Please no. Phones go into tunnels, run out of battery, and go indoors where there's a poor signal or none at all. They make terribly unreliable servers. Not to mention how much faster this would chew up battery life.
If you want to keep a spare phone plugged in all the time in your closet, connected to Wifi/Ethernet, and hack it to be a webserver, then go ahead. But webservers on mobile devices, being used in a mobile way, are a terrible idea.
Nobody is saying that everyone should host websites on your phone. The author is saying you should be able to, if you so choose. Android and iOS put restrictions on what applications on a phone are able to do, often for arbitrary reasons.
You can't hack a web server in your closet to run on port 80 without jailbreaking your phone/unlocking the bootloader and rooting your phone, and I can't really think of a reason why that should be. It's not as it Android and iOS come with important http(s) servers out of the box, why shouldn't port 80/443 be available to apps?
Unrestrained webservers on phones is an edge case that would certainly be abused by all sorts of crapware while being a very uncommon usecase for mobile devices at all.
I'm assuming the best intentions from you but I'd like to point out two things:
1. When discussing human rights (which apply to technological freedoms) reducing a need to "an edge case" is the basis of marginalization, defined as "treatment of a person, group, or concept as insignificant or peripheral". Therefore, it is never appropriate to rely on such language to prove a point, especially when we are discussing software which had to go out of its way to restrict freedoms.
2. It's an incredibly slippery slope to use "crapware" as a justification for reducing the freedoms of the individual. Criminals will find a way, do not create a hostile user experience.
I've never heard an argument before that the ability to host a personal website on a cellphone is a human right. But, by using this phrase, you seem to be assuming your readers already agree with you that human rights is what we are discussing. As a rhetorical device, that may be effective at getting someone to back down for fear of being labeled as anti-human-rights, but it is not effective at persuading someone of your implied thesis. I'd very much like to hear such an argument connecting cellphone websites to human rights.
> I'd very much like to hear such an argument connecting cellphone websites to human rights.
The argument is that individuals must have the right to modify their devices as they see fit, barring some reasonable FTC radio restrictions which are necessary to enable fair use.
You can argue that nothing should compel a company, in a free market, to provide such a device. But the nature of human rights is that they must be defended vigilantly, or the entire industry and government will slowly move to exploit people.
If you do not guarantee freedom of speech, companies will restrict it. If you do not guarantee freedom to repair or modify a device, companies will restrict it. At some point, these practices become inescapable for the end user and they effectively lose these freedoms while entirely skipping due process and the court of law.
And yet, can't you do that (modify your device) at least on Android? Sure, maybe it means jailbreaking the phone. But as far so know, that isn't illegal.
It's not guaranteed, and increasingly it is difficult to find devices which support this. In general the computing industry seems to be converging on locked-down ecosystems.
Rights must be enforced, not left up to corporate goodwill.
Most simply, you could start from the view that is the basis of English common law - that which is not explicitly forbidden is allowed. Your rights are not given, they exist prior to law, it is only for law to help define them for the purpose of upholding them.
Hence, freedom is the default position, the default human right. What needs to be justified is the restriction, not the freedom. Without good justification the restriction should be removed. An example of unjustifiable restriction is "criminals may use it", as:
a) your freedom should not be impinged on by the actions of others, especially malicious ones, and
b) you are presumed innocent (the second, perhaps only in order of mention here, great principle of English law, if not culture. One that is sadly being undermined).
It might feel good and noble to chide people about this stuff, but this type of hyperbolic, exaggerated grandstanding is THE reason why our society is so polarized. It is absolutely NOT slippery slope to human rights violations to talk about edge cases or to make tradeoffs. Escalating everything to such high stakes makes discussion and compromise impossible.
>feel good and noble to chide people about this stuff, but this type of hyperbolic, exaggerated grandstanding is THE reason why our society is so polarized.
> It might feel good and noble to chide people about this stuff, but this type of hyperbolic, exaggerated grandstanding is THE reason why our society is so polarized.
I'm sorry, but what are you doing right now if not this?
Everything that might be useful to a marginalized population should not automatically be used to rhetorically beat someone over the head in this sort of discussion.
Humans rights pov to this were not remotely part of the discussion. If you have one you think is relevant to the discussion then introduce it. The way you have tried to do so here is in the tone of “I know you think you’re trying to help but clearly your attitude is part of the problem.”
This might be acceptable if phone-hosted websites were already a well-known humanitarian & human rights issue and therefore marginalization a potential problem. As it stand though it just seems like you’re twisting the meaning of “edge case” into something that it is not.
The issue is that we must enforce these rights within the market, or we circumvent law. "Freedom of speech" doesn't matter if the user can only choose from market participants which restrict speech. There is absolutely no guarantee that "the free market will sort things out" as so many believe. The only guarantee must come from corporate restrictions which enable individual freedoms.
You could argue John Deere shouldn't be required to sell you a tractor which you can repair at home. But if you don't require that, they won't, and you've chosen to prioritize corporate needs over individual needs.
But the option is there, rooting. As long as that is reasonably available I don't really see problem. Of course the seven hells of apple ecosystem is another matter
You can argue all you want about what the normal joe shmoe should be able to do but most joes shmoes will use that to hurt themselves more than help.
Limitiations are essentially OSHA of computing, by making it hard to do the wrong stuff it makes most people least likely to hurt themselves.
> But the option is there, rooting. As long as that is reasonably available I don't really see problem.
The option is there on some phones, and that with caveats; lots of phones don't let you root them, and even if you can they'll artificially break things (like sony degrading the camera, or any app that refuses to run if it realizes it's on a rooted phone)
> But the option is there, rooting. As long as that is reasonably available I don't really see problem.
Well, it's not reasonably available. The number of android phone manufacturers that still allow bootloaders to be unlocked without significant friction is pretty small, and hardware attestation is slowly killing the whole rooting/custom rom scene since phones with unlocked bootloaders can't run many apps.
i’ve never heard someone say that it’s a human right to run a webserver.
i understand that you want to own the stack on your tech, and i would argue that if custom OSes were allowed, that fulfils that need. it’s not apple or google’s responsibility to let you do anything with their OS, in the same vein that you often are limited by stock router firmware or what’s on your ps5.
as phones are hyper-personal it makes sense people want more control, but most average users do not. and as someone who works closely with smartphone tech, i want it to just work and i don’t want to worry about whatever nonsense is enabled by disabling security or os-level by guarantees.
just get a fairphone or whatever. it’s not a human right to force tech companies to embrace your vision of computing
Almost comically hyperbolic. Today, you do have a right to host anything (within reason) you want on anything you own. You can’t be arrested for jailbreaking your phone, and you have every right to buy alternative devices if those don’t suit you.
Calling this a human rights issue is like calling your ability to order a sandwich for lunch a human rights issue
Exactly. If we established all law based only on what we currently observe, without considering future implications, then we would fundamentally only be a reactive legislative system and not proactive.
> Calling this a human rights issue is like calling your ability to order a sandwich for lunch a human rights issue
No, that is a gross misrepresentation. The simple fact is that if you don't require the right for a user to modify their general computing hardware, that right will never be awarded systematically, and will in fact be repressed. It's the definition of a slippery slope, because anything can be justified from that point.
Is the right of a handful of people to run a web server on their phone more important than the right of millions of "unsophisticated" users to not be scammed / abused by malware?
Since it's inception smart phones have been a consumer platform, used for consuming content. The platform for tinkerers already exists. It's called a PC with Linux installed. Every platform does not need to cater to your needs.
right of millions of "unsophisticated" users to not be scammed / abused by malware - but who even said this will lead to millions being scammed? Does (just) the ability to create a server on pc/mac imply are less secure compared to phones?(the question is just for this ability, not other protection mechanisms). Also, why just not treat it like option to sideload apps in android? Imo that option is orders of magnitude 'more dangerous' compared to creating a server but still that option can be used without the root and without breaking the warranty.
> Is the right of a handful of people to run a web server on their phone more important than the right of millions of "unsophisticated" users to not be scammed / abused by malware?
> The platform for tinkerers already exists. It's called a PC with Linux installed
I would love for you to make the case that a modern touch screen phone is not a Personal Computer. And you fail to address the very real scenario in which companies are conspiring to provide fully locked-down hardware and software ecosystems.
>I would love for you to make the case that a modern touch screen phone is not a Personal Computer.
I'm always up for a challenge, so here you go.
I'd argue that a PC is a general purpose personal computer. I wouldn't count a game console such as Xbox, PS or Switch as a PC because it is vendor controlled and locked down. I'd also not consider a car with an entertainment system a general purpose computing device.
Similarly phones are bought with the knowledge that they are more similar to game consoles than general purpose computers. They are bought with the knowledge that they are locked down by the vendor and that your use of the device is going to be limited. The right to install custom software that does whatever you want has never been part of the contract.
I do support the people's right to attempt to hack these devices to do whatever they want, but I do think expecting vendor support for their wacky antics is a step too far.
> I wouldn't count a game console such as Xbox, PS or Switch as a PC because it is vendor controlled and locked down
The Xbox was built primarily from standard components used in personal computers.
The PlayStation 2 and 3 ran Linux as alternative operating systems, officially supported by Sony.
The Nintendo Wii series is heralded as some of the most hackable and therefore versatile consoles in history, not for Nintendo's lack of trying.
> Similarly phones are bought with the knowledge that they are more similar to game consoles than general purpose computers
My phone in my pocket has more capability than my old laptops. Touchscreen interaction and the ability to make calls over a cell network do not suddenly make this thing not a personal computer. The hardware is completely capable of supporting this.
> They are bought with the knowledge that they are locked down by the vendor and that your use of the device is going to be limited.
This is just circular reasoning. The entire point is that this "knowledge" is simply consumer conditioning, and people are being taken advantage of by being fed this bullshit narrative.
> The right to install custom software that does whatever you want has never been part of the contract.
My friend, there is no contract. That is the point. I buy the hardware, and then I have the right to do whatever the fuck I want with it. Full stop. Anything less restricts my right to modify my personal items as I see fit.
> I do think expecting vendor support for their wacky antics is a step too far.
What? My phone runs a heavily-modified Linux and can do literally anything I need regarding personal computing, including hook up to external monitors and make use of peripheral devices like a mouse and keyboard. It is objectively a full-blown computer, regardless of if you can't understand that.
The premise of this thread is simply that, despite all of this, ports are arbitrarily locked down. This requires extra vendor intervention to implement, so your argument makes no sense. There is nothing wacky about using my personal computing device for.... personal computing. It's either disingenuous or ignorant to suggest this is not something which should be considered.
