0. What’s wrong?
My emails archive sits in Gmail. Sometimes I send and get large attachments, so over the years it grew and it grew. First I tried to search and remove old large files, but it is very painful and time-consuming. So now I pay Google 80nis yearly for some lousy 30GB that I use. Some of my collaborative work sits in google docs, which has this nice web interface. The problem is the folder organization of the GDrive – all my files are lost there forever and only googling can find them. The file formats are Google proprietary so I cannot really export them. My notes sit in Microsoft Onenote somewhere in the databases of my personal and Technion Onedrives, sometimes I am able to connect to them sometimes not, the notebooks pop in and out of existence, constantly not syncing and creating version conflicts. The ones I’ve exported from Evernote when they raised the price are in some inaccessible junkyard My chats history is scattered between Gtalk, Whatsapp and telegram servers, something is backing up somewhere, but I never know if the backups will exist. My public posts are on Facebook and a little bit on Blogger. Some of my fb pages closed and that data is lost. My docs are scattered between GDrive, Mega, Dropbox, Onedrive. I think I lost some when Copy ran out of business. My pics used to be on Flickr till it became a paid service, extracting them cost me losing all the metadata – dates, album names, literally lost memories. Now I automatically upload to Google photos, feeding their face recognition algorithms. Probably I have an opt-out option somewhere.
Sounds familiar?
We became hostages of these “services” providers, “clouds”. We don’t own our stuff anymore. Our personal information is used against us to feed us with targeted ads. We deserve better. Our data should sit on a backed-up encrypted secure storage with anti-virus and anti-ransomware scans. It should be stored in open formats – plain text files with metadata, that will allow accessing it with a variety of tools. The storage should cost us money. To access our data we need apps. Mobile, Desktop, and Web apps, in sync. This means that we need a server in the cloud for web and sync. Currently, this is the big gap, as the only people that provide us these servers are the companies that keep us hostage – Facebook, Google, Microsoft. They use the Server excuse in order to get exclusivity on our data.
An ambitious Free Open Source Software (FOSS) project filling in the gap is the Nextcloud – a server that in it’s basic functionality is a Dropbox, but is constantly growing to capture more aspects of the digital life with new apps. Nextcloud is a project that forked from Owncloud, which is also FOSS in it’s basic version. When I was comparing the two, Owncloud website claimed to concentrate more around the core file sharing activities and ridiculed Nextcloud for it’s weather app. I think that in the long run the apps are actually making the difference. Oh, and I could not make Owncloud to connect to an external S3 file storage.
The following is a summary of my personal deGoogling journey, simple as 1-2-3, concluded with the actual protostartup proposal.
1. Gena and Cheburashka (replacing Gdrive, Photos, Keep, Podcasts)
For some reason people that sell you a server tend to ask a lot for a storage, so my initial architecture included a personal cloud web server and an accompanying cloud storage. Nextcloud icon is composed of three circles that reminded me of Cheburashka, so first I was looking for Gena storage. I found an 1TB offer from IDrive2e of 40$/yr for their S3 storage service, and was generally happy with it. When something went wrong at some point, they resolved the issue quickly. iDrive is not the only provider with similar prices. S3 buckets require some unusual tools to work with, like rclone and SyncFolder, but in the end these are also the best tools to work with any kind of storage. All the various Nextcloud instances I configured iDrive as external storage worked quite smoothly with it (though slow). In my architecture, Gena would hold the big bulk of the archive files and the backup, while Cheburashka the server will hold the small amount of files that I use frequently. The reason I describe this solution in detail is because it is still my backup plan, as recently I found a two-in-one Hetzner shared storage, that provides 1TB for 5 euro/mo including a managed Nextcloud.
There are a few options to host a Nextcloud. First one is selfhosting, when you are responsible for the server operating system. You can do it on your own hardware, basically a Raspberry Pi connected to your home router (for fancier designs google look up for homelab), or on a Virtual Private Server (VPS), starting from ~5$/mo at Linode, Digital Ocean, the Israeli KamaTera or even cheaper with SSDNodes and Clowdomo. As I write this there is an unbeatable free tier offer from Oracle Cloud that includes a 4 cores 24GB RAM 250GB storage server, when I installed Nextcloud and Collabora office on it, it was truly shining. Free beer has indeed an unbeatable price/quality ratio. The second option is a managed Nextcloud, where you do not get the Linux root, don’t get your hands dirty with SSH, but get the Nextcloud admin, allowing you to install apps and add users. I had good experience with tab.digital and Webo. The third option is to get a Nextcloud as a service (that’s your Dropbox scenario). Finally, and I will just drop it here, you can install the Nextcloud on managed Kubernetes, which gives you a “root” for the Nextcloud container without taking the responsibility for the server. I think that’s the future of selfhosting, but that’s a different post. I am an ex Linux sysadmin, and this is why I chose option 2. Keeping a server on the internet is a profession or a demanding hobby, I want stuff to work. I do not want to monitor the logs and read the news of latest threats.
