If you live in a region where they operate their own data centers, you will be running on Apple data centers. If not, you're running on a mix of Google Cloud and AWS (IIRC). They used to use Azure as well, but I think that's no longer the case.

In any case, your data is encrypted (by Apple) before being uploaded to Google or AWS, and only Apple has that key. Whatever E2EE encryption you use will be applied on top of that.

I live near the Danish Apple data center, and pretty much all my iCloud traffic goes there, with a small fraction (<10%) going to Stockholm, which has both AWS and Google data centers, so I assume they're using both for geographical redundancy (erasure coding)

It gets a bit more fuzzy once you start moving into Movies/Music/TV/Billing/whatever as well as their backend services for the store and monitoring.

Most of the time it's a question of trying to apply "death by a thousand cuts" to their codebase, which works well enough as long as you're in the periphery, but eventually they start moving into "core business", you know that entangled mess that has 60 years old code that still runs today, and they realize they need to rewrite all of it, which will take a long time, and cost a lot of money, and they forget about it again for a few years.

It's the same problem everywhere with large and old codebases. You can easily amputate a tentacle here and there, but as soon as you get to the core of it, it is basically one giant monolith, and with age there has been added loads of "integrations" or "shortcuts" between various subsystems, and nobody in the company today has any idea why it is like it is, it just is and it works.

A bank I used to work for had somewhere around 50000 batch programs running nightly. Some were the same program running multiple times, but at least 20000 were "unique" programs. All of those programs had to fit like pearls on a string, each working off of the output of the previous program in the chain.

Untangling that mess is like peeling an onion one layer at a time, with the added bonus that the output of one program might be the final result for some report, and at the same time the input for some other program that needs to do something else.

Add to that, that there's no inherent problem with the mainframe or COBOL. They both work, and reliably as well. Both can push some serious IO through the system, loads that many x86/x64 builds would struggle with.

The conventional answer to IO problems is eventual consistency, which doesn't really work well with finance, at least not if applied broadly. You can get some of the way with slicing / partitioning, but you will still have to deal with a lot of traffic between partitions.

You can get something like NextDNS for $18/year, which is probably less than what you pay for the power required to serve Pihole or Adguard Home, and you get enterprise level infrastructure for it, along with redundancy, and it works "everywhere".

Yes, you (probably) need a caching resolver at home, and that could be Pihole or Adguard, but going through hoops to setup Wireguard and have all DNS resolve over that, just to reach pihole at home, that sounds like overkill.

Anyway, In case it's not obvious, NextDNS is how i roll, using a "stupid" caching DNS resolver at home.

If not, DNS4EU (https://www.joindns4.eu/) is free for personal use, and has no quota, and offers various endpoints for malware protection, adblocking, and other stuff.

Maybe that's what you ask: NextDNS has:

- 50+ blocklists ready to use (including Easylist, Adguard, HaGeZi, Energized). You enable the ones you wish to use

- Many privacy options you can enable, including Disguised Third-Party Trackers (TIP), CNAME flattening

- Many security options you can enable, including Cryptojacking, Google Safe Browsing, IDN Homograph attacks, Typosquatting, dynamic hostnames

- Ready-to-use application-based and category-based allowing/blocking

- Custom blocking options such as allowlists, denylists, blocking certain TLDs, custom rewrites

It also has:

- Option to "Bypass Age Verification"

- Option to keep logs (in EU, Swiss or US) or not

- Free to use up to 300,000 queries / month

- Multiple profiles for different clients

- Supports virtually all browsers and all OS, desktop and mobile, either via its official app, configuration profile (iOS), or IPv4, IPv6, DNS-over-TLS/QUIC, DNS-over-HTTPS

> Can you setup custom filters on the free solution?

No, but as the other person replying said, there's a huge range of built in filters and I've never felt any need to customize them.

EDIT: just spent a few minutes looking over the DNS4EU website. I can't see any configuration options at all. They just have 4 basic levels (standard, child protection, ad block, or unfiltered). So it appears less useful than NextDNS. Where did you see the ability to add custom filters?

The biggest hassle was making sure the world can't hit it (though it's not UDP 53 so it's not an amplification vector anyway) but only local NZ IPs, which I did with GeoFilterig on my router.

That's why i setup a local caching resolver. RTT to NextDNS in Denmark is ~10ms, and RTT to my local caching resolver is 1-2ms, so yes, it's quicker, but my caching resolver is essentially just what my router offers (Unifi), with NextDNS as upstream (DNS over TLS).