I like to think of a 'PC' being any machine that is derived from the IBM 5150, which was the original 'Personal Computer' (although far from the first microcomputer). However, with UEFI support on many ARM SoCs, maybe the two lineages are now marrying into each other!
> When discussing human rights (which apply to technological freedoms) reducing a need to "an edge case" is the basis of marginalization, defined as "treatment of a person, group, or concept as insignificant or peripheral".
This is a category error. The use is marginal, not the people. You can't just uprate the severity of something because it suits your wants.
This is a complete straw-man argument and deserves no further consideration. Refrigerators are not personal computers and in this case, the less digital tech a refrigerator contains, the better.
Phones have indeed turned into personal computers. Why is this hard to accept? For many use cases including basic web browsing, the phone has taken over the market where the personal computer used to dominate.
I think there’s a balance here where you have different harms.
Your concern is about an intellectual ideal of full freedom to utilize a device as you see fit.
That is an ideal that I am philosophically attracted to. But… you have to balance harms when dealing with the public. Security risk management for mobile is difficult and even professional practitioners fail badly at it. A billion little servers with a trillion little bugs are a physical safety risk for thousands of people that they cannot effectively manage.
We live in an era where publishing is easier than it has been since society consisted of a bunch of cavemen in a few small bands. This idea is technically interesting but a bad one.
Well I agree with, for example, band restrictions set by the FTC which allow fair use. Individual freedoms are only enabled by restrictions against parties who would otherwise conspire to ignore them.
> 2. It's an incredibly slippery slope to use "crapware" as a justification for reducing the freedoms of the individual. Criminals will find a way, do not create a hostile user experience.
It's a legit security issue. Not protecting people from these things is far more user hostile.
But this issue is minuscule compared to allowing running unverified apps... a thing that's allowed in most android phones a button away without the need to break warranty. What's more funny, looks like ios soon will allow this too. So phones are already offering the option to run unverified code, user should just allow it and accept the risks prompt. Why not treat the server thing (which imo is much less dangerous) just the same way?
Preventing some users who have the know-how from running a web server is not mutually exclusive with protecting people who don't wish to or don't know how.
What is not forbidden is allowed, you are born with your rights, law just limits them for society to function. Afaik law doesn't forbid to run a webserver on your phone so technically you can say it's a human right
Apps can already open ports and with the HTTP DNS record arbitrary ports can be used to serve http/3 content. Services like RDP and several types of VPN server all connect to unprivileged ports any app can listen on.
There should be a separate permission for listening on standard, reserved ports (anything in the IANA docs for all I care) that should require manual consent, like with location access. In fact, I think there should be a retractable permission for any kind of remotely accessible port binding. The fact any calculator app can start a VPN server on my phone without my knowledge isn't good! That doesn't mean providing any type of service is inherently bad, though.
For instance, there are tons of phone <=> desktop sync apps (My Phone on Windows, KDE Connect on Linux/Windows/Mac) that constantly communicate between each other. Why should your phone always be the one to initiate that direct connection? Why should we rely on cloud servers when mutually authenticated SSH is already doing every bit of protection we could possibly need? My phone is half a meter away from my computer, it shouldn't need to be this difficult!
> My phone is half a meter away from my computer, it shouldn't need to be this difficult!
FWIW, that's possible today on Android (not necessarily tomorrow, not necessarily on iOS) - I can and do regularly move files around with rsync/scp courtesy of termux, either by running the command on the phone or just running sshd on the phone (which does, in my setup, need to be manually started; I don't know if that's inherent or could be changed) and then running the transfer from another machine.
I know about SRV records from Minecraft (of all things!) for a similar purpose, can you point me towards a reference of what is this about? Wikipedia fails me.
For anyone else looking: I don't think the cloudflare post says so, but the IETF draft does include "port" as an optional thing that SRVB records can include so we might finally get support for that in browsers:)
It's true that there will always be unscrupulous actors but there are many ways to restrict or punish them already, I don't see why they would necessarily overwhelm existing methods.
Otherwise they're competing with a lot of other people interested in what the phone should and should not do.
If they own a hammer, they can do what they like with a hammer, but a phone is not a hammer. It's a complex arrangement of molecules, licenses and competing group interests.
Yeah, it’s the complexity that makes the difference. There’s nothing but that to differentiate anything. You, a phone, a G class star, a comedy special on DVD. All “just” complex arrangements of matter.
People make a big deal out of those differences though, go figure!
Probably terrible data point, but running "nc -l -p 80" within the iSH shell app on iOS opens port 80 and is reachable from a desktop machine in the local network. iSH has requested the "Local network" permission at some point.
Even if you run the server, it will die if the app goes to background or the screen turns off. Hardly practical. Just because a port is open does not mean it’s “less restrictive”.
What I would like to see is devices being able to run at least to some extent purely off of the wall.
My use case: I plug in an old phone into the wall, a 65W Thinkpad charger to be precise. The input for the Thinkpad is USB type C which is the same as my ZTE phone. I connect the USB C cable, attach my spicy pillow of a battery (it is removable), wait until the device powers up, and remove the spicy pillow from the phone. The phone stays on.
What I would like to see instead is some way for phones and laptops to work directly off of the wall, not charging or using the battery at all once it is done charging, without me having to physically remove the battery. I thought this is how laptops used to work but I am not an expert. Phones I am positive do not work like this for some reason. I believe one reason is the camera flash. The camera flash requires more oomph (very technical term) than the wall can deliver. I'm guessing that based on a single anecdote that I once tried to use the flash without a battery and the phone rebooted.
I guess the main gist of this comment is to say I'd like to see better thought go into making battery more durable so you can use a phone, connected to the wall for ten years if you wanted to. I am positive that if we could use the phone off the wall without constantly charging and discharging the battery, we would be able to eliminate most cases of spicy pillow.
> not charging or using the battery at all once it is done charging, without me having to physically remove the battery
Most flagship devices already do this. They automatically enter kiosk mode after being plugged in for a few days which eliminates the spicy pillow problem by keeping battery voltage significantly lower than normal. Eg https://support.apple.com/en-gu/HT208710
> I thought this is how laptops used to work
Transients are a problem for laptops and desktops too. Eg:
- Macbooks go into limp mode by asserting PROCHOT when the battery is <10% (or disconnected or high internal resistance) regardless of whether the laptop is plugged in. If they didn't, a sudden increase in power usage would cause enough voltage sag to reset the machine or cause data corruption. See https://apple.stackexchange.com/questions/380493/cpu-throttl...
- An RTX 3090 draws only 350W, but transients are often double that. A lotta people with weak PSUs and aggressive OCP had random reboots and bluescreens until they upgraded their PSU. The newer RTX 4090 has a better VRM which causes smaller transients so it can work with a smaller PSU despite having a 450W TDP.
That's not allowed on the app store (Apple will reject apps that abuse this without a legitimate reason, and a terminal app has no business playing background audio or abusing location services). Also, the audio background mode is particularly bad for user experience, as it does not allow you to play real audio, because in toyOS land, only one process can play audio. Yes, this is the state of iOS in 2023. Garbage.
Not true if I recall correctly, since around iOS 4 multiple processes can play audio simultaneously- it is only if a process requests exclusivity that playback from other backgrounded apps is stopped.
A foreground app can play additional audio if it does not require system support (such as controlling the playback from a Bluetooth headset and appearing in the now playing widget/dynamic island). But only one process can play continuous audio in the background. You cannot have Safari play a video and also listen to an audiobook.
“wHy WoULd YoU wAnT tO Do tHaT aNyWaY¿” -typical Apple fanboy response
This just slightly extends the background runtime, not allow indefinite background execution. I don't think ish has the navigation background mode (or audio for that matter) enabled, as it won't be allowed by Apple.
Why run a website on your phone when you could get a Raspberry Pi instead? This idea that computing devices should be general-purpose is left over from when computers were expensive.
Repurposing old hardware is cool too, but when you’re not using it as a phone anymore, you could run a different OS.
Because they're < 1024, I guess. Anywhere I've seen besides windows needs you to be root, or have some other specific permission to listen on that port.
Not that I agree with it, but it is the existing status quo.
I know about privileged ports, they just don't make sense anymore. They were a good idea on a timeshared system with groups of students logging into their own shells because equivalent personal computers were unaffordable.
These days, computers are used by one, maybe two or three people. If I, the only user of my phone, decide I want to use port 80, why can't I? Put this stuff behind a special privilege for all I care.
IIRC macOS got rid of privileged ports for these reasons. Dunno about iOS... But in any case what cell provider is going to let you handle inbound traffic? Most of the wifi networks you are on are NAT'd, etc. At best you'd probably want an outbound persistent tunnel that is "terminated" by a relay elsewhere. At that point you might as well just have the relay host the thing.
Sadly, cell provider puts me behind an IPv4 CGNAT, they didn't even bother to hand out IPv6 addresses at least. I picked them out because they were cheap more than anything, so I only have myself to blame.
I have previously used carriers that did expose (IPv6) addresses, though. Port 25/53/etc were blocked but I could host a web server on there if I wanted to drain the 2GB of mobile data I had at the time.
NAT isn't a problem with IPv6 support. Of course there's the network firewall, but adding a rule to accept ports 1714-1764 isn't that hard.
Right now I've solved the problem with a VPN tunnel, but that's not really that permanent a solution.
You're not getting inbound connections on IPv4 without a fight, although, I remember when you used to be able to pay mobile carriers to get a public IPv4 address that might have also been static(!) for VPN purposes. But it's not uncommon for carriers to give you a whole /64 on IPv6, and for that to be full proper connectivity (maybe they block smtp and smb, that's very common).
Yeah, IPv6 isn't everywhere, but if you have it on your phone and everywhere you want to access you phone from...
Actually I thought this was silly, but if your service provider provided and upstream cdn/cache, I think it could work pretty well. So when you are out of service area, they simply hit the cache.
The argument is that control can't be taken away from you, I suppose. I argue in another comment[0] that peer-caching could mitigate unreliability, but that still leaves the question of how you maintain ownership if other entities are allowed to serve it on your behalf. Is it possible to make yourself reliably globally routable without trusting a third party, or needing their permission?
Go install AOSP and see how useless your device becomes. An OS is more than a kernel and filesystem, it's also a basic set of userspace utilities and functionality. Last time I installed AOSP on a device- wifi wasn't even supported. And Google is removing messaging from AOSP. Phone OS my ass, it's useless without 3rd party cruft that isn't available to end users.
AOSP contains a music player, a gallery, a camera app, a web browser, a calendar and some dev tools. Sure, they haven't been updated for a few years, but that doesn't mean they're not there. WiFi and LTE work just fine as long as your manufacturer uses hardware supported by normal drivers.
