
Show HN: Duple – Private cloud at home - louisknows
https://www.duple.io/en/?j
======
zelon88
I'm _really_ into home Cloud stuff. This answers none of my questions.

1) Where will my files be stored?

2) Does Duple store a copy?

3) What does Duple do with my meta data? What do they do with usage stats?

4) Does Duple have any third party contracts or contractors with access to my
data?

5) How does putting Duple software on an RPI make my files available from
anywhere? How do you enable access to my device from anywhere?

These guys are asking for an awful lot of faith from users who are looking to
potentially store their entire lives on their service. We deserve to know how
it _really_ works.

~~~
human20190310
What is the purpose of having "the cloud" in your home at all? To me "the
cloud's" primary value is that it is running off-site, in an environment that
capably and regularly deals with broken equipment. If my work is backed up in
Google/Dropbox's data center, I don't have to worry about it if my house gets
flooded.

Having the cloud in your house, running on whatever stuff is laying around,
just seems one small step removed from just keeping everything on your laptop
and hoping it doesn't break.

~~~
zelon88
You're not wrong about the benefits of the Cloud. Some people make bomb
shelters in their basement, some people stockpile canned goods. I stockpile
data. I even have an old text only offline copy of the English Wikipedia.

My main issues are privacy. I don't want Google peeking into everything I
upload for marketing materials. I also don't want to trust a third party
company with my kids photos. They can change their privacy policy in the blink
of an eye, or disable my account by accident without reason or warning.

Then there's the security aspect, and I'm settling in for a fight here.
Google, AWS, Azure... These are all consolidated attack vectors. When WWIII
breaks out it's not starting in the physical world. It's starting on the
internet, and the first casualties are going to be major infrastructure
providers followed immediately by FB, Google, Microsoft, and AWS.

Take out those 4 companies and our world is in chaos. Your company won't get
their emails, their apps will be offline, and half our economy will be out of
business by morning time.

But not me. My RAID arrays are still spinning away and if I want to I can
reach out and touch them. Who knows where everyone elses data is. That's not
my problem.

~~~
KingFelix
Great dialogue here, you should turn it into a video with some epic music in
the background, and fading images in and out, rock flag and eagle.

And host the video on a rasberry pi, at your home, on Peertube

I have been enjoying learning about self hosting, Matrix.org has been the next
project I am interested in, once I get bored with other current hobby
projects. Hosting my own node, that and I am waiting for the Google photos
clone to get up version 1.0 so I can self host all my images too.

~~~
teleclimber
> waiting for the Google photos clone to get up version 1.0

What is the closest open source alternative to Google photos?

------
dperfect
> No server needed. No expensive hardware required... You can use your Router,
> NAS, Raspberry Pi, Smart TV.

So... it turns those things into servers then (many of which already run
servers by default)? Maybe I'm misunderstanding, but a device running server
software is still a server, even if it isn't dedicated to only that task.

~~~
magashna
Cloud = servers someone else has and mostly maintains for you

Cloud...at home? This is a dumb headline. The definition of "server" has gone
from big bulky slabs of bare metal to include smaller things like a RPi.

~~~
dragonwriter
> Cloud = servers someone else has and mostly maintains for you

No, ”cloud = on-demand provisioned server resources”; that was what
distinguished cloud computing from pre-existing remote-leased or on-premises
resources. “Private cloud” (usually, on-premises of the user) has been a thing
since very early in cloud computing, and “at home” has been plausible for even
fairly casual users at least since Ubuntu 9.04 bundled Eucalyptus.

But this service is just abusing “cloud” to mean “SaaS”, I think (in that it's
a demo of a paid SaaS product that incorporates your hardware.)

------
infinisil
From what I can gather from the FAQ, this won't work for routers behind a NAT,
which is the case for me and I assume many others too, this should probably be
mentioned somewhere.

