I recommend, for secure chat, to have home unit, that runs in encrypted mode. Something like raspberry pi, but with better processing capacity and designed by Purism, maybe some quadCPU thin ARM board with like 16 or 32gigs ram for $420 so… With capacity of nvme disks, in raid, or pcie card, so we can have some our home personal cloud.
Ever since Cloud first came out, I have always thought the term “Cloud” is a devious way to have customers looking up into sky at actual clouds while data sniffers get to scurry into their personals like squirrels for nuts. I laughed every time corporations made references on encryption options for their Cloud services.
What about servers? Have one built in your home too?
Cloud+home on community providers and a self-ran server, then routed to myself.
Cloud vs. Home (Who do you trust)
It depends on
- your threat model (what things are you trying to defend against?)
- your requirements
Taken in isolation, I think the question is a no-brainer. You would trust “home” rather than “cloud”.
However for my requirements, I would find it difficult to provide the performance and availability at home.
So that leads to a second answer: It is not “either-or”. You can have and use both, carefully considering how things are to be arranged and what the risks are.
This general topic comes up often, so I would make one other observation: Trust is all very well but if you choose “home” but you do not do so in a secure manner then the overall effect may be worse than “cloud”.
If it would be under same ISP, or they would have communicated, we could have VPN with home secure cloud at home, that’s backed up even more encrypted to cloud in case of hardware failure.
Anyway… But not Xeon’s. Multi CPU ARM boards… It’s much more thinner. Like boxes that are more… Boxy… Not flat, but boxy boxes that can be put on top of each other.
Boxy switch would be also nice…
What about starting some home computing rundown on pursim producible hardware?
It’ll boot only with secure stick inside… Give data only to logged in entities, and having some own password even on own hardware, or hardware designed in a way, that’s unkeyable, and disk is unacessable without password so data cannot be stolen. Even if secure stick is inside, data can be protected by password and harddisk can be encrypted by another password, where in eMMC chip is stored what part of disk is that huge password, and eMMC chip would be encrypted by random hardware password from encryption chip. Encryption chip would be made such that each two chips have different password.