From mboxrd@z Thu Jan 1 00:00:00 1970 From: ng0 Subject: Re: Building a secure communications server Date: Sat, 13 May 2017 11:31:28 +0000 Message-ID: References: <20170513060327.GA20242@thebird.nl> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:54745) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1d9VGz-0005m5-Ia for guix-devel@gnu.org; Sat, 13 May 2017 07:31:46 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1d9VGu-0003vw-Qo for guix-devel@gnu.org; Sat, 13 May 2017 07:31:45 -0400 Received: from [195.159.176.226] (port=43194 helo=blaine.gmane.org) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1d9VGu-0003vW-KG for guix-devel@gnu.org; Sat, 13 May 2017 07:31:40 -0400 Received: from list by blaine.gmane.org with local (Exim 4.84_2) (envelope-from ) id 1d9VGm-0004cY-RP for guix-devel@gnu.org; Sat, 13 May 2017 13:31:32 +0200 In-Reply-To: <20170513060327.GA20242@thebird.nl> List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: guix-devel@gnu.org On Sat, 13 May 2017, Pjotr Prins wrote: > In light of recent political attacks on E-mail servers in France and > the USA and in light of the current worm attack I think it is very > clear we need communication servers we can trust. I am running my own > E-mail server and with the progress we are making in GNU Guix (system > configuration, image creation) I think we are close to creating a > solution that others can use. What I want achieve is that we can fire > up an image on a VPS with safe communications. It would contain a mail > server and webmail. The user will have option to allow users to only > communicate internally and, perhaps, keep incoming mail in one account > keeping mail in 'escrow'. > > This image should be state-of-the-art in security setup. Guix can help > greatly there. Part of the security will come from the fact that these > machines are not centrally hosted. An alternative to protonmail, for > example. We should be able to lose a few servers as long as we get > notified somehow that they have been compromised. This is a biological > model of defence. > > Who wants to help me create such a solution? It has to be a team > effort. If you need bread we can also try and find some money. In fact > it would be great to get someone full time hacking on this. > > Who wants to run such a server? We also need users. I would have set > up a couple of such instances today for teams on the road in > Asia/Africa. > > I realise this may take some resources from Guix development, but I > think it is justified and it may gain Guix more attention and > traction! > > Pj. > > > > 10 or 13 years ago something similar was my motivation. A project which can be regarded as the base of some of my current work. Its name was "arda/libertad". It was supposed to be an re-implementation of the R-Plan, an Orangebook Autistici/Inventati came up with for resilent servers running in an global network. Logic and Progression drove me to distributed networks and ultimately abandon the plan of using server based technologies, rely as little as possible on servers even if it takes years of development. That said, what you wrote is something I talked about with people in Netherlands until 1 or 2 years ago the contact just dropped. I think the very fragmented groups of anarchists in Netherlands is one group of people who is interested. There are other groups, but in general you have to be clear: do you want people with prior knowledge in system administration to use the 'spawn a VM' system, or do want to people without any prior interest or knowledge in system administration to use this? I tend towards the last option, but it depends on the system you want to design. This is still one of the reasons I am working on GuixSD and the system I create with GuixSD. I don't want to talk about specific groups or people, but there's huge value for easy to use systems for the people running their own factories, people who fight against oppression in their country, etc, last not least for everyone if you design a system in a way that it can be used by anyone dead simple. Some of the projects I am working on are vaguely oriented around the R-Plan with extensions of own ideas. To some degree we could colaborate. I can't work fulltime on this, but expertise and exchange of knowledge is useful since we are working with the same system. Once university starts my work on free software will, at least for a while, no longer be fulltime but since I am working towards a business within the next 4 years I will continue to work on it. It would probably help if I could be more specific as I have multiple plans in parallel which involve GuixSD, but I am working on the separation of interests. Public documentation at the moment is rare, but in case you want to talk about ideas here is the fingerprint of my pubkey: 17A9D52A7EE8885AB35D819DA58C87D08AFD4FAD The link to R-Plan: https://www.autistici.org/who/rplan/