That said, office supplies don't make something an operating system. If all it had was a launcher, it would still be an operating system, because you can install the apps you want onto it.
I don't know why your device didn't have WiFi, ut it's not the norm. Standard AOSP images should use the vendor partition to load additional drivers if the ones built into the Android kernel don't suffice.
The drivers could be acquired and installed either via CD with the hardware or found on the web. Where are my provided wifi or cellular drivers for my phone?
It's like Linux on some strange hardware, if something is missing, you code it by yourself, aosp is open source, so making lte compatible is possible for your device, just not what other ppl a interested in. Or you can use a fork that has the fix
>Android and iOS put restrictions on what applications on a phone are able to do, often for arbitrary reasons.
When people complain about how Windows (and for that matter also Linux and BSD, et al.) don't lock their environments down, they should remember it's because both devs and users alike appreciate and respect the freedom to do whatever the hell we want on our computers.
Great power begets great responsibility. Android and iOS place next to no responsibility on the devs and users, but likewise also none of the power.
The point is not that everyone should, it's that some people who want to, should be able to. Phones are quite powerful and can be excellent web servers on a budget.
But now you’re talking about a niche enough audience, that existing ways of running a web server on your phone are fine, and they’ll jump over the proverbial hurdle.
This still doesn’t remove the issue with running a server via mobile connectivity. Especially when there’s free options, or inexpensive options that won’t run up your mobile data bills.
And this is a terrible argument IMO. The idea of “It’s my device, it’s my right to do exactly what I want with it” is beyond dead and buried. There are lots of things people want to do with their devices that Apple doesn’t let them do. That’s literally been Apple’s philosophy for decades and at this point it shouldn’t be surprising.
Buy the Pinephone if you absolutely have some arcane use-case you can’t live without.
It’s not a terrible take. I want the features Apple decides are best for the iPhone because I prefer their philosophy to the idea of some device with unlimited options and settings.
> I want the features Apple decides are best for the iPhone because I prefer their philosophy to the idea of some device with unlimited options and settings.
Okay, then you've got me confused. Apple decided years ago to allow applications to bind to port 80 and run a personal website on their phones.
Does that mean you want Apple to change something or not? Because Apple decided their devices should be able to serve anything on "privileged" ports.
> "I don't need this so nobody should have it" is a terrible take
The opposite opinion that you seem to advocate is equally terrible -- "I want it so everyone should accept it" (which is the title of the post). How about you go advocate for a phone that supports it, says a Linux phone, and if it takes off and Apple/Google adopt it, then we can have it without this tiresome debate?
It's been philosophy, but looks like Apple will allow sideload bc of EU. And since this will be allowed(imo running unverified apps is much more dangerous) why not treat the server thing the same way?
The assumption that an operating system should allow the user to do everything is quite restricting.
Under this view, every device should be a standard-issue military-grade turing-machine. There would be no individuality, every device would be the same GPL licensed Free Operating System.
Is it real individuality or fake individuality? All those devices are already general purpose Turing machines that the manufacturers go to great effort and lengths to restrict, writing millions of lines of code, developing cryptographic systems etc to lock them down. A turing machine can run anything, the 'individuality' is just a fake restriction. There is nothing stopping you from running a general piece of software or os on any hardware that meets some minimum requirements. No reason android couldn't run on an 'iphone hardware' or ios on an 'android hardware'. Not the quotes I used, the hardware is just some general purposes CPUs, RAMs etc there is nothing magically 'iPhone' or 'Android' about it.
Almost all differences among the various modern phones, laptops are mere software,
the software is where the individuality is. Hardware differences exist in degree rarely in kind (megapixels of cameras, gb of ram etc) and even if some new type of hardware or sensor comes out its just a matter of developing a proper interface for the cpu, os etc.
I chose to purchase a phone that can’t do this. I’m fine with that. I’d rather my phone be how it is. I don’t need some nerd fighting for me in some imagined battle. I am incredibly sick of this line of reasoning. Anyone who spends any time arguing this point quite clearly has too much time on their hands and no real problems. It’s utterly cringey. Leave me be.
> Anyone who spends any time arguing this point quite clearly has too much time on their hands and no real problems.
Actually, trying to argue against something that you will not use, but others would use, that has no other effect on you, harms yourself (you might change your mind later) and harms others.
You fail to see the irony that the only reason you have it so good with your phone software is because of the pushback of open source and open standards the nerds have had to always fight for.
The only reason? Tech people here have some very self-flattery view. The main reason, and I wouldn't call it the only reason, the phone being an essential item is because it meets the needs of average consumers, not just for the tiny tech population. If a website is what everyone wants, then trust me it will be front and center in any phone ads, not the camera.
I come baring bad news; your smartphone can host webpages whether you like it or not. Worse yet, it can use it's browser to render arbitrary pages of data (detestable feature) and even execute code when given permission by the kernel. Very scary stuff.
Thankfully, nobody will be forcing you to use this feature; it shouldn't bother someone who ignores it. It is a feature of your phone though, unless you're daily-driving a pager or 2G Nokia. Hopefully this helps you make peace with the "utterly cringey" reality of modern computing.
2003:
[Cueball approaches a bearded fellow.]
Cueball: Did you get my essay?
Bearded Fellow: Yeah, it was good! But it was a .doc; You should really use a more open-
Cueball: Give it a rest already. Maybe we just want to live our lives and use software that works, not get wrapped up in your stupid nerd turf wars.
Bearded Fellow: I just want people to care about the infrastructures we're building and who-
Cueball: No, you just want to feel smugly superior. You have no sense of perspective and are probably autistic.
2010:
Cueball: Oh my God! We handed control of our social world to Facebook and they're DOING EVIL STUFF!
Bearded Fellow: Do you see this?
[Inset, the bearded fellow rubs his index and middle fingers against his thumb.]
Bearded Fellow: It's the world's tiniest open-source violin.
We've had networks composed of unreliable nodes before - indeed, this assumption is baked into some of our oldest protocols, like email and usenet. All that is required is for at least 2 equally unreliable peers to act as temporary caching servers to bring the effective uptime up from 95% to 99.99% (provided everyone's downtime is uncorrelated).
Which is why it works perfectly fine to send e-mail when you're on a plane without WiFi -- it's designed to send once you've got a connection.
But the article is about a personal website. Websites run over HTTP, which is not designed for anything unreliable.
It's interesting to think about a web that was designed to have lots of intermediary caching peers along the way as part of the protocol, but that's not what we have.
The notion of mobile-device-as-origin-server which can provide either content in a local context (on a LAN, localhost-only), or globally via cache-and-redundancy / cache-and-forward networks has definite and positive use-cases.
> The SMTP has provisions that account for the host server being powered off
But it's still built with the expectation that the recipient host will usually be available, and that unavailability is a transient condition -- a failure to contact the recipient SMTP server is a noisy failure, and, after the first few retries, most servers back off to one attempt every 8 hours. Mail servers which are only sporadically available would require some fairly substantial rearchitecture.
Not refuting your valid points but just another angle to consider, do all websites need to work all the time? If my family knows they can go to apitman.com to see my latest trip photos, if it's down occasionally that's not going to significantly impact their experience. They can just try again later.
That said, when I imagine self hosting from a phone I definitely think the phone + USB drive in a closet approach makes more sense.
Your mobile internet is behind NAT and your WiFI router would need port redir to point external traffic to the phone inside the LAN anyway.
So even if you can run it at port 80 you can't really do that without NAT or tunnel somewhere and if you need that you can just NAT to get it visible on 80 from the outside
It's not exactly hard, you can download web servers from the Play Store. The problem is that you'll need to set up port forwards and such to get traffic to port 8080 or whatever your web server of choice offers.
Termux can install nginx, PHP, and various SQL clients, so I'm sure someone can make a copy/paste script that'll set up a WordPress server on your phone.
Someone correct me if I'm wrong but I think this port issue will get solved with the introduction of new SVCB/HTTPS RR record types. Basically the dns server will include port info along with existing IP info in it's response.
It took me about two mins, and most of that was because I typed a minimal html page on my phone using vi.
My phone has an apple logo, and the whole point of the article is that android is the one which blocks you from doing this without jailbreak. But on an iPhone it takes like one minute and zero configuration. (I literally just ran `python3 -m http.server 80` with no issues in ish).
Author here. I understand what you are saying but this is not supposed to be full fledged social media kind of websites we want to run on phone. The site could just be a simple way for your loved ones to check up on you without calling or messaging you. I remember the Nokia web server used to share battery and other vital info on website. There are lot many things that can be done with a tiny web server.
That's what IPFS is for. The site might be out of date if the device with the IPNS private key goes into a tunnel for a while, but as long as someone somewhere (ideally several someones) has pinned it and their device is available then it's not "down".
We just need a good algorithm for reciprocity-pinning.
Personal websites are info only. Don't change that much. Google can and should cache results. Once synced, the website could be behind Cloudflare to avoid DDoS.
This might allow a smartphone to host a publicly-accessible website with caching and DDoS protection for free. You'd still have to buy a domain, but https://gen.xyz/number is $1/year.
Though the keepalive traffic would eat your battery, unless cloudflared were integrated with Firebase Cloud Messaging somehow... seems easier to just put content on Neocities.
It would be textual version of public WhatsApp status ( or stories) connected to your mobile number. For those people who don't mind sharing information with the public.
To account for the changing times, I believe a Personal LLM should be running on your phone (with a cloud data backup) with background AGENTS looking for shopping deals, working with your calendar and making appointments for all life chores such as your car oil change appointment bookings, recommending preventive maintenance repairs, answering on your demand questions on your your kids math/english report cards grade progress for last few semesters, and so on.
While less ideal than hosting it on an "always available" service, is that really enough to prevent the ability to do so? Phones are many people's only computers. Why not let them be actual computers since they're powerful enough to be? A typical smartphone is miles ahead of a Raspberry Pi and people do all sorts of things with Raspberry Pis. What about hosting a portfolio or blog on your phone where you can share it with someone in real-time, like a job interview or some presentation or just to show it?
Also, I wonder what the actual "downtime" of a smartphone is. I doubt it's that much worse than a lot of websites. The downtime of a smartphone is also usually completely independent of the phone itself, as it's usually service and/or location related.
Has anyone managed to find a reasonable way to make an old android phone into a server in a reasonably practical/maintainable way? Even if it is plugged in all the time?
I see at least one very good reason why this shoud be possible: old phones. Reusing old phones as a webserver seems like a good idea to me, since they were built for power efficiency (unlike old PCs) and would otherwise simply end up as e-waste in a landfill or discarded, forgotten in a drawer somewhere.
