WHY SELF HOST?
Over the last decade, remote computing via "The Cloud" has become the standard for hosting websites, applications, and services. The convenience, security, and reliability of having professionals manage your digital stuff on centralized infrastructure quickly made it the norm for almost any use case. However, this new standard has come with serious costs to individual privacy, freedom, and autonomy, costs that in the last few years have raised questions about the cloud's long term viability and its usefulness for most (if not all) users.
The first question is: If cloud systems are so secure, why do we constantly hear about data breaches?
TECHNICAL RISKS OF THE CLOUD
"Cloud computing", "cloud services", "the cloud", all conjure images of an abstract, ethereal place where websites and applications can run and frolic in safety and security forever. The reality is that "cloud" just means "someone else's computer", a device quite similar to the one in front of you right now.
Data on the cloud isn't in heaven, it's sitting on a hard drive, in a building, in some part of the world, managed by people you don't know, implementing policies you can't control, with employees who work for dozens or hundreds of different subcontractors. All it takes to expose your data is a mistake (or malice) from just one of the many thousands involved.
This is not hypothetical. Cloud breaches happen constantly: some are never discovered, others are discovered but never disclosed, and only a few become public. Of those that are actually disclosed and investigated, the causes are almost always security risks that are inherent to centralized cloud data storage:
- phishing attacks on employees or contractors
- insider attacks from employees or contractors
- critical systems left unpatched or out-of-date, either from simple neglect or for fear of breaking something else
- somebody exposed something they shouldn't have to an AI/LLM
- lax, inappropriate, or overly burdensome security procedures that workers inevitably circumvent or fail to implement
- compromised supply chains from any of the countless upstream hardware and software dependencies which complex systems require
In security jargon, the data centers that underlie the cloud have thick and healthy "attack trees", meaning there are many branching vulnerabilities to try and exploit. The bigger and more complex a computer system - and nothing is bigger or more complex than cloud systems - the larger the "attack tree". Big companies counter that with enormous outlays on physical and electronic security... and yet data breeches, large and small, not only continue to occur, but show no signs of slowing.
With that, a more fundamental question becomes prominent: Can you even minimally trust the company you're paying to host your data?
BUSINESS AND PERSONAL RISKS OF THE CLOUD
Since 2010, a handful of tech giants, represented here by consumer facing members Amazon, Facebook, Google, and Microsoft, have gone on a buying spree, purchasing any company or service they think is either A) monetizable or B) threatening to their current income:
Amazon - 123 total companies acquired, 88 (72%) since 2010
Facebook - 109 total companies acquired, 104 (94%) since 2010
Google - 269 total companies acquired, 213 (79%) since 2010
Microsoft - 279 total companies acquired, 133 (48%) since 2010
Empires like these were built using small blocks of our data combined with larger blocks made of other companies that also had our data. And now they're the only game in town.
Along the way, many useful programs and services were gobbled up only to be abandoned, turned into something different, or simply harvested for user accounts, email addresses, and training data. And these days they are not the least bit shy about invading your privacy, profiling you relentlessly, and selling anything about you to the highest bidder, often shady third-parties who can do with your information as they please. Behavior like this from major internet companies would have been scandalous fifteen years ago but is common practice today, a sad degradation of affairs brought about by a deliberate process of monopolization in on-line services. Competition, markets, and variety have nearly been eliminated (and we'll set aside the corruption inherent in that, don't want to be here all day).
Most of these companies have long cooperated with authoritarian governments abroad; now they have eagerly partnered in grossly illegal actions by American governments at all levels: knocking on doors for First Amendment speech, rounding up innocents with error prone facial recognition, and treating people like cattle and worse. Add to that the emergence of reckless "AI" tools, let loose to flood useful systems and social media with slop while widely exposing any user data they touch or generate, and we have a very dire situation for personal privacy and security.
Time was, business customers could at least expect some respect in these matters. Paying your cloud bill insulated you from the gradual enshittification of free or lower tier services. These days though, AI/LLM/ML systems of dubious utility are crammed into every application and any data stored on those servers should be assumed to have been used to train some kind of model without your consent. Privacy statements and end user agreements grow longer and more restrictive by the week. Oh, would you like to switch to another system? Here's your business's vital data in an unlabeled SQL file with nested tables seventeen layers deep. Enjoy.
From the huge and famous to the merely large and industry specific, cloud service companies have made it clear, with starkly few exceptions, that they have no respect for consumer privacy and that security is nice for them but somewhat optional and a little patchy for you. They exist in the realm of billions, where a business, a family, and even a person are all equally irrelevant.
Your rights, your privacy, and your interests are not their priority and never will be, which raises a final question: How do find and use systems you can trust?
RECLAIMING YOUR PRIVACY, SECURITY, AND AUTONOMY
By self hosting your services on hardware you own, you can maintain control over your data and protect yourself (somewhat) from the omnipresent tracking of private corporations and from the illegal surveillance of corrupted governments. But self hosting has always been limited to dedicated hobbyists and people with sysadmin experience, and even their self hosting projects often founder when backups, updates, and other maintenance start taking too much time and making things less fun.
We encourage people to self host on their own and here are three (1, 2, 3) quite good guides for doing just that. But we also know that self hosting is simply beyond most people's computer skills. And even for those with such skills, self hosting often devolves into just another maintenance chore. TableOS aims to work for both groups by offering the convenience and simplicity of cloud (anyone can use it and we handle the updates) with the privacy and security of self hosting (it's still 100% yours).
TableOS is Linux Debian with a (non-root) Local Management System (LMS) that runs updates and keeps the server visible to TableOS.net. When someone cancels their TableOS subscription, only the LMS shuts down. The server itself and the installed programs and applications continue to run as normal and the computer remains a Linux Debian system to which the user has both the admin password and the data encryption password. If they want to continue using it on their own (which mostly means manual updates and making other arrangements for internet visibility), they are completely free to do so.
We have no interest in remotely disabling your server so we have built no means to do so. Our business doesn't require selling your data or even seeing your data because our long term interests are simple: keeping our subscribers on-line and up-to-date so they can continue using their software as they see fit.
We think you probably don't need (or want) many of the cloud services you currently use. And we believe that by leaving behind the inherent hassles and problems of playing in someone else's sandbox, we can all go back to enjoying the programs and tools we use on-line.
To that end, TableOS is exactly what it says in the tagline: self hosting made simple.
FURTHER READING
About Us - How the "table" got into TableOS.
Self Hosting Simplified - An illustrated guide to how self hosting works.