|
>What is your threat model to warrant this effort at home? Same normal one as everyone else in a connected world? I find this interesting and do the same stuff for both home and work. You make a lot of mistakes and wrong assumptions, but a big one is failing at all to consider cost amortization. You're assuming this is a burden, but that's backwards. I need/want a decent network anyway. I want to use open source for core areas to avoid actual problems I've had (not theoretical) with lock-in going wrong anyway. There is absolutely real work and cost in setting that up, same as a good NAS, virtualization (or home k8s clusters some people do or whatever else), etc. But once you do, the marginal cost of doing more stuff with it is tiny, which of course is some part of the whole value in doing it in the first place. It's absolutely wise to pick where one spends their time and resources with care, and I have zero issues with leaning on COTS and other professional in plenty of areas. Self-hosting is both something I enjoy, something I think is important/valuable, and of professional interest. >I’m asking incredulous and probing questions because I used to live life the way you are currently, and it’s frankly unhealthy for the human brain. If “home” feels like such an unsafe place to warrant your current measures, you need to either make serious changes to where home is, or your mental state. Neither is easy but at least one is necessary. This is a lot of projection and confusion on your part I'm afraid. None of this has anything to do with "feeling unsafe" beyond the basic ways perhaps we should given the state of smart home devices, cloud service dependencies etc, and how valuable our digital lives and monitoring of them now are. As far as security you've literally got it backwards though: moving to an open less complex higher layer is simpler, more practical, more reliable, and thus it reduces vs adds mental burden. I don't need to think as much about whether some new aggressive smart home thing is trying to scan my network and what issues it might have (they are, they do, and no I do not get total veto on what comes in vs family desires/needs), about making use of still good but now old and never updated kit, about issues in the network hardware itself (like when some UniFi gear was leaking traffic between VLANs [0]), about new surprises in WPA, ever more automated attacks, and on and on. A minute to setup a tunnel once and a lot of that evaporates for years at a time. It significantly reduces the surface area of stuff that is critical to stay on top of vs "eh, check on updates once in awhile". None of this comes from the strange state you describe yourself as in, but from curiosity, interest, and reasonable respect for the amount of risk against both my own limitations and positive features that I want to take advantage of in my life. Indeed if I didn't consider my home, office, and other work spaces fundamentally physically safe that would undermine the foundation of self-hosting! But physically safe with great neighbors and so on is separate from the connection to the entire rest of the planet, and the various black box objects we bring into said safe home made by profit seeking multinationals capable of communicating without our approval over said connection to the entire rest of the planet right? I hope you're making progress though! ---- 0: https://community.ui.com/questions/BUG-NanoHDor-broadcast-an... |