How Can I Make My Own Private iCloud?

Since Apple announced their intention to scan every photo on iCloud for ‘child pornography’ (who could object to that?; surely, such things comprise a precisely-defined category) and report ‘bad people’ to the state (not that I have anything other than cat and grandchildren pix), I have wanted to quit using iCloud for my pix and documents (did they ever implement this after the push-back died down?). It is unimaginable they would not also scan Pages documents for ‘wrongthink’ and unofficially report those to some ‘non-existent’ federal agency or otherwise, somehow, magically de-platform and un-bank offenders. You know, like Russia.

I have taken some initial steps in the privacy direction like switching my email to a paid subscription to Protonmail, using a VPN and Brave Browser and Brave search engine. But leaving Apple in possession of my documents seems to me a very bad idea. Having only limited silico-technical abilities, I am wondering if I can create my own local ‘cloud’ - a storage drive on my own network, onto which I could export all my current iCloud materials; then delete them from iCloud, stop sending any future stuff to iCloud, and save all future materials only to my own local drive.

To the scanalyst cognoscenti: is this doable for one with limited tech skills? Would it require a professional consultant to set it up? Also, assuming it can be done, is it also worth doing, or do the tech bad guys who currently run the entire world, already have work-arounds in place, so that resistance is, indeed, futile? I am thinking such an approach as I propose threatens the business model of the tech giants, relying, as it does, on their hierarchical control of the internet and most all its data silos. I long to escape those who say the words “don’t BE evil”, but go right ahead and DO evil round the clock at near light speeds. I would appreciate any thoughts or advice.

There’s no problem setting up your own storage server on your own network. Fundamentally, it’s nothing more than a separate computer (which doesn’t need a lot of processing power, but the ability to connect as many storage devices as you require for your data) configured with a redundant RAID storage configuration which can recover from the loss of at least two separate drives without losing user data. The system should have a backup device, usually something like an LTO tape drive, which supports dense removable media that you can store off-site for disaster recovery. The storage server simply exports its disc array to your local network and other devices use it like any shared drive. If you have a firewall or configure a firewall within the storage server, it will generally only accept packets from the local network, barring any access from the outside.

I run essentially this kind of configuration at my own site: a Dell server with 8 physical solid state drives proviging a total of 10.475 Tb of storage configured as a RAID-6 array providing a total of 8.1 Tb of user storage which can survive the loss of any two drives in the array while maintaining full read and write performance and no lost data. This is backed up nightly on LTO-5 tapes with a full backup every month. Filled backup tapes are never re-used and stored in a separate building from the computer, with off-site backups stored in a different country twice a year in case of a bad asteroid day. (I use LTO-5 tape because I bought my tape drive in 2012 when that was the current standard. If I were replacing it today, I would use LTO-7 or LTO-8, which store much more data on each tape cartridge.)

The server exports this RAID file system over NFS, which every other system on site mounts as its /files system. Thus, regardless of which computer I am using, all of my files are accessible on /files, and benefit from the redundancy and backup provided by the server. The server only talks to the local network, but my firewall is configured to allow access via secure login so I can manually download and upload files while traveling.

This provides a private, secure, and reliable file storage mechanism, but what it does not do is offer the convenience of integration with a vendor’s platform and applications the way iCloud, Microsoft OneDrive, or Google Drive does. You would not, for example, have the ability to have photos from your mobile phone backed up automatically on the storage server, or to share documents which could be viewed and edited by multiple people to whom you granted access. That would require installation of complicated software with administration requirements I would, personally, not consider undertaking.

As an alternative to running your own server hardware, you could set up a storage server on Amazon Web Services (AWS) or another cloud provider, configured to provide the storage you require, The cloud storage server would be configured with encrypted file storage so even the cloud service provider could not access its contents without the private key known only to you. The server’s firewall would be configured to allow access only from your local network (which would have to have a fixed IP address range). The advantage of a cloud server is that you get the reliability of a data centre with redundant hardware, backup power, multiple network connections, and the ability to expand the system paying only the incremental cost for the capacity you require. Access will, of course, not be as fast as a server on your local network. With AWS, you would have the option of locating your storage server in a different political jurisdiction than where you live, and/or mirroring the server in multiple regions.

Thank you. Since I use my home network only for email, personal text documents and a very modest number of photos - my part-time doctor work involves no computer work outside the work site - the volume and sensitivity of my materials is quite low. I also manually backup my computer religiously to a local drive every Saturday & store the SS drive in a fireproof safe. So I’m not sure I need a tape backup.

Even setting up and configuring a server with backup drives is beyond my abilities, though, so I will hire someone competent to do this for me. What motivates me is the principle of not allowing myself to be vulnerable to state or private actors who would surely despise my philosophical and political views. I don’t doubt they would act against me if I came to their attention (never used Twitter, deleted FB after a few weeks when it was new). A pertinent cautionary tale: Jordan Peterson and Robert Epstein had all their stored materials deleted by Google without recourse simply because they told the truth on matters Google didn’t like.

I’ve been meaning to set up an instance of NextCloud at some point. In my copious free time. ):

But it has mobile access à la DropBox, a stumbling block for alternatives. I would probably install on my personal VPS (turmel.org) and use my custom VPN to serve additional content from my larger servers.

I am in a similar situation. Much less data and using external hard drive back up. I am not consistent with backups and have paid the price.

John’s note has several best practices that I want to implement.

