen that marketing works.

In my experience self hosting email it has pretty much been “set it and forget it”. I feel like there’s a lot of fud from people with misconfigured email servers (because there is a lot that can go wrong on setup). In every case I’ve seen where people are complaining about email deliverability I’ve found that they haven’t configured DKIM or rDNS properly. That doesn’t mean there can’t be issues, and I am sure it is technically possible to get sent to oblivion, but I feel like this issue might be somewhat overblown.

Smart TVs are god awful, and I hate the OS on our LG TV. That said there is finally a Jellyfin app on WebOS so it has that going for it now… I’m too cheap to buy a separate box for Jellyfin and stuff for the TV, so I guess it’s good enough… but in general I wish the TV OS got out of the way a little more.

I highly doubt that any commercial company is going out of their way to store encrypted conversations and working on quantum computing to break those conversations in order to train AI. There is no way that this is a cost effective way to train AI, and there is no way that this will be more legal or considered more ethical than scraping public facing websites (even if those websites request not to be scraped).

That said, of course “capture now, decrypt later” attacks are a concern! I would probably bet against companies planning to do that for the purpose of training AI, but I would not bet against governments doing that for other reasons :). This is why post-quantum cryptography is being rolled out now (albeit slowly, it’s still rare). As an example OpenSSH defaults to using post-quantum algorithms for key exchange ever since the 9.0 release. It uses a mix of the NTRU Prime + X25519 ECC algorithm for key exchange, so it is guaranteed to not be weaker than normal ECC cryptography, even if the NTRU Prime lattice cryptography proves to be horribly broken. Once the key is exchanged the symmetric cipher used for the connection is also assumed to be quantum resistant. If quantum computing becomes a serious concern you will have to retire your old RSA / ECC SSH keys, but they are only used for authentication at the moment (so it doesn’t matter if this cryptography is broken in the future), not for encrypting any of the “real” content between devices — all of that is likely quantum resistant as of more than a year ago. Most of what you do on the internet, however, is still vulnerable and could be captured to be decrypted later… But I suspect we will slowly see things move over to post quantum cryptography transparently over the years.

It is not known when or even if we will have quantum computers capable of breaking RSA at common key sizes. There are concerns about whether it will ever be viable, and if it is who knows what the cost to run it will be (it may only be viable for targeted attacks, and not decrypting all internet traffic ever… If it’s expensive and takes hours or days to break a single key it might not even be super effective for decrypting old messages in protocols where keys are renegotiated frequently, like with Signal). I wouldn’t be terribly surprised if we never have quantum computers effective at this (though I’d probably bet for it to happen rather than against it), and I wouldn’t be terribly surprised if there already is one somewhere kept secret (though I’d probably bet against this being effective for decrypting an entire population’s messages?). I don’t actually have much insight over the feasibility of large scale quantum computers, though, so take that with a grain of salt. At any rate… You probably don’t have to worry too much about it as a looming threat right now, there are likely far easier ways to attack you now.

The guarantees in cryptography are super weird. It’s kind of odd, but in all of the cryptographic algorithms we use today… We don’t actually know how hard the problems are? Symmetric ciphers are generally thought to be more secure than public key cryptography, but it’s a bit easier to see how hard public key cryptography is to break (at least in my opinion). With RSA for instance you know that if you can factor large numbers efficiently you can break apart the keys, but with AES we kind of just hope we mixed things up good enough that it’s hard to reverse without the key. But what’s kind of funny is that we just think that factoring large numbers is hard, but we don’t even know if it’s an NP-complete problem — it’s probably an easier problem, and even if P≠NP it could be the case that there’s an efficient polynomial-time algorithm to factor large numbers. It’s not entirely out of the realm of possibility that there is just some math waiting to be discovered that would break these algorithms on a classical computer, and there’s a non-zero chance that it is already known and kept secret (though this is probably unlikely).

I’m not sure I’d consider it a losing battle at all. It’s certainly possible for there to be weaknesses in modern day cryptography, but in general it has stood up remarkably well over quite a long period of time so far. The possibility of quantum computers makes things like RSA and ECC a little dicey in the long term, but we’re already working on post-quantum cryptography and are starting to deploy it. Assuming that those algorithms hold up there’s a good chance that if quantum computing is ever practical we will be ready for it. There’s a good chance that you are even using post-quantum cryptography now in certain situations (e.g., recent versions of SSH uses post-quantum cryptography for key exchange).

Most people do not decide what cryptography they are using. I’m not really worried that in 50 years I’ll be using something dated for most stuff as long as I’m using modern software. The most likely case where this could matter is for something like SSH or PGP where you are manually managing your own keys… When RSA and ECC keys are no longer considered secure that will be pretty big news, and you’ll probably hear about it, but there’s also a good chance that the software will be updated and provide warnings that you should generate new keys too?

Yeah. There’s an attack that roughly halves the effectiveness of AES, but symmetric encryption is thought to be safe overall. If it’s not we’re super fucked.

Fair enough! I always get the ECC and lattice stuff mixed up too. ECC isn’t really all that different from RSA. The key sizes can be smaller for the same strength and it’s more efficient, though. This mostly benefits servers that will be handling a lot of encrypted connections AFAIK.