"I just have an always-on AdGuardHome"

I've self hosted for 20 years, i honestly can't be bothered anymore. The power consumption of self hosted hardware alone costs more than the equivalent, better, service in the cloud. NextDNS is $18/year, thats 51 kWh at €0.35/kWh. 5W for a year is 43.8 kWh, which is roughly what a Raspberry Pi 3/4 uses, so for just €2.5/year i can have enterprise hardware and massive redundancy with zero operational risk compared to running on a single RPi at home.

Yes, i'm aware you can run better hardware with more services, but that really only makes the problem worse, both in terms of power consumption, but also in terms of TCO with hardware costs, as well as cybersecurity.

For most people, running in the cloud is cheaper than self hosting. If you have less than 5-6TB of data, the cloud will also be cheaper. After that the math starts going in the favor of self hosting, but year for year the amount of data you can store in the cloud cheaper than at home keeps growing. Yes, the cloud prices increase, but so does the price of harddrives and other hardware.

"but only local NZ IPs, which I did with GeoFilterig on my router."

I know geofiltering is usually security by obscurity, but it does keep the worst bots away, and i used to use it as well (when i self hosted). It cut down dramatically on the various "drive by shootings" by random bots constantly pinging various ports.

I also wrote here: https://news.ycombinator.com/item?id=46191045

It's basically setup so that i have my internal machines registered in NextDNS as rewrites, and Wireguard is setup to route anything for my internal RFC-1918 network, ie. 192.168.1.0/24, so when NextDNS returns 192.168.1.5 for "host.mydomain.com", it will go over wireguard.

The advantage is that i can keep the tunnel up 24/7, and it has very little impact on battery life as normal requests simply go over the internet.

Host AdGuard on a VPS (same one as the VPN?). Then you can use it from everywhere.

For everybody else, $18/year vs $5/month for a VPS should be an easy choice.

They contribute a lot to the open source community, and their engineering blog is always a good read. Granted, not many people will benefit from their specific type of problems, but for those of us that work with large scale infrastructure, there's often inspiration to be had.

And no, it's usually not directly applicable in a financial setting. Most of the time it's actually the exact opposite, where Netflix thrives on distributed loads, eventual consistency, etc, finance is a lot more reliant on "real time" events.

It was last used to convict a murderer of the murder of Emilie Meng (https://en.wikipedia.org/wiki/Murder_of_Emilie_Meng). At the time, he had kidnapped a 13 year old girl (IIRC), that he had sexually assaulted for 24+ hours, and various dashcam recordings were used to piece together what had happened. He was also convicted of attempted kidnapping of a 15 year old girl from a school.

They found the 13 year old in his home, so not much doubt about that, but the other two cases were partially proven with phone metadata logging, proving he had been in the area at the time.

In the light of that, it's hard to disagree 100% that it's a "bad idea". It's a question of balance I guess, and the mass surveillance proposed in ChatControl is way out of balance. Not only does it scan in the background, it also scans for things that are unknown to you, and alerts authorities without alerting you. That's the perfect tool for facist regimes to get rid of political dissents.

Realizing that is the first step to having any kind of productive discourse, much less a chance of influencing the outcome. It's also the step I see most commenters in discussions on this and related topics here, are unable to take.

But then, the follow-up step is:

> the problem is that these laws use the marginal benefit as an excuse to institute something that actually has massive downsides

Are they marginal though, and are the downsides that big? Or does it only seem that way from our armchairs, as we debate computer philosophy and look at the world as a diagram of interacting systems, instead of, you know, the real world?

I'm not saying these particular regulatory ideas are good - I just have a problem with this assumption (not even implicit, it's often outright spelled out here), that it's some evil elites that try to strip us off our privacy and freedom, and keep trying to push the same laws hoping to catch our vigilant protectors off-guard.

Truth is, there's plenty of people who push for these things because they actually think of the children and honestly think these are good trade-offs, and they may be even more right than we are. They definitely sit closer to the real world and real people, real problems and real policing, than we do. They may be fatally misguided, too, but we won't achieve anything unless we try and see their perspective and honestly address the issues they're concerned with.

Mandate that every resident of the EU wear a certified, union-approved, scanning head-band that monitors the resident's brain for violent, racist, subversive or even "offensive" thoughts using state-of-the-art AI and supporting algorithms.

Authorities are notified immediately and are granted auto-approved warrants. Judges get notifications on auto-sentences that include mandatory re-education to heal such delinquents. Obviously, the system will include the vital and necessary exemptions - politicians and friends of the party, top campaign-donors, favored minorities and cartels, etc.

