droolio

announced

What announcement? There's been a new Personal Plus plan around for several months already - introduced without much fanfare, and simply brings the user count from 3 to 6 for a fixed small fee. Presumably this is due to feedback from personal users wanting to contribute something other than nothing.

Where do you see the free Personal plan has changed at all?

custom domain

From what I gather, this refers to the email address you sign up with.

If you use something like a non-gmail email address when signing up, it starts you off on the business plan with a trial (which you can instantly change to free). (Note: they're gonna change this auto-detection thing with shared domains soon due to a security hole.)

I believe you can still use a custom domain (instead of the randomised *.ts.net provided one) with DNS lookups in your tailnet, on the personal (free) plan.

Dunno about Posteo or Mailbox but couldn't really recommend a dedicated email provider as I alluded to earlier - cPanel gives me complete control, although it's your own responsibility to set up mailboxes and configure it how you like. There's a way to create a filter to give yourself a catch-all email (use a unique email address when signing up for things), and I turn off SpamAssassin as I prefer 100% deliverability and no false positives. If an email address 'leaks', I can simply blackhole it in cPanel.

Used to use Namecheap for domains but now Porkbun (much cheaper). Been using KeePass for a number of years too, but switching over to Bitwarden imminently. :)

The point is not to self-host email (not entirely anyway; you'll always need an SMTP relay with good IP reputation, e.g. mailgun), but you can use a regular web hosting company and buy your own domain there or separately via porkbun etc.. Your bank won't have a clue what email you use, you're just paying a web hosting co. / domain registrar.

I kinda wish more people would look beyond the big email providers that rely on proprietary apps and tech. Email is a set of open protocols but it was never designed to be secure and never will be. Proton et al can only offer e2ee within its boundary (GPG works just as well if you really need it) - for everything else (most stuff), it's pretty pointless to try harden that.

For the last 26+ years, I've been hosting my email on simple cPanel, with my own domain name, 100% managed by myself. I have a catch-all / wildcard mailbox, get almost no spam (and can blackhole any address that leaks, as they inevitably do), and can access it in my own way (Roundcube, Thunderbird ftw.)

Right now, I use old-fashioned POP3 (so it's deleted off the server), but could if I wanted, set up a local IMAP server with something like fetchmail and chain it together for more privacy and convenience. (Remember, you're never gonna approach ee2e levels unless it's in a proprietary system.) The most important thing; since the hosting company is responsible for email delivery, they use reliable third parties (think mailgun, sendgrid, brevo etc.) as part of the package.

Total control, cheap, and don't ever have to rely on a big tech company (or a CEO getting political).

Do ignore me then, I assumed you might know the reference and only I mean't it in good humour. :) (Without spoiling anything - in the unlikely event you might some day watch it - Mr Milchick is a character that uses 'big words'. Your choice of words struck a chord.) I will say though, you're seriously missing out. The cinematography alone is brilliant and the acting exceptional.

As you were, Mr Milchick.

More than just a traditional VPN. @[email protected] was concerned about security and it being always-on. Tailscale is an overlay network that links devices directly, deals with authentication, punching holes through NAT.

You're limiting yourself somewhat if you're not able to plug in multiple drives at the same time. Otherwise, I might suggest mergerfs for basic JBOD. You won't be able to use a single ZFS to avoid bit rot - only detect it. SnapRAID - ideal for offline setups - would be the next step up if you could dedicate one of your drives to parity.

In your position, I'd do Duplicacy backups split/spanned over multiple backup drives (however you connect them).

It has a pretty cool Erasure Coding feature that protects individual chunks from bit rot and possibly even bad sectors, plus the whole database-less architecture makes it very robust. De-duplication, high levels of compress, and encryption. Plus you can keep historic snapshots, so you can avoid the risk of accidentally sync'ing ransomware over the top.

Edit: the CLI is free for personal use, and is source-available. Written in Go and extremely performant.

my dad and I both have hypervisors. Any suggestions on how to share backups without a vpn?

Just use Tailscale on the devices instead of VPN. Secure and no faffing around with port forwarding.

Crazy. Though I suspect the copy protection is done by the third party Termly, which hosts the policy.

To select the text (in Firefox), first right-click This Frame > Show Only This Frame. Press F12, expand , find the second block, right click it and Delete Note.

Multiple backups may be kept.

Nice work, but if I may suggest - it lacks hardlink support, so's quite wasteful in terms of disk space - the number of 'tags' (snapshots) will be extremely limited.

At least two robust solutions that use rsync+hardlinks already exist: rsnapshot.org and dirvish.org (both written in perl). There's definitely room for backup tools that produce plain copies, instead of packed chunk data like restic and Duplicacy, and a python or even bash-based tool might be nice, so keep at it.

However, I liken backup software to encryption - extreme care must be taken when rolling and using your own. Whatever tool you use, test test test the backups. :)