1. Offsite storage to reduce threat of fire or theft.
   2, Multiple types of storage. I didn’t understand the tape backup and thought it was a cost thing with massive data, but just a quick check and I found that

By diversifying storage types, you are likely to offset the timing of any one failure as each medium carries its own expected vulnerabilities and shelf life. Typical shelf lives range from a little as 7 years for HDDs, to over 30 years for LTO tapes.

3. Multiple copies. Three copies are recommended.

Given these tips, my low budget/low skill plan is to do the following:

It is possible to set up the Mac time machine to backup to multiple locations.

• Time Machine automatically makes hourly backups for the past 24 hours, daily backups for the past month, and weekly backups for all previous months. The oldest backups are deleted when your backup disk is full. The first backup might take a long time, but you can continue using your Mac while a backup is underway. Time Machine backs up only the files that changed since the previous backup, so future backups will be faster.

A. I will setup Time Machine to backup to my external drive and my wife’s Mac.
B. I will store one external drive at an offsite location
C. I will rotate a new external drive with the external drive stored at an offsite location
D. I have not figured out what to do about a second media. The LTO tape drive is 3k. A few years ago I set up a file server on AWS, but I want to stay pretty much Amazon free as much as possible. Until I learn more and investigate other media options I think I will just replace the external drives every couple years. I am a minimal data user. I don’t take many pictures or videos. However, surprisingly after five months of backup to my external drive I do have 800 gigabytes used. I do think that one external drive will hold all my data. External hard drive capacity is growing faster than my storage needs.

In addition to diversification of storage types and retention time, another advantage of LTO tapes is that they have hardware write protect (a physical switch on the tape cartridge) which cannot be overridden by software control. This is not the case with any kind of hard drive backup medium. Once your backup is on a write protected tape, its contents cannot be corrupted by any system on which it is loaded. This provides protection against calamities such as “ransomware” which encrypts everything on all hard drives attached to the infected computer and demands a ransom to provide the decryption key. Some ransomware has been designed with a time bomb that only goes off after a specified delay with the intention of waiting until backups cycle before triggering.

If you have tape backups that are never overwritten, you can always go back to before the initial infection and restore from there. If the backups are on a hard drive, as soon as it is connected to a computer it and all data stored on it are potentially vulnerable to an attack from that computer.

This is a low probability risk, but with a read-only backup medium you are protected against it. Before disc capacity was so huge, optical media such as writable DVD was an option for this, but at the moment tape is the only medium that’s kept up with hard drive and SSD capacity, albeit at a high cost for drives and media.

Since my goal is to be as certain as possible that Apple has zero ability to read my written materials, I am considering eliminating my Time Machine. Do you know if Apple can see/scan text (Pages) documents or downloaded documents stored on Time Machine?

BTW, as I continue to research this privacy/backup issue, I have just learned that Protonmail has implemented Proton Drive. This provides storage with end to end encryption and I trust this outfit. My son is Swiss & knows some guys involved in Proton. They are deadly serious about the privacy of their users. I am trying to learn if simply using this new product would satisfy my needs for secure online backup without the unlimited snooping of the evil (to their multiple cores) tech giants. Apple’s intent to scan - not only iCloud storage but even everyone’s iPhones! for “child pornography” (how do they access what is stored on one’s device???) - surely presages their incipient intent to scan documents for "violence “hate” or “misinformation”- containing content followed by de-platforming with loss of all stored content with zero user recourse. As I pointed in the OP, Google did this to Jordan Peterson & Dr. Epstein. This should alarm everyone.

Time Machine is simply an application that backs up modified files from storage on your machine to another drive attached to it which is designated as the backup device. It handles automatic scheduling of backups, purging old backups, and interactive or bulk restoration of data from available backups.

But, at the core, it is nothing more than a file copy utility that manages copies of your data stored on another drive. As such, information stored on the Time Machine backup drive are no more or less secure than files on any other drive on your machine. If Apple can snoop on them, they can snoop on the files already on your computer. Do they snoop on them? In a closed, proprietary system there is no way to know for sure, but my guess is that if they did, somebody monitoring network traffic’in and out of their machines would have caught them in he act and blown the whistle by now.

Gold, a Doug Casey story and Liberty.

John has a gnome-o-gram on owning gold. The conclusion is there is no risk free way to own gold.

The story Doug Casey tells is of a man that lived in Europe and saw WWII coming. He decided to move to a location that couldn’t possible be part of the war. He moved to Gaudalcanal island.

We face an unholy alliance between Big Tech, Big Finance and Giga-Government.

What should or can you do is the $10,000 dollar question. My opinion and 10,000 bidenbucks will get me a cup of coffee in the near future. My opinion is that the government is corrupt. Not just individuals, but the system. Once you have a corrupt government, everyone is at significant risk and it is very difficult to reduce. Leaving the country is probably the best option, but not available to many of us.

This is one of several reasons why I personally will not support any involvement in Ukraine. If my house is on fire, I cannot worry about potential problems in a potential future.

Yeah – but where would one go to? Europe is further down the slippery slope. Africa is no country for old men. South America is … well, South America, with everything that entails. Arabia has its own problems, and they want only foreign worker bees and very rich foreigners who can contribute to their countries. Then there are Russia and China.

If I were a high schooler, I would be thinking seriously about learning Russian or Chinese. But I am not. So I will sit on the porch and contemplate the sun going down.

I remain a long-term optimist about the future sweep of history – but life is going to be hard for the next generation or two. We messed up!