How does it connect to my devices when I'm away from home?

Harbor uses Tailscale, a widely-used networking service built on WireGuard. You install the free Tailscale app once on each device. In most setups your phone talks directly to the dock over an encrypted tunnel, with nothing in between. When a direct connection isn't possible (some mobile carriers, restrictive wifi), Tailscale relays the encrypted traffic — they can see that you connected, not what you sent. Harbor's servers are never in the data path; we don't see your files at any point.

Can I import files from Dropbox, Google Drive, iCloud, or other cloud accounts?

Yes. The dock includes an rclone-based UI that connects to Dropbox, Google Drive, Proton Drive, iCloud, OneDrive, Mega, and any other service rclone supports. You can pull files in once for archival, or set up ongoing one-way or two-way sync per folder. The connection lives on your dock, not on a Harbor server, so the credentials stay with you.

What if I only have one dock — how does backup work?

Harbor uses your existing cloud accounts as distributed backup. Connect Proton Drive, Mega, and a couple of other free tiers, and the dock spreads encrypted file copies across them automatically — staying under each provider's free-tier limit. The backup overview UI shows what's stored where, so you can see at a glance which folders are covered and which still need a target. Pairing two docks gives you the cleaner mutual-sync story; the cloud-free-tier approach is what gets most people a real off-site copy without spending a cent extra.

Why ARM and not a mini PC?

ARM single-board computers are the right shape for always-on appliance storage: single-digit watts idle, low heat, no fans, designed to run for years. The dock is meant to live behind a TV or in a closet, not to crunch numbers. The bottleneck for storage like this is the USB drive and the network, not the CPU. A mini PC would be more powerful but consume 4 to 6 times the continuous power for no benefit on this workload.

Does it work on iPhone, Android, and desktop?

Yes. Mac, Windows, Linux, iPhone, and Android all work. Once you install Tailscale on your device, the dock appears like a local server. Open any browser, type its name, and your files are there.

What happens if my home internet goes down?

Devices on your home Wi-Fi can still access the dock normally. It is a local network device first, remote second. Remote access from outside the home pauses until your internet returns, the same as any home server. Your files are never lost; they live on your drive.

The Harbor Dock itself, a small low-power device, plus a power adapter, an Ethernet cable, and a quick-start card. You bring your own USB drive (any size, any brand).

What size USB drive can I use?

Any standard USB drive works. Common sizes range from 1TB to 20TB. Use one drive for personal storage, or pair two docks (one at home, one at a friend's or family member's place) for automatic encrypted off-site backup.

What happens if the drive dies?

A single dock with a single drive has the same failure profile as any single-drive setup: if the drive fails, what was on it is gone. Harbor isn't a RAID array; we don't pretend it is. The intended pattern for anything you can't afford to lose is two docks at two locations, syncing to each other. That's the off-site backup story. If you only buy one dock, treat it like you'd treat any external drive holding important files: keep a separate copy of the photos and documents you can't replace.

How much power does it use?

It's a low-power ARM device designed to run 24/7, like a Wi-Fi router. The impact on your electricity bill is minimal, closer to a smart hub than a desktop computer.

Will it be open source?

Yes, that's the plan. The dock software and companion tools will be open for anyone to audit, build, or fork. You probably won't ever need to look at the code, but knowing the option exists is the difference between owning your storage and renting it.

What if Harbor Dock the company disappears?

Your drive keeps working. Files are stored in standard formats. Plug the drive into any computer and read them directly. Tailscale is independent infrastructure that keeps running without us. You are never stranded.

May 4, 2026

The actual threat model for personal data, and what most setups get wrong

RAID is for one specific threat. Subscriptions are for another. Most home setups confuse availability with durability and end up protected against the wrong things. Here's a sober walk through what can actually take your photos.

People reach for storage decisions the way they reach for home insurance: they pick what their neighbor has and assume it covers the things that worry them. It usually doesn't. The way out is to spell out what can actually take your data and check, threat by threat, whether your setup protects against it. Most don't, but for different reasons than you'd guess.

The threats, ranked by how often they happen

Worth distinguishing two axes from the start. Availability is whether your data is reachable right now. Durability is whether it still exists at all. RAID buys availability, not durability. Most household disasters are durability problems pretending to be availability problems.

In rough order of frequency, the threats that actually take personal data are these.

You delete the wrong thing.By a wide margin, the most common cause of personal data loss is the operator. The file is gone before any system has had a chance to fail. RAID does not help; the deletion replicates. What helps is versioning or snapshotting that you can roll back through, and an off-site copy that runs on a delay (so the deletion hasn't propagated yet).