Every Resident will be made Safe and Happy! This will lead to the establishment of an utopian state - the ultimate paradise on Earth! "Privacy", today, is a nasty detriment that is holding back the Progress of Civilization.

Both have been "status quo" for decades, and subject pretty much everyone in the western world to significant, continuous surveillance. We can discuss whether it's desirable, but it's been like this for a while and people very much like benefits both provide.

Your phone (GSM anyway) continuously reports back to the cell tower it's connected to, the strength of every other cell tower it can "see". The cell network, not the handset, decides which is the better cell tower for your handset to transfer to, which is why this information is being sent in the first place.

That information, the strength of cell towers, along with the knowledge of exactly where a cell tower is placed, can be used to triangulate your position down to a few meters in crowded areas with many cell towers. It's also how your phone establishes its position without GPS.

Besides that, you probably also have a handful or more apps that tracks your location within 100m constantly.

Your location is already known to your mobile operator, to your phone OS manufacturer, to various social media services, and more, including the government/law enforcement on request (maybe, or they have permanent access, who knows).

Any time you buy stuff with a debit/credit card, the details of that transaction is known to your bank, your card provider, tax authorities, including where you bought stuff, and by request, authorities

Money that goes into your bank account is also known by your bank (obviously), by tax authorities, and by request, authorities.

Your ISP knows who you talk to, and can easily log metadata about which sites you visit, even if you use a secure DNS, and in most countries, authorities can request (metadata) logging from your ISP, which you'll never even notice.

During COVID, health authorities started analyzing sewage to estimate how much the virus had spread in various communities, and some places they were down to street level accuracy. Obviously that gets a lot more diffuse on Manhattan than some rural city with 400 people in it, but you pretty much can't fart without anyone knowing it.

We are already under constant surveillance, whether we like it or not. I don't mind as much as long as it's used retroactively, but the ChatControl proposition would be proactive instead. It would scan your texts and report if it found something "suspicious", with the caveat that you as a user don't know what's suspicious today (or tomorrow). The list isn't public, and you wouldn't get notified that someone had called an adult, not until someone comes knocking on your door.

Their plan is/was to use AI, and we all know that ChatGPT never gets confused about anything, so that sounds like a great and ultra consistent plan. Most things require context. I might be angry because some kids gave me hard time, and write "fuck all children" to someone, but the anger isn't evident in the message, only the literal message, which I agree might be interpreted as something else (deliberately). This would then (probably) result in a notification for human review, a task that would fall to the operator of said service, so now Meta, Google or whomever has a legal justification for reading my messages looking for context, and I can't see any way that could go wrong. The other option was for law enforcement to read the messages, and while they're probably a bit more trustworthy in terms of privacy, I doubt we want to staff up our law enforcement offices by a factor 10 to read peoples messages.

The list could also be updated behind your back, so for totalitarian wannabe regimes, it could be used to pinpoint exactly who is organizing all those darned protests.

- The data was collected in 2016, and was used in 2023 - a retention period of 7 years, way longer than the specified maximum of 2

- I'd argue that the basis of lawmaking is weighing the advantages versus the costs - supplying partial evidence in a case once a decade does not meet the requirements for introducing mass surveillance with infinite retention

The police work was sloppy, the facts as they stand are:

- The guy was on a list of 1400 or so of suspects, and was convicted of abducting a 13yo in 2023, a different crime. It bears mentioning that the town had a population of 5k and the municipiality 63k, halving that just to count the men doesn't give you a short list

- A white car was seen at the 2016 scene of the crime, suspected to be a Hyundai i30, but with a degree of uncertainty, just to illustrate how uncertain they were, the article mentions the police confiscated a white van

- The guy owned and sold his 2016 Hyundai around the time

- Thanks to Big Brother dragnet perma-retention surveillance (mobile cell info), it was established that the guy was in the area (a train station!) of the 2016 crime at the time (which is a large window considering the exact time of the disappearence of the first girl is not well known)

From this it's unclear to me whether the same guy was the perp in the 2016 and 2023 cases. If he was, I'd argue the dragnet-collected evidence is only circumstantial. I feel like it was possible that the police wanted to pin the crime on him as they had an expectation to catch the 2016 killer and he was obviously a pedo.

Even if he did it, I'd say the digital evidence was neither necessary nor that important in convicting him.

Normally, when there's an ongoing police investigation, the police can either request and retain a copy of the data, or request the holder of the data retain it until "further notice". I'm assuming that's what was going on here.

