One of my goals in the last few months was to move my

personal data onto a self-hosted server. To that end, I

spent a fair amount of time setting up a Nextcloud instance.

Then, yesterday, I learned that in 2017, the Nextcloud

developers scanned for all known Nextcloud instances and

reported those that were not up-to-date to ISPs and security

agencies[1]. I am one of those people whose ISP does not

permit non-business users to have a server, so the last

thing I need is Nextcloud reporting me. I won't even begin

to discuss what I think of them reporting users to security

agencies because this phlog would degenerate into a fury of

expletives.

I do understand what the developers hoped to accomplish.

They did not want to be responsible for insecure servers and

did not want their 'brand' tarnished by security breaches.

I get it.

But I think this is the last time I will ever install any

open-source software from an entity that has for-profit

leanings. They just don't get what open source is supposed

to be about. If I want to run an insecure server (I don't,

but if I did...) that's my business, and I don't need some

dev reporting me to my ISP and the local version of the

NSA/CSIS.

Anyways, I closed the router firewall port to my Nextcloud

instance and for now, it's only available on the LAN at

home. I'll probably shut it down and start syncing via USB

again.

Sometimes I hate the internet.

[1] https://www.reddit.com/r/selfhosted/comments/5ybmf1/nextcloud_scanning_peoples_owncloud_and_nextcloud/