Dump Google Drive and iCloud! Easy Private Cloud Solution!

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

let's be clear I'm one of the loudest voices on the internet telling you to dump the big Tech cloud services like iCloud Google Drive Google photos Google Docs Facebook and Microsoft OneDrive why because big Tech is collecting your data Google Apple and Facebook all perform facial recognition on photos you upload Google and Facebook have to pay for the free services they offer you how do they do that by eliminating your privacy and stealing your data from files you upload fortunately if you use ad Google phone then you don't get access to Google cloud services nor Apple cloud services but many of you want the convenience of the cloud a cloud allows you to access your data over the Internet with data not stored on your device and this convenience is very important to many yes you can backup your photos and documents to your home computer from your phone without using a cloud but what if you have to share these with many people in your house then it gets complicated the solution is to set up a private Cloud a cloud you can access from the internet but operates entirely at your house if you don't understand this solution though you can open up a security mess in your house it is not as simple as setting up some server at your house and opening it up to the Internet you'd be hacked like crazy today I will discuss a solution that uses a Synology Nas and I explain how to configure this in a particular way that offers security with the internet convenience but there are pluses and minuses to the solution this is not a sponsored video but solely based on my interest in weaning you off Google cloud and iCloud stay right there to learn about this private cloud sharing solution [Music] Naz means network attached storage in the most simplistic case you just attach this to your home network and you can freely access it there as remote storage all day as long as you're at home the apps are provided by the vendor of the nas but do you even need a navs you have to have clear objectives here or this is a waste of time if your intent is just to use your storage locally and you're a single user then don't waste time with a Nas and just get a portable hard drive like a two terabyte Samsung SSD and you're good to go setting up an asset is overkill for you let's change the scenario a little let's say it is important to access files and documents remotely when you are not home this is likely more common with a small business if you want access to your business files then a private Cloud you can access via the Internet is definitely beneficial to you if an entire family needs access to files and photos more often photos using a Nas is beneficial if you actively use iCloud Google Drive and Google Docs then you should rethink about switching to a Nas another main reason is to share password manager databases privately like a keepass database with your family this also becomes more convenient with a Nas there are other free Solutions like sync thing for example for just doing group backup as an alternative to a Nas and I have a video on sync thing with sync thing you can just designate one of your computers to be your backup device and everything is synced by Sync thing but for a more comprehensive solution and if you need more advanced software for doing automatic backups as well as hybrid backup Solutions then likely you need to replace that with a Nas in this video I'll be working with a Nas provided by Synology Synology is a leading name in Nas devices and it is frequently used in businesses this is a long established company and their Solutions are a lot more comprehensive than what I will describe here today we will focus only on home use in a very simple use case again with the objective of eliminating Google Drive and similar cloud services the device I have is a Synology ds223 which is an arm-based CPU with two Drive bays and on this model I've added two hard drives which will provide me with 12 terabytes of space with support for raid which I'll explain later at the moment this is listed on Amazon at around 249. I'll provide a link in the description for you in addition to the ds223 you will need two hard drives for this demonstration I got myself a pair of Seagate ironwolf 12 terabyte SATA drives which are great for use with nas devices I bought them for 189 a piece on Amazon I'll explain later why you need a pair but you don't need to spend this much you can get a one terabyte setup for around 35 dollars a piece so it depends on how much space you need the ds223 unit here has the CPU and motherboard which on this model is a real Tech arm CPU they also have the ds220 plus which is the Intel based version and that also has the advantage of having to ethernet ports in the back you can install the two drives without even using a screwdriver you plug in the power and the ethernet cable to the network and then you access the device through another computer on your network so you can configure it the way you normally configure your Synology Nas with more Drive Bays is that you have to allocate one half of your drives for mirroring using the technology called raid raid most of you should already know this Ray duplicates the data on the other drives so that if there's a drive failure you can just hot swap a new drive in and you are back in business The Raid technology will reduplicate the original content on the second Drive this prevents data loss in case of a hard drive failure this should be the way you use the Synology Nas so always understand that if you want 12 terabytes of storage you will need to get two 12 terabyte drives if you want to use Raid which I recommend so how do you use this Dash once you've set it up you can configure the nas using just a browser just go to your browser on a computer that is on the same network and on the browser you just type find Dot synology.com and this should bring up the Synology on your network assuming you have internet connectivity the software that's running on the Synology Nas is called DSM and it's running over BSD which is similar to Linux when you get to an advanced level you will actually find that you can install a lot of server applications that's common with Linux including apps like