Maybe it's because I use LineageOS (and Cyanogen mod before that), but I never even knew that there were problems with being able to run a web server on android. Just recently, while I was bored on a train ride, I used the Fdroid app Lightweight Web Server (LWS) to send some files to a friend on iPhone for which I would otherwise have no easier way of doing (whatsapp upload is slower and filesize is limited). I move the files into the folder, prepare the HTML file a bit, then my friend sets up a wifi hotspot, I connect and tell my friend to enter the IP-Address or scan a QR code. Works nicely for me (although weirdly it doesn't work if I create the hotspot. I need to connect to theirs, I wonder why)
Even if this is something I only use rarely, using a phone that can't do something this simple is unacceptable to me. It's satisfying in itself that I don't want my phone manufacturer to arbitrarily limit what the hardware can and cannot do. Would I suggest running a business website off my phone? No. I doubt it's secure, performance is limited, ddos would be a possible issue. Do I still want to be able to do silly things with the devices I purchase? Absolutely.
Another point, if I remember correctly, a cellphone mesh network of some kind was useful for Hong Kong protestors at one point at least.
I don't think the guy is suggesting phones are great general purpose servers people should host online services on.
On their own, they are small and efficient. Proper servers need 10x, 100x, or more power just to boot. Sure, AMD has some amazingly efficient Zen 4 cores now. But cores don't exist in a vacuum. Just spinning the fans on such a machine consumes more power than a phone could even dissipate.
Not saying about what and where anyone should run, all I'm claiming is that mobile phones aren't actually that efficient, they just sleep a lot and that's how they get low power draw
> Would I suggest running a business website off my phone? No. I doubt it's secure, performance is limited, ddos would be a possible issue. Do I still want to be able to do silly things with the devices I purchase? Absolutely.
Running a web server on a mostly-trusted LAN for 5 minutes doesn't sound like the security risk you're trying to paint it as
Your friend creates the hotspot, you connect to it like any other WiFi network and then for the address, they enter the IP of your phone which is shown on the lws app or it can be scanned as a qr code. (It doesn't work for some reason, if you create the hotspot. I don't know why. I edited my previous post to correct this detail)
Not OP but I would try something with a .1 ending, deriving the first three bytes from the client phone's IP. Although, when creating a hotspot, Android might make a new network namespace for it so you still wouldn't be able to connect to the web server.
With respect to the idea of hosting personal websites without using hosting companies, why does it have to be port 80. Port 80 is what commercial hosting uses, but this proposal is fundamentally different from commercial hosting. I'm not sure I understand why using an agreed-upon high port would not be an acceptable alternative.
As for non-rooted Android not allowing use of port 80, this is just one symptom of the larger problem of not allowing the computer owner to have root privileges. And letting an advertising company have them instead. IMHO.
Unrelated perhaps but it is possible to forward port 80 in Android. For example, I forward tcp/80 to a computer running NetBSD. This can be done using an app, e.g., NetGuard. TLS zealots might want to try this sometime and observe some of the unencrypted egress traffic.
Thought experiment: Imagine you make a salary or other financial gains by applying what you know in the subject matter area of X. Someone comes along and proposes that they want to teach more people about how X works. What is the likelihood you will respond with something like "no one really wants to know how X works". You want to maintain the status quo because you understand that an information asymmetry between people who understand how X works and those who do not must exist in order that you may continue to be paid for or otherwise profit from your knowledge.
I saw some statistics showing that the majority of people in the US don't even have broadband (speed) internet, let alone a second computer.
Here's an uncomfortable thought: The modern day personal website is someone's tiktok profile page. And it's thanks to the fact that everyone has a phone, and tiktok just works.
There's an opportunity to learn from this model, though I'm not sure what the lesson is.
I think your take hits the nail on the head. Most people have zero interest in running their own website.we live in a world where people have no clue how things work. They just want it to work and not have to understand how.
People could change their own brakes and oil too. But how many folks want to? Not many. It doesn’t provide value to them. Just like a personal website wouldn’t provide value to them. Hence, like you said, social media pages are their “personal website”.
The fact that most people don’t understand how things work is a testament to good design. You shouldn’t have to understand how a car works to use a car. You shouldn’t have to understand how a lightbulb works to switch on the lights. Abstraction allows us to build on prior technologies.
It’s also a practical reality of living in a complex world. Someone using Excel isn’t thinking about how that app was programmed. Most computer programmers don’t have in-depth knowledge of how a CPU works. And they definitely don’t understand the chemistry of a transistor.
The fact is we live in a world too complex to understand it all. That’s not necessarily a bad thing.
There's also environmental factors to consider in anything physical, sure, you changed your oil, but what do you do with the oil now? There's no electrical pollution in running a server.
I do not. Where I live you buy new oil getting a receipt for a change. You get $5 back if you bring back the used oil, but if you lose the receipt you have to throw the oil away. It's... a really bad system
I think the lesson is that stuff that just works is awesome, and it would be really cool if we had a platform with the expressiveness of raw HTML, with the ease of use of Tumblr, and the portability and backup-ability of GitHub.
Most of the cool things about personal sites can be replicated without the needless toil of actually messing with hosting yourself.
Even Markdown isn't enough.
I want a site where we can view posts on a calendar, write things in full BBCode, view by tags or heirarchy (Or a hybrid, like #stories.romance), clone your stuff as a git repo and edit locally, etc.
I've actually thought a bit about this over the years, and wrote a whitepaper in ~2002 on such... (sorry that file evaporated a decade+ ago)
Whereby ;
And this was prior to Cloud BTW (and I met with some goog eng friends in 2006 or so about it, but they said it would never be a thing:
I wanted a cloud based desktop, with your personal encrytped access key being your phone, which you would dock, and then grab an instance of your desktop from the cloud... (a while later motorola tried to launch such a device...)
Anyway, here is my current take:
Every phone should be able to have a way to manage your own APIs such that your links to whatever media buckets you have/sub to - you can very easily just create little widgets that will pull your IGs, HNs, whatever and you can just slide the content-boxes around and organize a page very easily...
Add a content-box (we attempted to build a site around this idea in ~2005 - no bueno - as mobile didnt exist as it does today)
the content box will be [text, pics, audio, links, etc] and you can nest one on top of the other...
So add an element - then drop it on top of another to have the link (think tooltip hover to whatever child box on parent)
etc...
Cloudflare the F out of it - and allow for black/whitelists of content within the profile of the user (never link to FB or Twixxxter, whatever)
> I wanted a cloud based desktop, with your personal encrytped access key being your phone
Sun used to have a desktop product similar to this, it worked with an authentication token like a company badge or whatever. You could go sit at any desk and login and you'd have your own desktop environment including audio.
Of course the whole thing was proprietary and it was server side so you needed heavy servers. Also logging in remotely wasn't possible IIRC cause it required a huge network pipe (aka on-premises). It died a quiet death.
Yeah, I recall those -- was that the invention of "zero desktop" nomenclature - even though a terminal to a mainframe/AS\400 was the same thing :-) (or a vax (never used a vax)
It was actually a few months ago. They specifically took issue with the methodologies of broadband companies in measuring home internet usage speeds. When they conducted their own tests across residential America, they determined that most people were unable to connect to the internet at speeds that we’d consider broadband.
As someone who was just in the hospital for nine weeks in an area where the cell towers didn’t seem to provide anything higher than 3mbit in downtown St Louis with a >2 second lag time, I can verify that at least some Americans in my corner of the world live in places where broadband is just not a thing. And most of America is rural America.
162.8 / 331.9 = 49% of the whole US population. That seems extremely different from loads of statistics which weren't tracking access but whether households actually had broadband at home. I'd like to see the actual proof of that and their real testing strategies instead of just taking Microsoft at their word on that one.
> Despite the increase in the urban population, urban areas, defined as densely developed residential, commercial, and other nonresidential areas, now account for 80.0% of the U.S. population, down from 80.7% in 2010.
> As for non-rooted Android not allowing use of port 80, this is just one symptom of the larger problem of not allowing the computer owner to have root privileges. And letting an advertising company have them instead. IMHO.
But then there is nothing stopping the user from installing spyware and becoming a botnet zombie by following a video tutorial about "how to install fortnite vbucks generator apk". Most people aren't your average HN reader or techie, they just want a device that facilitates accessing the web and using rich applications/games, all in a safe way that doesn't require them spending hours a week (initially) configuring or playing with their phone to make it work for them.
In a world where every user has root privileges (and doesn't need to go through too much friction to "control" their device), and can't even say "I want to purchase an iPhone because it means I can consume content and use social media without needing to worry about malware", more people get hurt - because the average person doesn't know they need these manufacturer-imposed guardrails until they do something dumb one day and get hacked.
The solution to fixing this and achieving utopia is education - standardized classes focused on proficiency in identifying scams, learning about how typical services operate and reasoning about what motives actors have. But this is extremely hard to do when the United States doesn't seem to care about this, and it'd be impossible to ensure on a global scale.
Why not go the route of informed consent + sane defaults? It’s more respectful of the user. If informed consent is too difficult to do then there are deeper more fundamental issues with the OS.
I don't think it's wise to take an Apple exec's word for it, especially in the context of a trial where it was very convenient for them to reach that position. We don't even have any objective info on what criteria Apple uses internally to quantify the levels of malware that are "acceptable" on macOS (if that even exists. I also think the exec may have been talking out of his ass)
"Security" has become a "justfication" used by so-called "tech" companies for taking control away from the computer owner. One can in fact see this type of rationalisation in this thread. This "justification" is pervasively used across popular consumer OS today.
What would someone do with a "website". Well, what is a "website". People backing so-called "tech" companies will tell us, but the story they tell is biased toward using the web as an advertising and sales medium, from which they, as intermediaries, can profit. The surveillance they perform using this arrangement is other worldly.
A website is a computer running an httpd. It's not a "platform" and it's not a means of drawing an audience. Those are specific uses of running an httpd, ones that happen to enrich so-called "tech" company intermediaries, but those are not the only uses.
An httpd is a program that reponds to HTTP requests. There is much one can do with HTTP. Certainly, HTTP is not limited to the uses that so-called "tech" companies have chosen: attracting large audiences, mass data collection and the sale and delivery of programmatic advertising. For example, using only HTTP one can transfer and receive files, messages, audio, video, any stream of bytes, to and from one's family, friends and colleagues, directly, without using a so-called "tech" company intermediary.