A bit worrying that it'll be forever closed source, especially since it needs
to expose your router to the internet and that it's written in C and also this
sentence from the FAQ:

> Everything was built from scratch

~~~
jbverschoor
Long live zerotier

~~~
redblacktree
Thanks for the tip. I'd never heard of it. For others like me:
[https://www.zerotier.com/manual/](https://www.zerotier.com/manual/)

~~~
mceachen
Here's their getting started page (not terribly mobile friendly though)

[https://zerotier.atlassian.net/wiki/spaces/SD/pages/8454145/...](https://zerotier.atlassian.net/wiki/spaces/SD/pages/8454145/Getting+Started+with+ZeroTier)

------
projectramo
This is the offer:

"The beta version of Duple is now available. You can download it and use it
for free. However if you’d like to participate in the Duple beta program, and
get a lifetime discount as a reward, click here."

But I don't understand what we are paying for going forward. Presumably you
pay for the software once. Is there a recurring charge of some sort? What for?
If the software is on premise, you can't really turn it off or stop it from
working.

Does duple, the company, ever touch the data?

If privacy is the killer feature, it seems that an open source version will
ultimately displace this.

~~~
davidandgoliath
Better to use syncthing, simple equivalent & free / open source.

~~~
anderspitman
Syncthing is great (I use it for all my syncing needs), but it's scope is
limited. It doesn't really solve file sharing in a user-friendly way.

~~~
smush
While I agree Syncthing is about seamlessly syncing files with devices you
own, not file sharing as such, it does a good 98% of what this program offers
with a more open source background and is completely free.

I share files, what, once a year? Syncthing works great for that use case. If
I want to share files too big to email, I can stand to upload to
Onedrive/Dropbox/an open directory on my web server for that one-time use. For
more frequent setups, sure an Owncloud/Nextcloud instance wouldn't be amiss.

~~~
anderspitman
Oh I wasn't arguing in favor of using this. I doubt I'll ever use non open
software for my data again. Just saying I've run into problems trying to use
syncthing for sharing files.

~~~
smush
No offense intended or taken, you and are I are in complete agreement re: what
software should be touching our data.

I believe you when you say you've had problems performing file shares to
arbitrary people, my comments were directed only that my use case is somewhat
different.

Cheers!

------
ChrisMarshallNY
They have some fairly hefty competition:

[https://www.synology.com/en-
us/dsm/feature/drive](https://www.synology.com/en-us/dsm/feature/drive)

[https://www.drobo.com/homeoffice/#file](https://www.drobo.com/homeoffice/#file)

I'm pretty sure that most NAS vendors have some variation on "Home Cloud."

I think most folks that want to set something like this up, will want a
turnkey solution.

~~~
adamredwoods
Looking at their "about us" page removed my confidence from their product.
They should fix that asap.

For my data, I want reliability and security. I want something that has been
battle-tested, and that I am confident will be around in a few years. This is
why I went with Synology. Two guys in a "garage/bootstrapping" does not
instill confidence.

------
Mathnerd314
[https://doc.duple.io/duplecli-documentation/](https://doc.duple.io/duplecli-
documentation/) [https://doc.duple.io/faq/](https://doc.duple.io/faq/)

So basically Dropbox but with an SFTP server or network/local filesystem for
hosting.

------
peterwwillis
When someone says "modern day snake oil", this is what I think of. A "cloud"
that isn't the cloud _at all_ , pretends to be more reliable and secure than
it is, and over-sells basic features like replication. "This USB stick will
solve all your problems for a low, low price!"

------
wheresvic3
I'm sorry but Nextcloud is getting a bit of an unfair shake here. I recently
got a raspberry pi 4 and installing nextcloud on there wasn't rocket science:
[https://smalldata.tech/blog/2019/07/12/setting-up-a-
raspberr...](https://smalldata.tech/blog/2019/07/12/setting-up-a-raspberry-
pi-4-home-server)

In fact the biggest issue that I faced was that my router did not support NAT
loopback which led me to using the pi for DNS in order to be able to use my
"private" cloud.

Nextcloud is an open-source dropbox and is written in PHP. It can be very
easily installed via docker and is quite mature at this point with a rich
ecosystem of 3rd party apps for functionality other than file sync. Big props
to the folks working on it!

------
lonelappde
It's not open source and it's not for sale, even though it's a business, so
beware about what it's future may be.

However it might be reusable with an alternate core:

> Q: Do you plan to open-source it later? A: We'll open source everything
> (server, interface, etc...), except from the C Library. Reason being that
> the library is what gives us our technical competitive advantage (being that
> you get the full private cloud experience with no need for a server). It's
> also important to note that you can't patent your code/algorithm in Europe,
> so there's no other way to protect it. But everything else expect from the
> library will be open-source.

------
gramakri
How is this different from syncthing -
[https://github.com/syncthing/syncthing/](https://github.com/syncthing/syncthing/)
? I am still trying to figure out

