@RegalPotoo Maybe I should have been more specific in the wording of my title.

No one planning on hosting public multi-user service that would see some serious traffic would probably benefit from hosting on a phone.

Someone who wants to simply run a single-user instance or their personal nextcloud? I think that's a real possibility.

@MigratingtoLemmy use a hammer to break the screen, control via adb :vlpn_happy_blep:

@benjohn @selfhosted 6-8 GB of RAM with powerful CPU and GPU that was designed to run games and can in some cases run small AI models is nothing to scoff at imho.

@selfhosted Update:

1. Just to clarify, the the whole point is that Android makes it easy for less tech oriented people to host small single user / family services.

It does not need to be perfect, have massive throughput or allow for massive amounts of read/write cycles.

If people can host their own media server like Jellyfin or note taking apps like Joplin instead of using commercial services by simply installing an APK on an old phone they can leave connected at home, that's already a big win.

2. Regarding device longevity, Android 13 apparently supports / will support full KVM emulation. Windows can be run if you have root while android based VMs are expected to be possible without the need for root. Since this type of virtualization allows VMs to run their own kernel, keeping the "server app" updated should allow the user to be protected even if the host OS is outdated as long as these server-app-VMs are trustworthy themselves.

@southsamurai Oh that's definitely a huge concern, but not just for self-hosting but for privacy in general.

But still, if the average joe wants to self-host something using an old phone is probably the easiest way to get them to try self-hosted alternatives and drop corporate / commercial services.

Maybe not the 'average average joe' such as my parents, but anyone who is minimally curious enough to do stuff such as registering a domain, setting up a game server for friends and maybe has opened the CMD windows console once or twice in the past following a tutorial. That kind of demographic (IDK if it has a name) might be much more inclined to self-host if it was as easy as installing an APK and letting your phone one somewhere at home.

Overall as long as Android doesn't become straight out malicious spyware itself, the benefit of dropping commercial alternatives might very well be a net positive. In a worst-case scenario, any tunnel / vpn configuration necessary to expose a service to the internet could also add an automated step to blackhole requests to google's tracking servers.

@fediverse I've read that this is called an overlay network. Unfortunately many of the ones I've seen documented focus on keeping things in their own private networks which is okay but not fun.

ULA addresses require no permission and were designed precisely to knit together private networks. We can just use domain names and convert them via checksum into a static ULA /48 prefix. DNS can be used to announce routes, or eventually something more BGP-like given that ownership of a domain can be verified and thus authorization to announce routes.

If domains ever become a bottleneck one could use private TLDs with some consensus mechanism and even create multi-layer networks this way where packmates.layer.1 and packmates.layer.2 are two different networks even though they might have the same address range.

Anyways, I'll go out and touch some grass now.

@Omniraptor ah yes! Probably that's why.
Actually the whole original post was sent via Mastodon.

I tend to write posts that I share to my Mastodon followers and then at the end I mention a Lemmy community if I believe the community would also find it interesting.

@leggylav @selfhosted OMG, yes, thank you <3

I finally feel understood now :vlpn_cry:

@despotic_machine thank you. This sounds interesting!

@breadsmasher I have no idea how Tor works. In this case I would say most peers would have no problem disclosing a public IP, but it could have benefits in making resources in a private network accessible and as long as the endpoint can be reached those resources would be hosting provider agnostic.

I would say this is less about hiding user activity than it is about logical networks, abstracting away the hosting provider and allowing to knit together self hosted services, regardless of where they are hosted.

@Omniraptor in theory Mastodon will show a "read more" button for longer comments. Top level posts sent from Lemmy often require clicking the link to view them in full and content isn't ordered by votes because they don't exist.

So, it's a bit messy to read Lemmy from Mastodon, but posting something and then replying to comments on that thread is really easy.

@AMS @selfhosted yes, hopefully we'll see an explosion in self-hostable alternatives that can be installed as easily as syncthing.

@nysepho @fediverse there would be routing without being peered directly by delegating your endpoint to another peer you trust (this can create an infinitely long routing chain depending on where you latch on so to speak, but you would be in control)

I want to give a shout out to the SFW Feral Art Bot on Mastodon/Fediverse @feralbot and @animalshapes, an incredible artist that I found this week.

Also, on lemmy I've been digging !tech@pawb.social a lot. And !animals@beehaw.org is a must for a daily dose of "aaaaw".

@chat

@ahoyboyhoy @selfhosted Nice. I remember trying it out once. Actually I might use that to follow my own advice and self-host at home once I retire my current phone.

True, I haven't had the need because I know how to run stuff on a server, but for personal files it's probably better to host things at home.

@TCB13 I'm not an expert in the matter but I wonder how large the attack surface actually is for a web service that has a single port exposed via a tunnel which can even contribute to doing some security filtering.

The application / server component can actually be updated since it's just an APK. And someone else in this thread actually linked to whole linux distros that can be installed and run without root. In theory even if the underlying OS is insecure, more secure OSes can be installed on top, or risk can be severely limited by only exposing a single port.

Basically, while flashing a new ROM would be ideal, I think there's likely a way in which a sandboxed and possibly even updated environment with updated TLS cyphers, CA stores, etc... can be run in a secure manner on top of a stock Android ROM.

Furthermore, developers packaging their apps into APKs could run security checks and by the time it says "your OS is insecure" you're already on your third phone and can host stuff on your second. I mean... Android phones are in their prime for two/three years at most in my experience :P

@ahoyboyhoy @selfhosted How old is the phone and what version of the OS are you using? I was under the impression that modern phones bypass the battery when connected to the charger and having full charge.

Regarding limiting the charge, I believe there's some software calibration you can do which would allow you to set it to 50%. I'm no expert in battery or repairs at all, so someone else might have a better idea.

@gzrrt @dl007

The biggest problem with GPT-4 is that it's severely restricted.

I believe that AI's next big change will be model optimization and open source models will be able to catch up.