next cloud but for the most part I found that you don't need to worry about loading additional server apps in most cases for home use because Synology has provided plenty of solutions after you connect a Synology nav for the first time it will actually guide you through an installation process where you can configure it the way you want this takes a while to do so it's the very first step in the process this is also where you do things like setup users and passwords and things like external access over the Internet which I will get into later after the installation is complete you can actually start performing some functions for example you can upload files directly into Synology Nas using the file Station app which you see on the browser this app is fairly basic and everything is manual but it is simple and nothing is needed other than the browser and the NASA is considered like a separate machine so all interactions are done by upload and download processes for more automated processes like syncing and backup and shared folders you will need to install more applications on your devices here's just a short list of apps that are available for use on the Synology Nas for example the most basic thing you will likely need is the Synology Drive client this will give you automated tools like automatic syncing of folders scheduled and automatic backups and even sophisticated features like file versioning so you can look at changes you made to files historically now you can't just say you're going to install Synology Drive client there's also something you got to install at the nas side and that's the Synology Drive server and you'll find that in the packages where you install packages it also has support for team folder sharing so everyone can see changes and files at the same time this is like the Google Docs equivalent for a team of users there are other sophisticated applications here that are intended for businesses but for just basic access from a computer your primary goal is likely easy access to the drive and also automated backups and probably syncing some example apps on a computer that's useful would be the Synology chat client this allows a completely private conversation since it is done solely on your own server and can be accessed as I will explain later on the internet and without relying on third-party platforms now on mobile it's a little different typically the main use on mobile is to get access to the photo library and to do automatic backup of photos as well as view your photos remotely the way this is done is via Synology apps which you download from the phone's App Store I don't have a Google phone but I can see the apps on the Aurora store so the typical one you would need is access to files and access to photos for example I just did something simple and installed Synology Drive app and this connects to the same Synology Drive server and here I can automatically backup my photos as well as view the photos from my Synology server from any location now that you understand how to actually utilize the nas in a basic way let me discuss the internet side of things and the complications of this topic typically your home network is locked down so no external part you can access your devices this is done by making sure that all the IP addresses inside your network are not internet routable this is why your devices are typically given ipv4 addresses like 192.168.x.x or 10.x.x.x these are reserved non-rotable IP addresses routers handle the routing of an incoming data to these devices by translating the requests from the internet using a feature called nat or network address translation not only allows traffic if it is initiated from within the local network to the internet via an existing or established connection some random hacker cannot just break into your router and find your device since that will be stopped by Nat and the 192.168.x.x cannot be addressed on the internet this exact technology is what prevents internet access to the Synology Nas by default now I will tell you the wrong way to enable this which is ultra dangerous and requires Advanced networking skills you can override the typical Nat security by setting up your router to do port forwarding what this means is that if your device normally talks on a specific Port like 5000 on your land then you go to your router and allow Port 5000 on your router to connect directly to your specific device in this case whatever the IP address is of the nas Synology uses Port 5000 by the way this is an extremely dangerous thing to do it is commonly done with security cameras and what happens is that your cameras become visible to the internet and there are plenty of websites that show live streaming from cameras where the owners did port forwarding so for security and privacy reasons I never recommend that you ever do port forwarding I never enable port forwarding the old way that you would give access to a device from the Internet is to typically register your device via a dynamic domain name service and then do port forwarding on your home router the dynamic domain name service gives you a name to access so you don't have to memorize your IP address in case it changes this gives you direct access to your device from the internet but unfortunately it also gives hackers external access to the device if they brute force your password and of course there could be various bugs that could be discovered that could allow someone to override the security of a device if you allow access I'm spending a lot of time on this problem because this is a significant issue and fortunately on Synology they have provided a solution which by the way is the same solution I would have created anyway the solution works like this this is what Synology calls Quick Connect you enable quick connect in the DSM software control panel you give your device a unique label then you specify this in the setup of your Synology Nas and on each of your devices that need to access the nas you provide the same identifier and of course your normal Nas credentials then you are given two ways to implement Quick Connect you can use the Quick Connect relay service which is what you want and you have the secondary option of setting up port forwarding rules for a home user do not select this the safest way to