~~~
Mathnerd314
Syncthing is peer-to-peer, Duple is one master + many slaves.

~~~
nodesocket
First time I have seen Syncthing. I am currently using Resilio Sync to sync my
"Sites" directory across my iMac and MacBook Pro. Resilio seems to work well,
but it has not been updated in a long time (running v2.6.3) and sometimes it
uses nearly 100% of a single CPU core for no apparent reason for extended
periods of time.

How does Syncthing stack up against Resilio?

------
JoshuaMulliken
"military-grade encryption" in marketing materials always scares me. Just tell
me what the algos are

~~~
kube-system
ROT13 of course, designed to Roman military specifications.

~~~
tlb
Caesar ciphers mostly shifted by 1 or 3. Their alphabet had only 23 letters
(no J, U, or W) so ROT-13 wouldn't had the cool property of being its own
inverse.

~~~
dragonwriter
ROT13 is 4 rounds of Caesar-3 and one round of Caesar-1, and multiple rounds
of encryption and mixing different modes makes it that much more secure,
right?

------
tannhaeuser
A bit offtopic, but does anybody know a micro server the size of an Intel NUC
or Mac Mini, but with 100+W desktop/server (real, not cloud) hardware for use
as CI server?

~~~
drKarl
I wanted also a small, energy efficient server for CI at home. I was looking
at SBCs (Single Board Computers) like Raspberri Pi and now others. Most are
ARM based and max out at 2Gb or 4Gb RAM. I ended up buying an Odroid H2, which
is x86 and takes up to 32GB RAM. I just received it so haven't put it together
yet... also depends what you want to do with it how much you want to spend, I
bought 32GB RAM, 1TB nvme and 6TB SATA HDD and plan to run everything on
containers (docker). Also instead of say, Gitlab, Jenkins and Artifactory I
think I'll use Gitea, Drone.io self hosted and I was looking at strongbox
instead of Artifactory but not sure if it's production ready.

~~~
gorbachev
What kind of enclosure are you using for it?

I currently use a server I built inside a Fractal Node 304 case for that same
purpose. While compact for a regular PC type server, it's still a little bulky
for my liking.

~~~
drKarl
Odroid-H2 Case Type 1

------
r00fus
So how does this thing work? Does the private cloud only exist when the
storage device is plugged in?

I see "smart TV" as a host option, does that mean the storage devices can use
unaware USB hosts to be a communication mechanism?

Interesting idea, I'll have to try it @home. Whitepaper on how the tech works
would be nice.

~~~
aloknnikhil
A white paper is necessary to understand this. It doesn't make sense
otherwise. How would a smart TV or any TV for that matter be configured to
export it's USB devices as a network mount? I mean, there's absolutely no way
to reach a USB drive attached to your TV except from within the TV itself.

------
mvanbaak
"You have one repository folder and one folder Duple on each device where you
can access your cloud. This Duple folder works like a Dropbox folder, and
everything is synchronized in multidirectional way between all the devices
(all the Duple folders) and the repository folder which contains the totality
of the private cloud."

So, here I am, exposing my 36TB nas using this new duple thing. Because every
client needs the repository folder which contains the totality of the privace
cloud, how is this going to work?

------
cik
I finally ditched SpiderOak for SyncThing about a month ago - and I haven't
looked back. It solves all of these issues, I fully host it myself, and I can
access everything, exactly the way I want to based on shares.

I have a machine in my office, a shared folder on my mobile, two machines at
home, and my wife has her office, and her work laptop. It's everything these
things should be, other than the lack of an iOS app for her.

~~~
smush
I have a lot of devices as well - syncthing can handle em all.

3x phones for photo upload, music sync, TWRP zips etc.

2x personal laptops

2x work devices + a personal VM

2x close friend party shares for easy linux iso sharing overnight

And most recently, added one volunteer device for instant/eventually
consistent overnight poor-man's offsite data backup.

I can mix n match folders for this on the fly and feel no loss of
functionality with how little I do arbitrary internet file sharing.

------
sorryitstrue
I need more from private cloud than just storage

------
dochtman
Apart from all the other stuff, it seems suspicious that they would use
Serpent for encryption, rather than using AES or another more well-known
cipher suite (also, no talk about AEAD).

[https://en.wikipedia.org/wiki/Serpent_(cipher)](https://en.wikipedia.org/wiki/Serpent_\(cipher\))

