Il 6/29/13 1:02 AM, Anthony Papillion ha scritto:
So I'm setting up a new Jabber service at www.patts.us.
I want to make it as secure and safe as possible for people to use it
and I'd like some advice. Here's what I've done so far:
1. Turned off all logging on the server (httpd, xmpp, etc)
2. Doesn't require ANY user info to register
3. Doesn't log conversations
4. Allows access via Tor
It would be a nice transparency measure to run a small web server that
provide direct access to the full server filesystem, allowing to browse
everything and download any files, with few exceptions such as SSH or
SSL private keys.
That way anyone would be able to fully inspect the server, even without
logging-in, by assessing configurations and checking out that logs are
not kept.
--
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - http://globaleaks.org - http://tor2web.org
--
Too many emails? Unsubscribe, change to digest, or change password by emailing
moderator at compa...@stanford.edu or changing your settings at
https://mailman.stanford.edu/mailman/listinfo/liberationtech