"If he was, I'd argue the dragnet-collected evidence is only circumstantial."

The phone logging was not conclusive evidence, only used to establish that he had been in the area. They found various artifacts in his house, like a roll of duct tape with the dead girls DNA on, that he explained he had found while walking around the lake, the same type of duct tape used to bind the girl. They also found various other items with the girls DNA on.

They used the logging data to establish his whereabouts for the night in question and compared it to his statement of where he'd been. They also used various financial transactions, like buying a cup of coffee with his credit card at a gas station, etc.

In Denmark, DNA cannot be used as a single evidence, only as supporting evidence, and the same goes for phone logging. But combined, if your location data says you've been there, and your DNA is found at the crime scene, even though it may not by itself be enough to get you convicted, it makes all other evidence much more believable.

Establishing that both the perp and victim was at the same train station some time during a longish window time doesn't mean jack.

As for DNA I'm not a criminology expert, but if courts don't accept it as conclusive evidence means there's something wrong with it - courts have a long history of accepting official sounding bunk ('expert' witnesses, polygraph etc) in order to manufacture evidence to their conclusions.

Anyways I don't want to detour from my main argument that even from the official PoV the phone evidence is very weak, I'd argue it's meaningless, and using this as justification as mass surveillance is a counterargument if anything.

Though I can imagine it's incredibly easy to deliberately misrepresent it as 'we used digital records to catch a pedo murderer' by dishonest supporters of the policy.

There's a law that prohibits all video monitoring of public spaces, and a register where you must register your video cameras if you're a business owner. Video surveillance in Denmark has a maximum legal retention of 28 days, unless there's an ongoing investigation.

Considering that dash cams mostly monitor "public spaces" and are moving around, the legality of them have been questioned multiple times. They are however also becoming more and more common, so I'm guessing they will eventually be allowed with a relatively low retention, like 1-2 days, enough to get footage off of them in case of a crash.

For reference, the UNAS Pro comes with 10G networking, and will deliver roughly 500MB/s from a 4 HDD RAID5 array, and close to 1GB/s from the SSDs (which it never gets a chance to do, as I use them for photos/documents).

My entire "network stack", including firewall, switch, everything POE, hue bridge, tado bridge, Homey Pro, UPS, and whatever else, consumes 96W in total, and does pretty much all my family and I need, at reasonable speeds. Our main storage is in the cloud though, so YMMV.

I know that's not true. I say this as someone who measures the power consumption of individual components, and even individual rails with a clamp meter. The OP measures an idle power of 67W. He has 6 x 8TB HDDs. These typically consume 5W idling (not spun down). So the OP's NAS without drives is probably around 37W.

A UNAS Pro without drives reportedly consumes 20W with no drives. Adding 4 x 8TB at 5W per drive, means your UNAS Pro config with drives probably idles at 40W (again, drives not spun down). That means you are 17W under his NAS idle power. So you claim your remaining hardware (Mac mini, 4 APs, 4 cameras) run in under 17W... Yeah that's not possible. 17W is peanuts; it's half the power of a phone's fast charger (~30W).

PS: for the OP, an easy way to further reduce power consumption is to replace your 500W PSU with a smaller one, like 250-300W which is still amply over-specced for your build. Because the typical efficiency curve of a PSU drops sharply at very low loads. For example at idle when your NAS pulls 67W from the wall it's very probable it supplies only ~50W to the internal components, so it's running at 10% load and it's only 50/67 = 75% efficient. The smallest load for which the 80 Plus Gold standard requires a minimum efficiency is 20%. If you downgrade to a 250W PSU you are enforcing a minimum 20% load for which the 80 Plus Gold standard requires minimum 87% efficiency. The load at the wall would thus drop to 50/.87 = 57W thereby saving you 10W.

So ~75W in total for everything PoE, Mac Mini and UNAS Pro. I was 8.5W over, so remove the Mac Mini from the equation.

The rest of the consumption (21W) is made up of a UDM Pro with a 4TB WD Red, USW Pro Max 16 POE, Hue Bridge, Tado Bridge, Homey Pro, and a Unifi UPS Tower.

and yes, that's at idle (drives spinning). It does rise to 120-130W when everything is doing "something".

As I suspected :-) Also note that by measuring "36W POE consumption" you are excluding the AC-DC conversion losses from the switch's PSU which further makes the comparison a bit unfair. IOW your POE equipment draws more than 36W at the wall.