~~~
ocdtrekkie
The article you link perhaps hint at why the developers felt like this: The
NIST report apparently suggested Serpent was actually a bit more secure, but
Rijndael was chosen for AES because it allowed for a more efficient software
implementation. The developers may feel that that trade-off wasn't worth it,
although obviously, going with a less-common strategy for encryption is
generally discouraged.

~~~
peterwwillis
Which is crazy. AES is good enough for TOP SECRET, it's the most widely
supported & vetted modern cipher, and all modern hardware has instruction sets
dedicated to it that prevent timing side channels (which Serpent can't claim).
Not using AES here is a product design red flag.

------
mattsfrey
Does anyone remember younity? Same exact product, same exact tag line
"personal cloud" etc. (ex-engineer here)

------
ignoramous
I see
[https://www.duple.io/en/blocked.html](https://www.duple.io/en/blocked.html)
when I click _Try Duple_ What countries do they intend to not sell their
software in and why? A FAQ would be nice.

------
anderspitman
I found the FAQ[0] to be the most informative.

[0] [https://doc.duple.io/faq/](https://doc.duple.io/faq/)

------
akerro
So I read the frontpage, download/try page and installation and still have
absolutely no idea what this project is about.

------
kmano8
Somewhat related- I've gotten a lot of mileage out of using Cryptomator (no
affiliation) with iCloud to have access to encrypted documents across devices
without having to worry about the pain of self-hosting. Here's a blog post I
wrote about it [https://karlshouler.com/posts/2019-05-31-secure-cloud-
storag...](https://karlshouler.com/posts/2019-05-31-secure-cloud-storage)

------
asdkhadsj
I clicked for a "Private Cloud", and all I saw was storage of files. Am I
missing more?

------
dplgk
Home cloud is an oxymoron, no? At what point is it just "I have some servers"?

------
kemonocode
Blocked in Venezuela. Not entirely surprised, but very disheartening.

------
milad_nazari
tl;dr:

It's an easier to install and use Nextcloud alternative, with open source
components (to be released in the future) but closed source core.

~~~
acomjean
I thought of nextcloud. Seems very similar:

For those unfamiliar nextcloud is kinda an open source Dropbox.

[https://www.linuxjournal.com/content/nextcloud-13-how-get-
st...](https://www.linuxjournal.com/content/nextcloud-13-how-get-started-and-
why-you-should)

------
tibbydudeza
Blocked in South Africa.

------
cat199
how does this differ from owncloud/nextcloud?

------
swiley
>How does it work?

>Just turn it on!

That’s not an explanation of how it works, that’s an explanation of how to use
it.

(I mean, you just know something stupid like that is coming the moment you see
a loading progress bar for a static page. It’s not surprising, just
disappointing.)

~~~
ocdtrekkie
I mean, we need this sort of technology to take hold with non-technical users,
so I applaud it from that aspect... but us technical users want to know what's
actually happening here. And the fact that the source is "coming soon" doesn't
help either.

Oh, here's what we're looking for:
[https://doc.duple.io/faq/](https://doc.duple.io/faq/)

~~~
macspoofing
>we need this sort of technology to take hold with non-technical users,

I'm pretty sure non-technical users are not looking for a private cloud.

~~~
ocdtrekkie
Are you sure? Eventually people are going to realize that the SaaS companies
have sold them out. And they may not understand what a private cloud is, but
that's what they're going to want: The convenience they're accustomed to in a
device only they control which can't be shut down or taken away from them.

~~~
anderspitman
ISPs (at least in the US) have been selling their customers out for years.
Nobody cares as long as Netflix works and their photos get to the people they
want to see them.

------
samirm
Terrible website design. Absolutely no reason to block all content just
because I have js turned off.

~~~
anderspitman
While it would be nice if they provided HTML endpoints, there are valid
reasons for using SPAs, even for text-heavy sites. That said, the loading bar
is a bit mind-blowing IMO.

~~~
quickthrower2
What are those valid reasons?