The downside of managed Nextcloud is the backup. The Nextcloud Backup app is problematic. It worked a few times with tab.digital and iDrive, but it is like a closed box, and then I am not even sure how and if I can restore from it. I tried to implement it with Hetzner, but the server never woke up after maintenance. Hetzner fixed it in a couple of days, and told me to rely on their daily server backup instead. On top of their backups (which I do not control), I added an incremental Duplicati backup run from my laptop of some of the files to a dedicated immutable folder on the cloud. It’s not perfect, but is much better than what you can get from Dropbox. The limitation with files backup is that I cannot access the Nexctloud database, and therefore cannot rely on their calendar, tasks or contacts.
So how does Hetzner behave?
First of all – the Dropbox function works well. Syncing laptop, desktop, android with ~500GB of data works smoothly, the web interface is responsive, sharing folders and galleries anonymously, camera auto uploads – all works. The web office is the less powerful OnlyOffice, but Collabora started to supply an android version of their office suite, so chances are you will not need it anyway as the NextCloud companion.
As you have an Admin user, you can create users for family and friends, having shared folders for documents and albums and such. I connect the laptop and phone with a non admin user, and access a “Boydem” (Yiddish for attic) folder with immutable permissions, so that I can add new files but cannot modify or delete existent. This protects from ransomware attacks and mistakes.
There are some nice applications you can start using immediately. First of all – Notes, implemented as simple MarkDown text files in folders structure with nice android app and widgets. Have you ever wondered why Evernote/Onenote are so problematic and expensive? There is no reason.. Then you can have gpodder to back up your podcast player, coSpend for family budget, picoCMS for simple static websites and many more small apps.
Next, being a WebDav file server, it is more accessible and usable than your Dropbox/grive. The academia people might miss the Mendeley android client, well Zotero’s zoo works fine, and uses WebDav backbone to store papers. You can also map a WebDav as a network drive in Windows. Then there are all kind of android apps that work with local storage, like Keepass for passwords or Obsidian for advanced notes keeping. They can be synced with the cloud and the laptop with the FolderSync app, and also accessed from the web interface.
2. Vivaldi.net (replacing GMail, Calendar, Tasks, Contacts, Blogger)
Free 5GB of storage is enough to hold ~3 years of emails. The data is not encrypted, but the company promisses not to peek. The web interface is not as shiny, and I rely on Thunderbird on the laptop and FairEmail + DavX5 + Tasks dot org on the phone. All phone apps have nice widgets. Older archives rest in an immutable folder on my Nextcloud, accessible from Thunderbird. Gmail forwards all incoming mail to Vivaldi and deletes – my gmail account does not grow anymore. Both FairEmail and Thunderbird allow me to reply to vivaldi emails with my gmail account, so that my messages will avoid the spam folders of my old contacts, but the archived mail will go to Vivaldi. In this way the transition is smooth, giving me time to drain the Gmail activity slowly, service by service, contact by contact, till I’m ready to delete alltogether.
Additional nice features that come with Vivaldi account are Mastodon (free Tweeter) and WordPress personal blog. There are some cheap and private alternatives to Vivaldi email, and one free by the notable Disroot project. Somewhat higher protection can be achieved by Proton and Tutanota, that keep the emails encrypted on their servers, but they do not allow external android apps to access their servers, so you cannot reply to emails sent to gmail with the gmail account.
3. Free Android (replacing Google Play, Chrome, Maps, Youtube, Assistant)
Degoogling the phone is tough.
- Vivaldi browser replaced Chrome (including bookmarks, history, passwords, sync between devices).
- OsmAnd replaced Google maps, even for navigation by foot. I still look up places on google through the web interface and share them to OsmAnd. I still use Waze for car navigation – there is still no FOSS solution for traffic crowdsourcing.
- f-Droid, Aptoide and Aurora replaced Google Play store, with automatic updates of existent apps
- Newpipe works as good as YouTube premium, which I will cancel
- I use my stock LG keyboard, and I disabled speech recognition and Google assistant. I never used it because speaking to Google always seemed creepy to me. I might try it now with the FOSS Dicio
I could not uninstall all these apps by google, but I could disable them. I went throughout the settings and disabled everything Googlish. I disconnected my google account from the phone, and it surely feels good.
4. Future Work (replacing the wiretap)
When I tried to disable Google Play Services, which is the main spyware, Whatsapp, Onenote and even the FOSS AntennaPod would not open. And this is why it is so hard to get off the grid, even with a custom ROM like Lineage. So Google still is going to know where I am, what software do I use, whom am I talking with online and offline. Which is evil. The true solution would be to switch to a Linux phone and run the must-have android apps in the WayDroid emulator, so that the Google apps will be blind, deaf, disoriented and isolated. But this can wait for the next phone purchase.
5. Fossle!
As promised, a protostartup. Compete Google in the Android universe, by making privacy -respecting alternatives to:
- Google Play Services (aka gapps)
- Google backend servers (Firebase)
- Google Play appstore
First, phones are degoogled as much as possible. Install your gapps alternative, much like microg, that is talking to your own backend servers. Provide users with apps that actually use your gapps and backend. For that apps have to be migrated, possibly quite simply by wrapping them with a gapps adapter – whenever they call for Google backend direct them to yours. In addition, the app own backend has to be redirected to your servers on their side, which is requiring actual collaboration with developers. Business monetizing is immediate – you can charge extra 20c for every transaction, and people would love it, just out of spirit of rebellion. After all, privacy is not only a basic right, but also a basic need.