This has been demonstrated, for example, by a gentleman in Japan:
Of course, people that profit from these so-called "tech" companies do not want any discussion of such other uses for HTTP. If the uses do not allow for advertising or some way for certain people to make money, then these people will talk them down. "No one wants that." "I don't want that therefore no one else wants that." "It will not work because..." "We tried it and it failed." We have seen these lame arguments so many times. The more empathic the negative responses from HN commenters to any proposed non-commercial, non-advertising-related uses of the web, the more we can be sure such uses are not only possible but highly probable. Time will show the wiser. It's early days.
> The reason I think this is needed is because a large percent of Internet users cannot afford hosting personal websites.
I sympathize with this, but disagree. There are a lot a great free options for hosting a website. I personally use GitHub Pages, but Netlify, Vercel, and even Glitch offer excellent free tiers. Heck, if you just want to put some words on the web, WordPress.com offers free blog hosting.
All of these options are using someone else's service, and that may go away without notice. I understand some people wouldn't prefer that. But on the other hand, I value my phone's battery and site's availability over owning the full stack.
Because phones have all-day battery life because they turn off the radios as often as possible, sending and receiving data in short bursts. Lingering sockets are shut down for non-system services and push messages are exchanged through dedicated messaging providers with power management planning built in.
It's one of the reasons running standard Linux, or even de-Googled Android, on a normal Android device can absolutely tank your battery life. Waking up the radio is expensive, and packets coming in at random moments means the work put into power saving scheduling goes down the drain.
"...or even de-Googled Android, on a normal Android device can absolutely tank your battery life."
Not necessarily. About eight hours ago I was having trouble with the GPS on my main phone (I cleared GNSS on GPStest app and it wasn't refreshing fast enough), so I found another in my assortment of phones that was still running and had some charge left in it and used it (it also had GPStest installed)—and I'm using it now to post this comment.
It's a Huawei GR5 Honor from 2017 with original battery that I've de-Googled, and when I picked it up earlier the battery indicated 22℅ remaining which surprised me because I've not used it for some weeks.
When I read your comment I thought I'd ckeck the battery and phone usage logs and I'm now even more surprised. The phone was last used on July 19 (24 days ago) and the battery drain graph shows a very gentle and almost perfectly linear decline from then (until I put it on change and started using it).
Moreover, it estimates remaining battery life in standard/default power mode at 8 days 23 hours (but it's since been on change). Note: the phone was set to standard power mode during those past 24 days. If I switched to 'Power Saving' mode the estimate is 11 days 16 hours, and in 'Ultra Save' its estimate is nearly 33 days (778 hours 44 mins).
Incidentally, the phone has 346 apps installed.
It's amazing what battery life one can achieve when one stops both Gapps and user-installed apps yapping back to Google-Central.
A de-Googled device doing very little will have great battery life. Once you load up a chat app or two, that battery life quickly starts degrading, because every app starts polling a server for updates.
Most people use some kind of app that receives push updates from the internet onto their smartphones, whether that's Facebook or WhatsApp. If you can live without those apps then you'll have a much better time, because the WiFi can actually turn itself off completely and the phone modem can fall back to a state as passive as possible.
You don't need to de-Google your phone for this effect. Just disable all internet access (WiFi off/disconnected, cellular data off) and your phone can last a day longer. Works great for devices repurposed as navigation systems!
"You don't need to de-Google your phone for this effect. Just disable all internet access (WiFi off/disconnected, cellular data off) and your phone can last a day longer."
True, that's my experience too. As mentioned, I've well over a dozen unmodified and rooted Android phones and some of these have been repurposed including for navigation, remote control of equipment etc.
I'm not a typical user, no social media, no Google accounts, no cloud storage and such, so for phones that aren't rooted Gapps are either disabled or where possible removed, similarly, any running services that I'm not using are stopped (if possible). On rooted phones apps only run when I'm using them, WiFi/SIMs are disabled and or airplane mode is on when the phone is not in use, also no background data is allowed etc. so I expect my phones to last for days without recharging.
What surprised me about this Huawei is that it is six years old and the battery has been abused—left charging at 100% for days on end—yet it still managed 24 days on standby in normal power mode. No doubt it would have lasted a full month if I hadn't used it today.
Sorry, I was saying that because I thought the poster was saying "you'll need a real host (instead of a free one) if you get more than 1k visits a day". But looking back, I think "real host" meant "not a phone" and not "not a free host". So my comment here didn't really make much sense.
> Back in 2009, anynone with a Nokia could have a personal website running on their own phone. Sadly this amazing piece of tech was never widely adopted.
It's not sad, just sensible. In 2009 it made no sense to host a website on a phone. If you didn't want to use a hosting service, an old desktop or laptop made more sense than a smartphone even then.
A smartphone as a server could be useful for some in-person use cases where internet access is either unavailable or undesired. For example: an emergency neighborhood communication network, or perhaps a p2p shopping experience for swap meets.
However, these use cases tend to be rare (total internet outages usually get fixed very quickly), or of marginal real-world value (at a swap meet you just walk around to see what's available), so there aren't many resources dedicated to developing solutions for them.
Except, you don't own or control any of these sites or services. You're merely a tenant without any power. You're open for many threats outside your control:
1. Service shutdown
2. Price jacked up
3. Your account/instance terminated
4. Data abused
And many more. It's almost guaranteed you'll basically be hold hostage at one point.
So, if you're arguing against people having the ability to host on devices they own, you'd need a better argument, one that specifically show how that would be destructive and harmful so that they shouldn't have this freedom.
Running a webserver on your phone incurs all the same issues plus it might be out of range or your phone might be off. So having a webserver on your phone is actually worse.
Yes if none of those things are problems then it isn't an issue. Just that there aren't fewer issues with having a website on your phone by a company that doesn't have a core business of letting people serve http from their phone vs. having it hosted somewhere by a company where it IS their core business.
No, I’m saying that trusting [Internet service provider whom you don’t control] to keep your site up is pragmatically identical to trusting [web hosting company whom you don’t control] to do the same.
Why not work instead on reducing the number of roadblocks and services that you need to manage, rely on, hand over your rights to, and entrust them with your personal data?
I don't know about you, but that seems to me the logical thing to do
The third party doctrine means at any host your stuff can be warrantless searched, not the case for your phone except I guess that thing about anywhere 100 miles from a coast line or border or airport that covers most of the population.
By that logic, that's what you are on your phone as well, unless you collected the silicon material, diffused and soldered and programmed it yourself.
Even if you assume 'a physical black box, but at least you hold it in your own hands', that is barely making that position stronger since you're still reliant upon networking which requires both a second party and rights to use it, neither of which you control.
Essentially, you will never, ever be some silly idea of a 'self made server owning person' because without mutual agreements and trusts, you get nothing. Not even spare electrons to flip the bits in the CPU registers.
The best we can do is make a balance between our risk appetite and how we want to spend our time. Turns out random phones that will turn into e-waste faster than you can sneeze is what people accept, and thus that is what the suppliers supply.
You're focusing on the tenant part too much, it's about power. Their knowledge and means are generally not focused to be in power, no matter their tenancy.
Equating being able to run a webserver on a privileged port to power, and thus ownership is a bad take. That also goes for the other way around where it is equated to ownership first and power second: none of that is coupled to the ability to run a webserver on any port for that matter.
And on top of that, I made the case that even if you could, you're now just beholden to the power of the webserver maintainer, the OS maintainer and the baseband maintainer. You're not suddenly 'free' or 'empowered' by some sort of ideal.
Mind you, I'm not saying it's great that you can't always run arbitrary software, but staking power and tenancy on that seems pretty dumb to me.
Micropayments aren’t more of a thing already for a reason. There is friction and overhead with signing up for a 3P subscription service even if the actual dollar cost is negligible.
The reason is high credit card fees. If payment gateways allowed micropayments they'd be more popular. (Square, for example, charges 31-33c on anything under $1.)
If NearlyFreeSpeech.net needs to make $1 of profit to be sustainable, they would just charge $1.50 for their product, and I highly doubt there is anyone who can afford $1 but not $1.50
> The reason I think this is needed is because a large percent of Internet users cannot afford hosting personal websites.
Is there a single person on this planet who wants to host a website but can't and will start doing so if their mobile phone supported it? I'm going to guess no.
99.99999% of people want to host nothing at all (and probably don't know what web hosting is). For the ones that do, it is still a lot more cost effective (and reliable/performant) to buy a $5 VPS or a Raspberry Pi than rely on a device and network connection that aren't meant to be used for web hosting. Cell phones have limited battery life. Mobile network connections are spotty, and they allocate the vast majority of bandwidth for downloads because that's what people are using their devices for.
So the ecosystem doesn't support running websites on mobile devices because (1) it is a terrible idea, (2) the demand is non-existent and (3) there are a hundred better options.
While I agree this is true today, people also didn't know they wanted cars or smartphones until good implementations were made. Smartphones existed for many years but were niche before the iPhone. We as an industry have thus far completely failed to show the value of self hosting.
People just don't need or want this. Facebook has a network effect and shows you all your friends' posts. Having to visit fifty personal sites would be a pain.
> Having to visit fifty personal sites would be a pain.
Which is why RSS (and Atom, but I’m just saying RSS because it’s less to type) was such a brilliant invention, and also why it was “killed.”
Everyone is talking about things like “ActivityPub” and “interoperability” and “personalized algorithms” nowadays but RSS supported many of those features twenty years ago.
Yeah, it didn’t solve the account portability problem (you’d still need a separate account for each forum and blog you wanted to comment on; OpenID almost solved this issue but was a nightmare to work with, Mozilla Persona (which is not the same thing as Mozilla Personas, wow that company is bad at naming things) would have definitely solved this issue if that company had spent more than twenty minutes promoting it), but it did solve the actual fundamental issue that most people seem to be getting at with these modern systems: it offered a way to collate and display updates from a wide variety of mutually incompatible Internet sources all together in one place.
It’s an incredible simple pitch, even to non-technical people: display your YouTube subscriptions, Twitter follows, blogs you’re interested in, and news sites that you read all in one place, in software that you control.
The problem is that operating a “platform” rather than a website got to be too profitable, and suddenly the goal shifted from serving useful content to make you want to come back to a site to serving enough content that you never want to leave to begin with. Many people believe that if Google had made Reader the center of their social strategy rather than killing it to pursue a short-sighted attempt to compete directly with Facebook, we could be looking at a much healthier Internet today (and Google probably could be earning a lot more money than they currently are, considering the abysmal adoption rate of modern Google services is often argued to be directly linked to fear of shutdown).[1]
Personal websites died for the mainstream because Facebook, Twitter, and Instagram offered a better interface for the average consumer. But they could be brought back by a system that made the good parts of those sites interoperable. Frankly, this is the kind of thing that I want to see Mozilla pursuing again, not...whatever the heck they’re doing now. (You go their website and they’re selling Pocket, which is basically a bad centralized version of what I’m talking about; a rebadged VPN service; an email alias service; and Firefox. What happened to the people who tried to do things like Persona?)
