Comment by quesera
4 days ago
I thought we were talking about blog posts.
Host your personal data on your local machine. Encrypt it and sync to another physical location for backup.
But serve your blog from somewhere else. If you want to self-host it at home, buy a cheap NUC (or RPi) and hang it off the guest network on your WiFi router. Or, minimally, a VM or a zone/jail/container. I don't like the idea of a compromised host sitting on my home LAN, but it's better than a compromised daemon running on my desktop OS.
Or don't self-host at home, but mirror the data up to GitHub Pages or Cloudflare Pages for free. Or pay for a cheap VPS (people elsewhere in these comments mentioned a $20/yr host). Or OVH, Hetzner, even AWS low-spec instances...all reasonable options.
If you're no longer talking about blog posts, but you want worldwide access to arbitrary personal data on your home desktop, that's a job for a VPN -- preferably one that still does not terminate on your desktop itself, and of course not one that gives a sketchy third party direct access to the desktop.
I completely agree that pushing your personal files and such up to Dropbox (e.g., etc) would also be madness!
You say we're not talking about us, but I'm responding to your specific mention that you serve blog posts to the public Internet from nginx running on your desktop. We may not be able to help to average consumer, but I'm talking about you! :)
>but I'm talking about you! :)
I am confident in my digital security for my threat model. Physical security, less so. The only time my data has ever been taken was when the FBI broke into my apartment at 6am in 2010 and held me at gunpoint and stole every computer in my apartment. They never charged me with a crime, never even indicted me. It was all just the feds squashing political dissent back in the Occupy wallstreet days and I was one of hundreds on the mass warrant issued for that morning's cross-country raids meant to intimidate and destroy lives. As was the FBI's style, they stole all the bitcoin I had on those computers, which I discovered when they kindly returned them (in parts) 10+ years later in 2021.
I'd argue the real risk for me living in the USA is not from random hackers finding a unicorn nginx RCE (or me misconfiguring), but from the government. And they're going to come in the front door not through my computer.
Given the state of things I think this applies to far more people than just me. So start up those home static servers. It's a relatively low risk, all things considered. And free communication with other humans, not shaped by corporate policy and opinion shaping, might just mitigate the government problem a bit.