The drive eventually dies.Spinning disks fail at predictable rates over years. SSDs fail differently — often abrupt, often during writes. RAID is the textbook answer. So is “don't put anything precious on a single drive without a copy elsewhere.” Both work, with very different operational costs.

The thing burns down or gets stolen.Fires happen. Burglaries happen. Whole-house events take every drive on the premises with them, including any local mirror you set up. The only protection is a geographically separate copy. This is where most household setups quietly fail; people set up a NAS, check the “backup” box on the feature list, and never actually move data off-site.

Ransomware encrypts your home network.One infected machine running with broad write access can encrypt every file it can see, including the network-attached storage. RAID and live mirrors are useless here, because they faithfully replicate the encrypted versions. The protection is an off-site copy that is either air-gapped or versioned (so you can roll back to before the infection).

Your cloud account gets locked out.An algorithm flags an upload, your password is leaked, your payment fails for a month, the company decides you violated policy you didn't know you had. You lose access to whatever lived only there. This isn't rare; it's a regular complaint thread on every major service's support forum. The protection is a local copy and the discipline to actually keep it current.

The vendor changes terms. Subscription doubles. Free tier shrinks. The provider sells to a company you trust less. The product gets discontinued. Protection is the same as account lockout: a local copy you can keep using.

Surveillance, subpoena, or compromise.Lower probability for most people, but real for some. Files held by a third party are accessible to that third party in ways files at home aren't. Protection is zero-knowledge encryption (uncommon, hard to operate) or keeping files at home (common, easier).

What common setups actually cover

Cloud-only (Dropbox / iCloud / Google Drive).Strong on availability, drive failure, and disaster (the cloud doesn't care if your house burns down). Weak on operator error (limited version history, varies wildly), ransomware (synced clients replicate the encrypted files), and the vendor-lockout / terms-change / surveillance trio (these are the threats cloud is structurally worst at). For most households this covers the easy threats and ignores the hard ones.

NAS with RAID, no off-site.Strong on drive failure and (sometimes) operator error if you configured snapshots. Weak on disaster, ransomware, theft. Many NAS owners think the box itself is their backup. It isn't. It's their primary; they need a second copy somewhere else.

Single-drive local box with off-site.Counterintuitively, this often ends up better-covered than the RAID-without-off-site setup. You lose availability during a drive failure, but durability is preserved across the threats that actually destroy data (disaster, theft, ransomware, vendor failure). For personal storage, an hour of downtime during a disk swap is cheap compared to a permanent loss.

Cloud-plus-local hybrid.Strong on most threats. Probably the most defensible setup available, if you can stand the operational overhead of keeping two systems in sync. Costs you the cloud subscription forever — or, if you split files across multiple cloud free tiers, costs you nothing but operational complexity. We built an interactive demo of how a household's files distribute across cloud free tiers in that pattern.

The mistake nearly everyone makes

The mistake is buying availability and calling it durability. RAID, mirrored sync, hot-spares — these address one specific threat (a drive failing during normal operation) and zero of the bigger ones. People install a Synology, configure a mirror, and check “backup” off their list. Their data is now protected against ~5% of the realistic threats.

What actually protects personal data is the boring answer: at least one copy somewhere geographically separate, encrypted, that you periodically verify works. The off-site copy is doing more for you than RAID, zero-knowledge encryption, snapshots, or any other single technology in this space. Everything else is optimization on top of it.

What to actually do

Skip the technology shopping for a moment. Pick the two or three threats you actually care about — usually some combination of drive failure, disaster, ransomware, and operator mistakes — and pick the simplest setup that covers all of them. For most households that's a single-drive primary at home (or in the cloud) plus an off-site versioned copy somewhere else (a friend's house, a different cloud, or both). RAID is optional and mostly serves availability, which most households don't need.

Whatever you choose, test the restore path once a year without warning. Backup that hasn't been restored from is theoretical. The most common form of data loss is the one where you find out the backups stopped working in 2023.

For a more concrete take on how this maps to filesystem choices on the box itself, see “Why ext4 on a single drive is the right choice for most households”. And for the cloud-cost side of the durability picture, the 5-year cost calculator puts a number on what the “cloud-only” row above actually costs over time.

The actual threat model for personal data, and what most setups get wrong

The threats, ranked by how often they happen

What common setups actually cover

The mistake nearly everyone makes

What to actually do

Want a private cloud that does not phone home?