> Everyone is talking about things like “ActivityPub” and “interoperability” and “personalized algorithms” nowadays but RSS supported many of those features twenty years ago.
RSS is read-only, ActivityPub allows back-and-forth interaction between servers. The two are not comparable.
My sense is the opposite. Billions of people use Facebook & X because hosting their own website is too hard. It’s very likely millions of people would love a simple way to host a website from their phone.
I registered a domain, paid for word press hosting, learned the set up and started writing my travel journal there. The photos display in full HD without ads.
But most family and friends forget to visit it, because Facebook is not promoting my website.
The cost and complexity of the process you describe is beyond the complexity that people, who want to express themselves in small ways, incrementally, over time, are willing or able to engage with, especially up-front
Millions of people won’t want to host a website from their phone, simply because millions of people are no longer used to navigating to obscure third-party websites. They don’t do it themselves much, and they don’t expect their peers to do it.
The internet activity of younger generations today is increasingly centered around use of only a handful of websites, mostly provided through dedicated phone apps. Unless a person’s own website gets promoted by a social-media site’s algorithm, or comes up at the top of a Google search, no one is going to visit that URL.
I don't think so. What people want is a way to create some words, audio, pictures, video, etc and let people see it. The vast majority of people don't care at all about exactly what technological choices are used to make that happen. For a variety of reasons, services that are at least semi-centralized and running on proper servers in datacenters are vastly more effective at this than trying to run a web server on a mobile device being used in its intended role.
> The reason I think this is needed is because a large percent of Internet users cannot afford hosting personal websites.
~$5-7 a month for a web server via various platforms. A better one than your phone would be, most likely—certainly more stable. I don't think that's what's stopping people, I think most people just don't have a use case for hosting a web site.
In my 90s dream of the technohippie utopia they would all have extensive and idiosyncratic personal websites about various things they've soldered together, but that didn't work out. Turns out most people want to watch videos of other people doing things, and that is most efficiently hosted in a centralized place.
I think it’s axiomatic that an order of magnitude more time will be spent on consuming content than producing it. Why would you spend hours every day crafting a deeply insightful blog if literally no one ever read it? As an author or other content producer, you want people to consume your work. Therefore, the equilibrium between content and consumption must settle on dramatically more consumption than production.
I think this handily explains why the “personal website for every human” utopia never came to pass.
(Yes, I know some people will produce great content purely for the joy of doing it, and don’t care if anyone consumes it. I think that’s an edge case, not the operandus of every living person)
P.S. You’re completely right about the $5-7/mo hosting. I used to run a server in my home, but discovered I was spending more on electricity than the cost of leasing a small VPS. Centralizing has fantastic economies of scale.
The article doesn't make sense. It can technically work with a bunch of dynamic DNS systems. An IPv6 address isn't fixed to your device like a MAC address is.
Even assuming it would be doable, it would be a security nightmare, and we'd end up relying on some centralised systems anyway lest we burden the internet with absolutely insane amounts of continual p2p discoveries.
If you want a personal website, why not use a service like neocities? It's free, and just lets you go ham with static content. Don't feel like writing HTML pages manually? Make a TiddlyWiki and upload that.
To be clear, I am all for self hosting stuff, but it needs to be in a proper, affordable, standardized package that can be kept secure and useful. A phone is NOT that.
Why not? I download updates to apps on my phone every day. I fact, my old phone that has long stopped receiving updates still runs the latest browsers just fine. The problem isn't keeping the applications up to date.
There's a risk of kernel exploits, but I can't remember the last time the Android kernel had a bug that could be triggered by simply sending packets to it. Privilege escalation works, maybe, but getting root on Android is a lot harder than most Linux servers because of the very strict and isolated SELinux contexts.
I've installed termux on my phone and I can install nginx with a single command. Downloading a Debian chroot and launching a full, maintained Linux distro is two commands away.
Until remotely triggered Android kernel exploits become a thing, I don't think the updates are the problem here.
That seems exceptionally reasonable, nomad. That would be pretty easy to anonymize as well. It's a pleasure to meet you.
I'll add that Resilio Sync + singlefile Tiddlywiki (I think most people would be surprised what TW can accomplish) from a phone is quite workable (a filewatcher with ratox or may toxic, or IPFS, would do as well, but they aren't as performant or turnkey). You can automatically push with custom conditions (or manually do so) to those listening (the burden has to be shifted away from the phone to some degree). If you have persistent seeders in the mutable torrent swarm, it's even better. That would serve a very large number of people on the planet pretty well, imho. This is harder to anonymize on a phone, but also doable.
It's reasonable to do both, too.
Add a proper USB to boot with, and it would sometimes be easy enough to walk up to a random machine when you need more than a phone to work on your Tiddlywiki or other infrastructure. I admire trying to find ways to make sure almost anyone can participate in The Great Conversation with minimal material; it's an important problem.
Yeah I can't make sense of this article either. How is IPv6 supposed to solve this? IP is for routing which is tied to geography, not identity. And wouldn't dynamic DNS make your website unresolvable for at least a minute or two every time your IP changes?
Yeah but I'm asking how does that help? As the phone hops around, the IP address will change, whether it's v6 or v4. Are they expecting IPv6 will be stable no matter where in the world you travel?
> A DDNS service seems like a trivial add-on to make this work.
I responded to this earlier: wouldn't dynamic DNS make your website unresolvable for at least a minute or two (or much longer if your TTL is longer) every time your IP changes?
> I think the bigger issue is the number of mobile devices behind CGNAT.
Yeah I agree on that, they already mentioned that part.
Limited data plans and connectivity issues make this infeasible. Also security issues on having incoming ports open, of course.
But what if instead of hosting an index.html file over HTTP(S) we could all host via BitTorrent?
A website could be a bunch of files that are referred to by a DHT hash file.
That way everybody who visits the website will also temporarily support the site by hosting it. If your self hosted site is Slashdotted/HNewsed than hosting would still not fail: after all, all the new visitors are temporarily also seeders of the file over BitTorrent.
You more or less described IPFS. Of course, IPFS grinds my gears because despite oodles of money and time, they still don't have a cohesive ecosystem SDK, haven't rebased on a Rust base, just squandering attention in the space, imo.
I don't see why they'd need to rebuild IPFS in Rust. Go is plenty fast. The problem is that the current IPFS network and design just don't scale very well.
Take a look at Matrix and what the ecosystem is doing. The entire ecosystem is rebasing on the Rust SDK and bindings to it. It's a massive reduction in duplication of effort, and means there's fewer bugs with interoping clients because they're increasingly all using the same SDK.
It's considerably more flexible, more easily embedded than node or Go.
And yet, it's not the first or last project to choose to build a base SDK in Rust and provide bindings on top. And an effort being taken by a company quickly trying to iterate, build a polished product, and bring revenue in on the edges.
And you can already look at various projects and see the positive impacts.
I'd elaborate on why, but we've all heard it a thousand times and the folks that don't want to believe anything they hear about Rust still won't hear it.
I implemented exactly this in https://github.com/anacrolix/btlink. It works fantastically well. Unfortunately I couldn't get any funding from OTF or similar, and nobody is commercially interested in making websites easy to host and scale.
Unlocking the smartphone will be a singular event in computing history.
Running a personal website is a metaphor for actually using the device fully and with agency.
It cannot not happen. The drivers are the ever increasing commoditisation of quality hardware, the slow but steady maturity of open source software and the fact that it takes machination at planetary scale to prevent it from happening (ie keeping these ever more powerful devices locked for scrolling down social).
Ofcourse the timing and manner the revolution will happen is unpredictable.
I was thinking of slightly wider adoption, but the proof-of-principle is indeed already here.
Demonstrating that this freedom offers radical new opportunities (the infamous killer apps) is not yet done though.
We need to think outside the confines that locked down devices have forced us to think. Swarms of mobiles acting as both clients and servers are a new unexplored territory.
Why the heck would I want to open a port to accept http connections to the wild wild web on my phone? Servers are constantly being probed and I can't imagine I'd want to manage a firewall from my phone. Then there's data plans... Oy vey!
On my Nokia N90i, I used to run Apache and PHP and a gallery web app to serve up the phone's camera roll on the wifi interface. Was quite useful at times.
Symbian was a terribly quirky platform to develop for, but there were some quite cool things.
You'll have to use port 8080 or some other high port number because of privileged ports, but for just temporarily sharing your camera roll that shouldn't be too much of a problem.
really? my phone is useful as a tool to: communicate with friends and family, do work via writing, reading, checking metrics, watching videos, and 10000 other things.
and i live in vim on a computer. this tech-centric “i need a terminal and full access to the shell for it to have any worth” is pretty juvenile. phones are real tools for millions of people— the greatest technological innovation of the century.
From a dictionary, on the noun "tool": "something (such as an instrument or apparatus) used in performing an operation or necessary in the practice of a vocation or profession"
I was likening it to something like a screwdriver. I often describe what we do as making tools for others to live their lives and spread culture and civilization, so I understand your sentiment (although I think you are grandstanding a little). My comment, however, was personal and about what makes something a tool for me.
I'm also a fan of what phones do for people, and software in general; one of my fondest times working in software was developing communication/chat software and knowing a number of people who met on it and became partners for life.
I’ll give you that this isn’t a half bad idea to give someone that spark of interest early on. A phone is a lot harder to mess with, in ways that I think a lot of people older than 20 did when they were kids to their PCs.
However, a server is such a specific + utilitarian thing. And on a phone it really serves very little utility. Some kid would get a kick out of making a website their friends can visit, but beyond that, not being able to run a server is more a symptom of how locked-down and uninspired phone OSes are, rather than a thing that specifically NEEDS to be implemented.
On the same basis, most home routers are powerful enough to run a basic webserver, and they are much more likely to have a consistent internet connection. They probably aren't behind CG-NAT, and most of them have Dynamic DNS support even if they don't have a static IP.
> The reason I think this is needed is because a large percent of Internet users cannot afford hosting personal websites. The privilege of self hosting that early Internet users enjoyed was never given to the new Internet users.
If you actually have the technical chops to self-host a personal website in your house, why on earth would you want to do it on a phone? A Pi, Nano, Jetson, NUC, any kind of small form-factor mini PC is a far cheaper and better option if the limiter is seriously that you can't afford a hosting service. A web server does not need a camera, a touchscreen, a gyroscope, a GPS chip, a radio transceiver, an accelerometer, a fingerprint reader, or any of the many other hardware features that cause a phone to cost so much.
