IMA with database and pictures in the cloud

Started by hluxem, February 03, 2019, 06:07:22 PM

Previous topic - Next topic

hluxem

In the past years online storage has become really cheap and I think it becomes very common to store or backup pictures in the cloud.
While I own IMA and I know I could share my pictures and database with family and friends, I don't know enough about networks and VPN's to have a good feeling about allowing access to my home network. Just yesterday I spent quite some time trouble shooting my home network. I used SMUGMUG and other sharing sites, but it is always something like transfer the pictures to the site and keep them synchronized. Once you share them on the site, there is only a limited tool set available and in terms of privacy, you rely on what ever service you use. All the free services will for sure analyse the pictures and use it for whatever they can make money off. What I would really like is Imatch/ IMA with a database and the pictures encrypted in the cloud.
I thought I remember that quite a while ago something like this was mentioned, but I'm not sure. Is that just a bad idea or something we may see at some point in the future?

Heiner


Mario

#1
I'm not sure about the "cloud part".

You can install IMWS on a Windows PC in the cloud.
Or you install IMWS on a Windows PC in your home network and open a port so other users can connect to it from the Internet.
Or you separate the two parts:
Run IMWS on a Windows machine behind a firewall.
Run IMatch WebViewer on a web server open to the Internet (Apache, NGINX, IIS). Setup the web server as a reverse proxy so it forwards requests to IMWS but hides IMWS from the Internet.
This is what corporate users do.

The problem is not the IMatch Anywhere technology. The problem is the security.
When you run a web server on the Internet, it will be under attack all the time. Bad people will run bots which try to break into your server, take control of it and then abuse it for malicious purposes.
80% of all emails is SPAM, sent from hacked servers all over world...

I cannot 'harden' IMWS against all possible attacks. It is not designed to be run directly open to the Internet. Not even the big companies get that right, and they have not one but hundreds of developers.

You can just rent a virtual Windows 10 PC from one of the big vendors (Microsoft, Amazon, Google) and install IMatch Anywhere on it. Then send your friends the URL and they can browse your files.
Such a virtual cloud server will cost you a few dollars per month, even less if you don't run it 24/7.

Problem is, you are responsible for the security. If somebody breaks in and abuses it, the cloud vendor will shut it down and ask some serious questions.
Of course, if you run the virtual PC only for this purpose, you can just shut it down and set up a new one. Quick to do.

Securing a server requires know-how. The big companies have vast security departments, and even they get hacked. Just look at all the security issues and break ins and data theft just in the last year.

This is not something I can recommend for normal users. It terms like VPN or reverse proxy are new to you, don't bother.
Upload your files to one of the cloud image services (Smugmug, Google Photos, Amazon Photos, Flickr, ...) and you're good.
If bad people take over their servers, you are not responsible. All you can lose are the copies of your images and maybe some personal data.

If you want to allow others access from the Internet to a PC running in your home network,. the simplest and most secure way is a VPN (virtual private network).  Works great for IMWS and also other services you might want to offer others. There are numerous articles on the Internet which explain this. And maybe your router at home already supports VPN (e.g. FritzBox) and yo only need to enable it.
-- Mario
IMatch Developer
Forum Administrator
http://www.photools.com  -  Contact & Support - Follow me on 𝕏 - Like photools.com on Facebook

Jingo

Agree 100% with this... I long ago gave up trying to allow family access to my stuff (even IMA which I only use internally in the network).  I just use a "self-hosted" gallery now which I have running on my online Hosted Server (webhostinghub).  For a few $$$ each month, I am able to upload JPG's of my images to the gallery as part of my workflow.  If family want to view the files, they go to a simple web address.. simple and easy and my home network remains closed (or as closed as it can be).