* quil...@riseup.net <quil...@riseup.net> [2020-10-06 18:06]: > Dankon! Thank you very much for this information. It is very useful for > me. The Internet is flooded with information to be used by a web browser, > which is now a universal application installer. I am totally freaked by > that. I like the take you propose: Simple way to exchange files with > versioning on a safe protocol such as ssh or vpn.
It can be simpler, there are visual, graphical programs for FTP, and one would use SFTP or secure FTP, and once server have been provided, each user could submit files into directories ordered by username and date and time. This allows for easy revision of various versions without using version control system. Each person is assigned access as the administrators decide. We have file permissions in file system, that can be used for access control and the file system itself with dates and times to be used for human revision control. And it can all be done by using some file manager that supports SFTP, including using similar on various operating systems. > It looks good. But there is always the problem of privacy and > anonymity. XMPP clients offer end to end encryption, normally OMEMO or OpenPGP, that is already solved and depends of the client. Connection to server should work over SSL anyway, so that is already encrypted on the way. The only problem remains with server, if anybody has access to server, such person could eventually get access to messages, and if they are encrypted by using OpenPGP or OMEMO, OTR or other system, even the person on server cannot read messages. > guess there are ways to encrypt XMPP and there is Tor for anonymity. Network provider could see that there is SSL connection to certain server, but would not see what it is. With Tor, the network provider spies would not be able to see where the connection goes. I hope that gnunet https://www.gnu.org/s/gnunet will solve that problem better in future, so that we get really private Internet with private DNS and without fascist spies. Yesterday I have read that US spy agency was asking Google to give them a list of users who have search for certain keyword, this may not be, or may be constitutional in the US, but is good advise to stop using Google for anything: use ad blocks to not use Google, install Replicant or LineageOS on Android devices to avoid Google spying on you. > But I am not sure if Tor is very secure. I have heard i2p is more > secure. Also, I have heard of tox.chat I have used Tox but client software was never stable as I wish. Security depends of the plan. For example, I am European in Uganda, and I often go to Tanzania or Kenya. We send money here by using mobile phones. East Africans have their "accounts" in the phone directly, which is well developed system of banking without a bank. So the money can be sent and received. But whoever can read SMS messages at network provider, can then find out to which persons money was sent, for which reasons, and from which persons money was received. So I have experienced personally that people can spy on mobile network by paying small bribe to one of operators that works there. I know it well, as the person blackmailing me, have told me about list of my friends, mobile money transactions and similar. So in that case, I wish to secure my local communication, so I am using Silence application to encrypt local transmission of messages. And I advise just any person to use XMPP, now if they use XMPP, I am protected from local spying, not necessarily from foreign spying. Yet Internet service provider in Norway may not have any interest to look into my XMPP messages, so it is enough to protect the connection with SSL, it need not be end to end encryption. Even GMail can be good enough, to protect me from local spies, so I can send email in plain text to Gmail address, but what is important is that such information did not go over insecure connection and over local SMS, as that way local spies could read what I was sending. Security will always depend of many small details, and is never perfect. One has to consider every single detail, is the local device secure? Maybe not, maybe there is no PIN, or password, and if there is such, maybe it can be circumvented, mobile phone can be stolen, that is easier to do then spying on digital networks. Innocent borrowing of a mobile phone can be enough to install key logger or other spying applications that could obtain data in background. Nice girl on the corner asking man to borrow the phone to call their mother in hospital, it could be enough to spy on a person for years. If there is SSL connection to server, the server provider still could have access to the VPS or dedicated server, maybe even VPS could be broken by other VPS users, we never know. There are hundreds if not thousands of attempts to break into the server per every hour, I know it, as I have the logs. In general, there are too many details that one need to put attention on for full security, and it is never perfect. > I think the terminal client can be used even from inside Emacs. Yes, sure it can. By the way I am using EXWM or Emacs X Window Manager, so anything I launch, like movie or graphical software, it is launched within Emacs, and I am comfortable with any graphical environment, I switch to others. > It would be nice to have a manual to mount everything needed in a server > with what you describe and the required setup on the workstations. The > best would be serverless, p2p infrastructure on the style wahay.org > has. Well, I can say yes and no. It depends of what a group or people want to do. In East Africa, we do not have fixed line Internet, and Internet in general is not fast enough, especially if one is outside of the city, or in the bushes. My experience with Tox tells me that it will simply not work in such bad network areas, but Murmur/Mumble server works well. Wahay is using Mumble in background over Tor. So that is familiar to me. Wahay offers integration with Tor, but I need not download Wahay to use Mumble over Tor. I do not think that I wish my group to depend on Tor as we have VPN, thus it is not necessary, and understanding security and planning of it is more important than blindly believing the websites. Instead of Tor, I can establish VPN, it works on mobile devices and without problems. If the country where I am located would prevent me using VPN to certain servers, in that case I could use Tor, or I could simply open up other VPS on other part of the world for VPN. > No one would need to depend on the internet lords (domain name and > public IP address) or learn how to set up a server. In general, the motion not to know is bad direction in society. Raising technological levels did not raise interest or knowledge level of society, so that cannot be good. With arrival of Spectrum, Commodore, Atari, Amiga computers, and then PC computers, general society became very interested. With arrival of public Internet access from somewhere 1990-1993 people became more and more interested in computing and computers, and then somewhere up to 2005, and there were many private websites. Facebook, Google and other large companies that "make the user not know nothing", disturbed the natural demand for education and disabled users, effectively making them dumb to computing. Only smart phones remain smart. People should learn: - how to setup their own domains - their own email system - how to encrypt emails - their own XMPP server - how to encrypt XMPP connections - their own websites and other services, that is not hard to learn. > Failing that, the infrastructure you describe would be nice to set > up with a complete guide (not pieces with links) in order to have an > integral and simple configuration. (Please do not feel obliged to > construct it. It is just an extremely useful thing to have in order > to build a simple, yet efficient and modern technological > infrastructure, without the bloat.) Rather re-ignite again the spark and interest in computing, than making people not know anything. _______________________________________________ libreplanet-discuss mailing list libreplanet-discuss@libreplanet.org https://lists.libreplanet.org/mailman/listinfo/libreplanet-discuss