You may as well ask why your thermostat, printer, microwave, smart lightbulb, or television can't run a web server. There is nothing technologically stopping them. If they can run a stored program and connect to a network, they can bind to a port and listen for incoming requests. But running a website on them just isn't the purpose for their existence. General purpose computing devices exist and are cheap. If you want one, get one. There is no reason every single device that can do any form of computing needs to be a fully general-purpose computing device.
In 2012, I need to sync data between a set-top box device(a karaoke machine) and an ios/android device to transfer SQLite data between them.
The ios/android app literally spin up a HTTP server run on the phone, the device just hit it to download file up to 20MB. I was dumb and didn' think much, and it just works. It works so well I never pay attention to it. Eventually the app evolve where the entire config is push this way, one can open the app, edit config, and it save these into XML file. The setipbox will download that XML file.
Then even better, there is a webserver run on the phone, where one on the same wifi network can hit it and edit all the config on a very simple website instead of using the app UI. Such as upload file from your desktop into the phone(the song book).
Of course, the app needs to be running for all this to work. When the app close, the webserver is also shut down.
So yes, even in 2012 on those cheap devices, one can run a full feauted webserver on the web server.
I would much rather have a locked down phone which is secure, as I rely on it for many important functions in my life. I’ll leave the cheap web servers to a Raspberry Pi, CDN, or VPS thank you very much.
I used to be a big Android advocate years ago when I wrote a lot of code myself. Now I prefer a locked down iPhone that always works at maybe a bit higher cost. It feels like many more people have gone through that switch.
Even though I'm not idealistically aligned with the locked down App Store approach Apple takes, their ecosystem just works well for my needs.
It's very sad that a forum of self-styled hackers can not see the value in a personal website. Our image of what the web is and should be has been poisoned by 99.999% uptime cloud-hosted tat.
> It's very sad that a forum of self-styled hackers can not see the value in a personal website.
I think the name has you confused. The vast majority of people here are not self-styled hackers. Actually most are against hackers and the hacker ethos. Just because north korea calls itself the democratic people's republic of korea doesn't mean it is democratic or a republic. The same applies here.
> Our image of what the web is and should be has been poisoned by 99.999% uptime cloud-hosted tat.
The problem isn't the self hosting a website bit, it is the "oh your phone" bit. Our phone network doesn't have a ton of excess capacity, and building it out is expensive. A personal website has zero reason to run on your phone with you.
It would be way more efficient for the phone companies to simply give a free small VPS to phone customers who want one rather than allow them to host it on their phone.
Generally no, and i don't think anyone was thinking we were talking about sites that only the writer sees? Otherwise what's the point of running a server?
Any phone can run an onion service if all you need is a website. It's rather annoying that you need to root/jailbreak your phone to use port 80 I agree with that, but it's also not a necessity for running a website.
Aside from the phone use case, the concept of "privileged ports" is pretty silly on any device operated by a single user or used for a single purpose. In an age where any device on a modern network can reserve hundreds of IP addresses without any risk of address space exhaustion, concepts such as reserved ports are next to useless.
One day I'll get myself to waste a few weeks writing an Android mod that gives every app on the system a separate (ephemeral) IPv6 address. The challenge will be to generate enough virtual interfaces for network namespacing to do its thing while assuring it only does so on IPv6 enabled WiFi networks, but I think it can be done.
Even if you want to run a website on your phone (seems pointless…) Wouldn’t you need some kind of ngrok service to allow it to be accessible from the wider internet? In which case you could use whatever port you want and forward.
But then you’re kinda using a host aren’t you… and you may as well just cache it…
If it was lan/wifi/bluetooth/local only then I could see it being kinda neat. Could have a little personal profile page for the people in your immediate vicinity. Could even update it by location. Like a kind of hyperlocal Tinder.
But if this is a WWW page doesn’t it open up individuals to D/DoS attacks? What happens when an angry ex nukes your battery on a Saturday night? I don’t see why hosting from a phone should (or even could) be a thing.
The article doesn’t convincingly establish why phone hosting is important. If it’s a cost issue then wouldn’t it be a competitive loss-leader for an ISP add-on like we had in the past? ISPs used to provide web hosting, email, newsgroups, etc. Those all went away in favor of dedicated providers, which seems like a better model.
But if this is a WWW page doesn’t it open up individuals to D/DoS attacks- don't use it then, just like when ppl don't use sideload and the feature is locked unless they allow it
No thanks. ISPs have proven to not be trustworthy. What you are describing is a proxy like Cloudflare who you pay specifically to prevent abuse through your domain.
I want a firewall from my ISP about as much as I want a carwash from my public utilities.
I don't think anything personal should be on port 80. Too much work!
What I think we really need is more stuff like ngrok and cloudflare tunnels, in easier to use form.
If it has to go through centralized infrastructure anyway, I'd rather someone else process all the traffic first, maybe even keep DoSes out, handle the SSL, etc.
If self hosting is ever going to be a thing again, I think we either need that, or full P2P(I've written before about why we need to have something like .onion service URLs but without the anonymity, and even used a DIY implementation of the idea for a while).
But at the moment, without adding anything new to browsers, hosting through a cloud portal seems to be the most practical.
Lots of alternatives to Ngrok and Cloudflare - https://github.com/anderspitman/awesome-tunneling. What we need is more open source and permissives ones which are well maintained and easy to use. fwiw, I work on one in the list called zrok.io, its open source and we have a free SaaS version.
I dont think (as the author suggests) that IPv6 everywhere is happening anytime soon.
I'd seen some of these but Zrok is new to me and looks like one of the best!!
> The private share is identified by a share token. The accessing user will use the share token, along with the zrok access command to create a local endpoint on their system, which lets them use the shared resource as if it were local to their system.
That's really awesome both in terms of function and documentation. Clear and concise about exactly what it's going to do, and exactly the functionality I was hoping to see, especially in something that also has a SaaS web portal.
Will there ever be an Android client? I always thought that what the IoT really needs is some way to just plug in your IoT thing to Ethernet, scan a code on its crappy little LCD, and have them instantly paired.
It looks like OpenZiti doesn't do P2P yet but they're thinking about it? That will definitely be a big deal, but at the moment it seems like it's already 100% ready for the use case of doing a personal site.
Do you have an immediate need? If yes, I can check with the dev team to bump priority... particularly if the use case deploys into production.
Correct, Ziti has an overlay fabric with smart routing. This allows all connections to be outbound at source/destination for better security and simplicity. The smart routing potentially allows us to deliver better performance too. We do have P2P connections on the roadmap for use cases which would benefit more from that type of approach.
Nope, no immediate need here, I'm working on open source home automationish system, and vaguely keep my eye on ways to do remote access, but it's not a real priority since I'm mostly targeting things that don't need that kind of remote access.
It looks very promising! Maybe even something that could make self hosting worth it for DIYers!
I have several old phones that are about to become e-waste, but I'd love to use these old hardware to host my website or blogs at home. They are powerful enough (mostly ARM processor like Raspberry pi) and they have very low power usage.
hosting a website properly just isn't that difficult or expensive.
if somebody wants to have a website, they can. there's plenty of free options that don't involve a device that has intermittent connectivity, runs off a battery, and that you probably don't want to enable remote access to for security reasons.
the reason people don't set up personal websites is that they don't want to. not becauase they can't host it. facebook does a better job of serving the "personal website" niche than personal websites do. the dream of every person having their own website is a thing that tech nerds want from others, not a thing that most people want for themselves
> there's plenty of free options that don't involve a device that has intermittent connectivity, runs off a battery,
I have a great reason to host a website on my phone. I want to. It's my phone. I'm paying for the service. You can do what you want with your phone, but please, don't tell me what I can and can't do with my property.
It's a neat trick to demo a PoC on your phone if you find something really poorly optimized.
I took a product that was "required" "minimum spec" to be run on a c5.2xlarge, fixed it and ran it on my phone, with a load test.
It achieves showing how wasteful their approach to resources was, and how powerful smartphones have become, and a cool way to show off.
If someone wants to know how resource intensive something is, if you can say I can get X Tx/QPS on my phone, it's probably not that complicated, and not that hard to run/maintain.
The “showing how wasteful their approach to computing resources was” part wouldn’t work on me. I think I no longer see phones as inferior computing resources, at least not that much.
My phone can use ai to generate images locally[1], process video or camera raws, run better games than my laptop and likely more.
I support this idea as well. I remember toying with Bit Web Server (LAMP stack) on my Galaxy S3 about 10 years ago, and I also remember running Tor on my smartphone (and it could run as a proxy pass server for an .onion site). I fantasized with the idea that if I was a crime lord, that's how I'd have my website. Police raid? Nope, I'm on the go as long as I have my shiny EDGE connection!
I never finished the proof of concept setup to do it, but I know I could have done it.
Hear me out…
after reading the comments and seeing the multitude of innumerable issues with this idea despite its impetus as a solution to obvious societal problems, here is one possible way to approach solving the problem… given the scale, scope and complexity of the issue/s this is in no way a complete nor exhaustive plausible solution…
Rather than the phone hosting the website, the service hosting the backup of the phone should act as the webserver. Would solve uptime, and security. To solve the webhosting hostage situation will require an act of congress to make phone providers and manufacturers liable for loss of data for the phones complete with fixed rates for hosting. The act should also stipulate that webhosting with open standard api and servers is an absolute non-negotiable necessity subject to substantial penalties for failure to comply…. Seems harsh but it would cause an open market of third party sites to provide for the offloading / hosting / storage responsibilities while usurping the walled garden strangled hold. In addition would open up a huge search industry where the ticktock/ instagrams of the worlds are reduced to search algorithms rather than divine dictatorships.
I have had a desire for a long time to have one device that was central to everything that I did digitally. Until recently, I thought of the device being a phone that contained all my digital assets and relied on standard peripherals that are shared: wall screens, keyboards and monitors at public areas like libraries, monitor and docking setup at home, etc. Such a device would have encrypted backups on at least 2 independent cloud vendors, and if I lost my device, I could immediately buy a new one and have it refresh from a cloud backup.
Recently, since I often now leave my phone at home and just wear an Apple Watch, I am thinking that a smaller device than a phone would be good.
I am assuming the kind of infrastructure where my one device could privately and securely use ambient peripherals.
I think that too much of our life is spent maintaining and fooling around with digital devices. I think that a one device capability would let people make full use on digital infrastructure while freeing up time.
Port 80 / 443 privileges at the device's networking level, mostly. If you don't need those there are indeed plenty of options (e.g. hosting onion sites works fine).