The only fair comparison is looking as only your NAS idling with drives (35W you claim, and I still believe it's closer to 40W) vs the OP's NAS with 4 drives (which should be 57W, or 67W minus 10W for his two extra drives). Then if the OP used a better sized PSU he might cut out another 10W or so (see my "PS" above) then you are comparing your 35W (or 40W) with his 47W which of course is still in your favor and a testament that Ubiquiti did a great job optimizing the UNAS Pro. But this 12W (or 7W) difference hardly matters for someone running a single NAS at their house. This extra power is around $1 or $2 monthly at average US domestic electricity rates.

I'm aware of that, but the wall measurement is still 96W before the UPS, so it's basically just pushing numbers around the same budget. The switch is the only place i have to measure "poe power consumption", so i quoted that number.

"35W you claim, and I still believe it's closer to 40W"

I have 4 x 8TB WD Red Plus drives in there, quoted by WD to be consuming 3.4W idle, so 4x3.4 = 13.6W, and a couple of Samsung QVO 8TB drives, which idles at ~45mW. Assuming the UNAS pulls 20W by itself, adding the drives lands us at 33.7W, right in the ballpark of my measured 35W.

Part of my "astonishment" was also that i run my entire "infrastructure" for 30W more than OPs NAS idles at (66.7W vs 96W).

And yes, 7W is probably peanuts, but when you're paying €0.35/kWh, it all adds up. I came from a full self hosted setup, proxmox, multiple NAS boxes, etc, and was using ~350W idle, when power spiked in 2022 to €$1.12/kWh (peak pricing, 17-21, with an average price some days of €1/kWh). I initially turned everything off, and with just the Mac mini, router, switch, APs, cameras, various hubs, i was at 67W.

The UNAS has been added since (after power prices stabilized), which took the idle power consumption to 96W. And no, the UNAS is not pulling 29W. I've removed a couple of cameras, replaced a couple of APs, even removed an AP, so it's not direct comparison, other than in terms of total power consumption for price comparison.

About 10x difference in CPU performance, 4x in RAM, zfs vs btrfs, quicksync, kubernetes/docker etc.

Doesn't make the unify an inferior machine - it just reflects a narrower specialized focus on serving files...and yes does so with lower idle draw.

My setup, UNAS and Mac Mini M1, with 10Gbps networking, will easily perform as well as the NAS in question, but the Mac Mini only uses 4.6W idle, making it much more efficient.

As for ZFS vs Btrfs, they're about equal unless you're doing some very specific things. For most normal server stuff or NAS stuff, Btrfs is every bit as competent as ZFS. Snapshots, compression, RAID1+, recovery, bitrot detection, they're pretty much equal. ZFS as an advantage with RAIDZ1/2 as Btrfs apparently hasn't managed to make RAID5/6 stable in the past decade. You can however run RAID1 across multiple devices with multiple copies, which is not quite the same, but also not terrible.

The RAM usage of ZFS is also largely a myth. Yes, it will use RAM if available, but that is mostly because it was designed with it's own file cache, which was probably fine on Solaris, and to some extent on FreeBSD, but Linux uses a shared block cache, and instead of files being cached in the shared cache, ZFS will cache them, making it look like it hogs RAM.

I regret commenting at all...

Are your drives spun? 70w is a pretty low bar. The nas by itself is probably 40w with drives, Mac mini is another 7-10w (especially at wall) and now we are at 50w, so 20w left for 4 AP and cameras

All in all the total consumption at the wall is 96W, but as i have written in another comment, i was 7-8W off, meaning the quoted setup of mine uses 7-8W more than the 66.7W OPs NAS idles at.

It's part of the 3-2-1 backup setup, but where other people have their "offsite backup" in the cloud, I keep my working copy there, and have backups at home.

I outsourced operations of it though. I have self hosted for decades, and for the first time in 15-20 years, I'm able to take a vacation and not bring my laptop in case something breaks.

As for main storage, as was probably evident from my comment, I don't have 30TB of cloud storage. We have our important stuff in the cloud, and "everything else" at home, but nothing at home is accessible from the internet unless you're on a VPN.

As far as the mass surveillance scanning goes, it has completely been removed, and what remains is still the mandatory age checks, which might be problematic.

From reading the specification, it appears to be reasonably well designed, where identification is handled by authorities, and the requesting party cannot get your identification details, only send an "is the user of this session older than 18". The verifier cannot see which site the request comes from, and you identify yourself in the session, and a reply goes back to the requester with a "yes/no" answer.

So, it at least appears to be simply an age check, and not some sort of surveillance program to stalk your online browsing habits.

All "fingerprint" tests I've run have returned good results.