access this is to enable the Quick Connect relay service option and I will explain the logic of how this works and also possible security issues which largely is not a concern for the average person the way this works the Synology Nas maintains the connection with Synology servers so while the internet connection is on a channel is made open by your Nas by initiating a connection with Synology as I mentioned earlier the way Nat works or network address translation at the router outgoing connections are allowed and are just fine but you cannot initiate a connection from the outside in this case the Nas is initiating the connection to Quick Connect this then has the effect of bypassing the gnat or as we tech people would refer to this you are punching through the firewall due to the connection being initiated by the NASA itself this should work even if you're on a VPN router although it is adding additional slowness to past Nas traffic through a VPN when there's no benefit since this is a private communication between you and your devices unless you're hiding your traffic from Synology itself so if you're on a phone at a remote location and you're using cell data and you then activate Synology Quick Connect what you're actually doing is establishing a connection with the middleman which is Synology then Synology proxies the connection for both devices so the devices think that they connected directly but really both open a connection with Synology advance and all you transfer the data from one port to the other as required this is a very simple way of doing a cloud that enables services at your home and serves it safely on the internet you still need to provide credentials to your ads for your Nas to respond and your nest uses its own certificate to encrypt the data the question is that is it possible to intercept the traffic between the Nas and your Remote device let's analyze this from a security point of view the transport from point to point is using TLS or https in your Nas device as I said actually generates its own certificate this should make the data on transport secure assuming you understand the typical limitations of TLS certificates as I mentioned in other videos not typically a threat to a normal person so I'm not going to worry about the transport side but since I don't know how the Synology relay operates typically https is point to point so the connection to the Synology is https the connection of the Remote device to Synology is https but the server doing the data transfer is transferring data in memory if this transfer is done using symmetrical encryption separate from TLS or if there is end-to-end encryption then it could be completely safe however I have no documentation that shows that this end-to-end encryption exists nor is there any indication of symmetric encryption on quick connect on transport on top of TLS is this a real threat for the average person probably not for a high risk individual it is something to consider if the data being passed or just simple personal photos then it is low risk if you're Jeff Bezos then it is likely high risk and I would likely avoid any internet connectivity and give up the convenience if you're passing business documents it may or may not be important to enable this but still this is a safer solution than doing port forwarding port forwarding leaves Synology out of the picture entirely and you control your own internet connection if you have an ID staff normally a business will not do port forwarding by will establish a publicly open area on the network called a DMZ and this is where public websites would also be running so having a Synology Nas in a DMZ is definitely something that would be considered in a business setting the Quick Connect solution is more hacker proof but not necessarily surveillance proof depending on how much you trust Synology for family use I would definitely go with the Synology Quick Connect relay service because you need to wean your family away from Google Drive Google Docs iCloud and so on and this is about a safe and option that still offers the convenience and minimizes the cyber security risk now one of the main disadvantages of running your own private cloud is that if there's a disaster that causes the nas equipment to be damaged then you may lose your data this is the primary value of a cloud-based backup fortunately you can still take advantage of this while ensuring privacy and security you can subscribe to a Synology hybrid backup service for an annual fee you can have your Nas back itself up to the Synology cloud but this is not the same as using a Google Drive your backup is completely encrypted at the nas side with AES 256 so the entire backup is encrypted at Synology so this is a safe method if you're running a small business this is very important for a less Mission critical environment you can just use a third hard drive of the same size then hot swap one of the drives in place and store it offside you can repeat this procedure on some regular basis and then you have a free backup but only as up to date as the frequency of this procedure to summarize a Nas device offering a private cloud is a really great privacy solution because you are totally in control of your data with no Reliance on big Tech if you're running a small business at your house I would consider this a requirement folks I have privacy products that protect your data so it will not be under the control of big Tech we have a Brax 2 privacy phone running on open source Brax OS that makes your phone invisible we also do flashing services to the Google other phone models on our store as well as talking pre-flash pixels we have a VPN service bytes VPN which has features like tour routing DNS obfuscation and ad blocking we have braxmill which is a metadata freeway of doing email where no one knows where the message originated from these products are on my app Brax me come visit us there the link is in the description thank you for watching as always and see you next time [Music] [Music] [Music] [Music] foreign

Info

Channel: Rob Braxman Tech

Views: 181,920

Rating: undefined out of 5

Keywords: internet privacy, tech privacy, privacy, de-googled phones, brax2 phone

Id: MqzkYEObpIs

Channel Id: undefined

Length: 24min 29sec (1469 seconds)

Published: Wed Mar 29 2023