Honestly, it sounds fun until your IP address is shown to the world. With the potential for people to hack it. For some of us, we have alot of personal and financial data on our phones. I prefer paying five dollars a month to a webhost shared servwe, that has a load balancer, updates the software, backups, etc
I mean, yes… but also why? For testing, or when I’m away from my computer, sure!
Popularizing dynamic DNS seems like a good idea, but may require new protocols altogether in order to support all the IP address changes. But yea, more edge compute; owned by the source. Sounds good to me.
You really don't want your phone's radio activating to serve random http requests, most of which are probably going to be bots, and people loading websites really don't want to wait for the latency that would be involved with your phone serving web requests.
What is the problem you're trying to solve? Is twitter... er... I mean X not unreliable enough for you?
Imagine someone depending on a resource that's on a device that moves in and out of service as you lose coverage or have to reboot to get bluetooth pairing to work right.
And what if you wanted to support TLS. Try explaining to normal people why they're getting security warnings because your CARRIER doesn't support dynamic DNS so your cert SN or SAN doesn't match your FQDN.
And proxies. I don't even want to think what carrier data teams will do to proxy requests.
I really like the idea of a carrier / manufacturer neutral protocol to get data (pictures, contact vCard, call logs, music, etc.) on and off a phone.
It's not running on the phone but it's a personal static website behind a phone. I run a small weather station page I can access anywhere from my house which is on LTE/NR. LineageOS is on my phone and it does not block inbound connections to routed ipv6 addresses on T-Mobile (US). ipv4 goes through a CGNAT. Weather station is running weewx on a raspberrypi connected via wifi hotspot to the phone.
To handle the issue of ipv6 addresses changing frequently (daily?) I have ddclient update my AAAA record to my domain on cloudflare. I don't set a A record. Then cloudflare just proxies any ipv4 traffic to the ipv6 address so anyone with my URL can load the page.
I’ve been thinking on and off about personal hosting. Not just for web, for everything that I want hosted. Eg data, address, location, permissions to message me or mail me or read some of my photos or all the functionality we give up to the cloud overlords.
I don’t want it on my device. Battery, connectivity and uptime aren’t suited to hosting. But it should be something I can delegate to a service (or set of services) and only care about the hosting details of if I want to.
Problem is, every time I see anything on decentralised identity or hosting, it ends up as an unusable dogs breakfast. We’re not there yet, but it’s worth pondering as a possible future.
One of the reasons the Internet is (was) so good is that it was a communication mechanism with a filter.
It used to be that you had to work hard (and pay more) to host anything on the Web and get your content seen. That meant that the Web had more high-quality content, written by high-quality people.
Inaccessibility on the content authoring and hosting side is a feature, not a bug.
Now that anyone can easily and cheaply host or dump out content, the quality has gone down. Internet content will continue to go down in proportion to how easy it is to get your content out in front of people.
Is this a new theory? Or am I repeating what is already a widely shared theory?
I've heard it before, don't know if the theory has a name though.
Fwiw, I disagree. To me, the best sites on the old internet we made by generous people donating their time and energy to make something cool, and nowadays
1. The internet is no longer cool in the same way,
2. The community is different
& most importantly
3. The vast amount of ad-based commercial websites.
Adding a financial barrier would just make it more dominated by commercial entities, and people wanting to share their stuff for fun would be more likely to post in a silod social media app instead of a website.
Additional theory:
Online payments weren’t initially possible / trusted and that meant lots of content online was put there out of passion rather than to derive a profit (another filtering criteria).
A bigger reason we should be able to run websites on our phones is to run decentralized or local-first web apps, but this requires also solving that our phones' network become accessible (e.g. implement Ipv6, but preferably bootstrap some fancy mesh network on-the-fly)
We should be chatting p2p through wifi/bluetooth by just letting our friends scan a QR code that links to our phone's web server that serves a p2p client for real-time chat in the middle of the jungle
In that same way, we should be playing games, take notes, run fair micro elections / lotteries, and hundreds of other coordination apps
Back in 2010-ish I talked to a Nokia engineer that said that their own study had concluded that it was a bad idea to have a phone be a server, because of battery draw.
It wasn't just about the number, size and frequency of requests: the cellphone protocol at the time also required the transceiver to be in a state of readiness for a time interval in-between requests, during which it drew more battery. And the software was not in control of those time intervals — the network operator was.
(If I had signed an NDA I don't remember, it should have expired by now)
No! The reality is that the vast majority of phone users don't want or need this and are better off with such abilities disabled. If you want to run your own low powered server use a raspberry pi. People have their banking credentials, most of their personal life, their most private images on these devices and most of the people using phones can barely handle the complexity they already involve. I'm all for allowing people to use their devices as they chose but there's a certain level of compromise that anyone should see is reasonable when it comes to phones.
I really like this in a cyberpunk-kind-of-way, but think it's impractical from a data usage perspective + the fact that your ip should change frequently on any mobile device.
In the abstract, I feel like editing a file on your phone vs. editing a file somewhere "in the cloud" isn't so different if the interface makes it indistinguishable, so I don't know if you get any real benefit to toting around your webserver...
but I like the notion of a homegrown, self-managed webserver that you keep in your pocket.
Recently my robotics team started using a web app called SPOT for scouting matches at competitions, at first we used the recommended free hosting service, but we ran into some rate limiting issues, so I just cloned the project and hosted it on my home server.
Out of curiosity, I also tried hosting it on an old LG G2 phone I had around, and it worked great, even though this is a 10+ year old phone (currently running the last version of LineageOS that was available for it, Android 11)
Let's assume that having full control over your phone is a problem. Then the biggest issue lies with power management. A phone will try to power down any subsystem which seems to be underused and that doesn't play well with a server listening on a network socket all the time. So either you will have to disable power management negatively affecting the battery life or accept that most of the time your server won't be able to handle requests.
Whatever the problem this would appear to solve, it makes more sense to me that router company should simply build in a 256GB web server into every router so people can host their own site. Routers are expensive and what's another $20 on the price? Hell do a deal with WordPress to use their software like the router companies do with VPN software. They already add FTP capabilities for NAS drives.
I think the problem with this idea is using it to host a personal website. There are so many other ways to host personal website that are better.
I think hosting services for Internet doesn't make sense, but does for local network. I have thought how could have disaster response server on local network. Instead of Raspberry Pi with battery, could have phone which is has own battery, and more likely to have one available.
No… we don’t want phones to be webservers. What a weirdly specific request. When is the last time you met someone in the real world who hosts their own website?
Webhosting is like £1 a month for the kind of thing you would be able to host on a phone. That makes infinitely more sense than this nonsense.
> All we need is IPv6 connectivity everywhere and phone operating systems optimized to run web servers.
Unless you're relegated to IPv6-Never ISPs (eg:Frontier) which doesn't matter to IPv6 advocates because IPv6 is already awesome! and everywhere that counts!
Sorry but the claim in this article is not correct (on Android) and is proposing a bad solution to the problem you're trying to solve.
First, nobody is stopping you from doing this. I just spent 30 seconds installing the first app I found on the Play store and 1 minute configuring my router, and now I have a static web server that I can hit from anywhere in the world.
But the real issue is that it's the wrong way to build a personal web server for your phone. The right way to do this is to host a server in a datacenter and install an app or service that pushes content to that server. Other users can hit that server to see that data you push. Tons of advantages of doing it this way (reliability, battery life, capability, throughput, cost, security, support for multiple devices, support for multiple kinds of devices, ...)
The reason that people don't build things like this isn't because they are evil or protecting their "walled gardens", it's just a bad design.
I hate it when people propose "just" getting another piece of hardware, be it for wireless connectivity, routing, internet/ad filtering, data and web hosting etc. etc.
WHY must people again and again insist on this? This is not the way for 99.999% of people
Why not insist on extending the abilities and security of the one device 99.999% of people already have, before insisting on the acquisition of another, special-purpose device, requiring its own intricate setup and maintenance and power and space and connectivity? I just don't get it.
I don’t buy the basic premise of the post. Why should a mobile server be good thing? It is either a constant drain on the battery or a server that responds very rarely. I remember taking a mobile communication class in university in 2007 and it was full of acronyms and history of standards but had some interesting stuff to it, eg how networks using directional microwave antenna would not work after an earth quake.
However, one of the last topics was the problem of routing for mobile servers and how to find optimized path if both the client and the server frequently change physical locations. And I remember the professor saying how this is a big unsolved problem for the industry. I think it is just not something that many people would use in practice.
A linux distro targeting old apple handsets would be excellent for this. Even it only EOL devices were supported itd still be very useful to have a lightweight arm server with battery backup.
I'm a big proponent of this idea. Unfortunately IPv6 alone isn't enough, due to firewalls. It's just not realistic for the average person to be expected to set up port forwarding etc. Now, if something like UPnP was universally deployed alongside IPv6, that would pretty much do it.
Personally, I think the future of self hosting is going to happen through IPv4 tunnels[0] with SNI routing. You also get the added benefit of not exposing your actual IP address, and dealing with things like DDoS become the tunnel provider's concern.
The "S" in IoT stands for security. A bunch of file servers inadvertently connected to the Internet isn't the best idea. Leaked personal data and botnets will just be the start of the problems.
Just because you can, doesn't mean that you should.
Nobody should be running their personal website on their cellphone. When I read this type of diatribe, I hesitate to agree with it. Abstract considerations of freedom lose out to "you're going to tell people they should do this, and that is a bad thing".
This entire thread should be saved in the Smithsonian. It’s the most epic bikeshedding about the stupidest idea, with people emotionally tying it to their pet peeves. Capitalism! Walled gardens! Free software!
No, it’s just a bad idea because few people want it, and even if you did want it, you can, and even then it open a up issues of battery life, reliability, etc. we can barely get actual software makers to care about personal websites, let alone normal people. And then we want to argue people should be able to host on their phones? Good gravy.
Who are you to say what people want? Why limit your imagination? Why not think about the possibilities first? Why presume that things must be difficult?
I'm so excited to use a spatial computer (a mobile VR headset computer) that can connect to my phone with my friends. We can host and create AR apps like that.
I remember running a server on an old tablet several years ago, it was awful. You would have to deal with the server not automatically starting up, not to mention the battery eventually failing and expanding.
And everybody should be able to eat a diet of mostly candy, smoke two packs of cigarettes a day, and stand outside in the sun as long as they want. But it's not a good idea, for reasons.
I disagree with this, but it is possible with one of those Linux shell emulators for Android, I forget if I tried it on iOS, but I've managed to do it both via Python and Golang.
If you want to keep a spare phone plugged in all the time in your closet, connected to Wifi/Ethernet, and hack it to be a webserver, then go ahead. But webservers on mobile devices, being used in a mobile way, are a terrible idea.