The future of selfhosted services is going to be… Android?

Wait, what?

Think about it. At some point everyone has had an old phone lying around. They are designed to be constantly connected, constantly on… and even have a battery and potentially still a SIM card to survive power outages.

We just need to make it easy to create APK packaged servers that can avoid battery-optimization kills and automatically configure an outbound tunnel like ngrok, zerotrust, etc…

The goal: hosting services like #nextcloud, #syncthing, #mastodon!? should be as easy as installing an APK and leaving an old phone connected to a spare charger / outlet.

It would be tempting to have an optimized ROM, but if self-hosting is meant to become more commonplace, installing an APK should be all that’s needed. #Android can do SSH, VPN and other tunnels without the need for root, so there should be no problem in using tunnels to publicly expose a phone/server in a secure manner.

In regards to the suitability of home-grade broadband, I believe that it should not be a huge problem at least in Europe where home connections are most often unmetered: “At the end of June 2021, 70.2% of EU homes were passed by either FTTP or cable DOCSIS
3.1 networks, i.e. those technologies currently capable of supporting gigabit speeds.”

Source: https://digital-strategy.ec.europa.eu/en/library/broadband-coverage-europe-2021

PS. syncthing actually already has an APK and is easy to use. Although I had to sort out some battery optimization stuff, it’s a good example of what should become much more commonplace.

cc: @selfhosted
#selfhosted #selfhosting

  • Wander ΘΔ :verified_paw:@packmates.orgOP
    2·
    11 months ago

    @TCB13 I’m not an expert in the matter but I wonder how large the attack surface actually is for a web service that has a single port exposed via a tunnel which can even contribute to doing some security filtering.

    The application / server component can actually be updated since it’s just an APK. And someone else in this thread actually linked to whole linux distros that can be installed and run without root. In theory even if the underlying OS is insecure, more secure OSes can be installed on top, or risk can be severely limited by only exposing a single port.

    Basically, while flashing a new ROM would be ideal, I think there’s likely a way in which a sandboxed and possibly even updated environment with updated TLS cyphers, CA stores, etc… can be run in a secure manner on top of a stock Android ROM.

    Furthermore, developers packaging their apps into APKs could run security checks and by the time it says “your OS is insecure” you’re already on your third phone and can host stuff on your second. I mean… Android phones are in their prime for two/three years at most in my experience :P