Librehosters Assembly

After the LibreHosters Meetup prior to OFFDEM, we’re happy to host a dedicated assembly for hosters of free software services to discuss.

This topic will help prepare for this moment and provide announcement and follow up.

2022-03-05 Saturday 11:00 - 12:30

Participants

Please add your collective in alphabetical order

  • marsnet (Marseille)
  • neutrinet (Bruxelles)
  • petites singularités (Bruxelles)
  • sourcehut (Amsterdam)
  • weho.st (Amsterdam)
  • zintv (Bruxelles)

Topics

See Librehosters @ OFFDEM - Events - libreho.st

Discuss below, edit here.

@cnbcp HedgeDoc - Collaborative markdown notes

I have a question: with a virtual-colleague / someone from the community, we are trying to document “secure communication tools for people in the war”. Do you want to help write it? Do you want to recommend some tools / documents / sources? We’d like to publish it this week… and we have an etherpad (riseup) for shared editing. Let me know if you want to offer help. thanks! Vesna

Hi Vesna,
Thank you for asking and sharing. I’m interested in helping out with the pad notes.

thanks - i’ve share it with you privately, i think :wink:

We’ve published one article – for non-techies:

Please share, and/or add your opinion in the “comments” section.

2 Likes

This article gives generally sound advice but fails to take into account a threat model where you’re trying to defend against capitalism.

An example of a secure email provider is ProtonMail. This Swiss based company offers a free, end-to-end encrypted, email service.

Since ProtonMail was forcibly ordered by local Swiss police to deliver French activist user information by way of Interpol, their security can be deemed problematic by a number of people. Other secure email solutions include Delta.chat that deploys Autocrypt and works with any existing email provider, p≡p also deploys Autocrypt, but differently—and I have no personal experience of the software, just the people. Also, using OpenPGP encryption with classical email providers may be a bit more demanding, but works. See for example Riseup.net.

Concerning a decentralised system, https://element.io/ and https://newnode.com/ are advised.

NewNode is proprietary software and should therefore not be recommended.

Most of the free and commercial conference applications allow the encryption of audio and video streams (e.g., Skype, Zoom, WebEx, Jitsi) and they apply it by default.

Except for the last one, all of these applications belong to surveillance capitalists and put in place some facial recognition and other surveillance systems and should not be trusted, as any proprietary software. Zoom does not enable E2EE by default. Some of the others do not even seem to have this capacity.

The question is: do you really need video conferencing? If not, there are other solutions such as Mumble. Many-to-many video is generally useless and very energy hungry. Tox does not appear in any of the alternatives.

Anonymous Communication and Circumventing Censorship

I find it problematic to link to Twitter of Facebook in this section, since even if you use Tor to connect to them, they will require you to login, so there’s no anonymity here.

options to encrypt the data on your hard drive. It is easy to switch on, but you will have to trust these vendors to have done a good job.

Of course, if you put aside the fact these companies are part of the PRISM surveillance network and share a history of abusing users. Not to be trusted.

enabling Multi-Factor Authentication (MFA)

You can use FreeOTP on Android, or pass-otp on GNU/Linux.

And do not forget … whom do you trust?

  1. Generally avoid trusting capitalist companies: they’re after you, not acting in your best interest.
1 Like

Merci beaucoup hellekin for this beautiful and in-depth reply!

<3

Joost

2 Likes

As Librehosters were announced as a transversal topic for OFFDEM, this is no surprise that the Librehosters Assembly was rich and diverse. Not only members of the Librehosters network participated, but also unaffiliated entities who do provide militant free software services to the public (like SourceHut) and people who are engaged daily with the social movements (like ZIN TV), or both, like our friends the @gnuragistes.

We went through recurring issues, such as the centralization of data centers for allegedly alternative hosting–which is something we’ve been aware since inception, but unable to address so far, unless we consider the tremendous effort of Neutrinet to establish a local data center for associations in Brussels. We discussed the possible affinities and differences between the Librehosters network and the InfraRed, concluding that the former should probably focus on the promotion of free software services, in the line of CHATONS, and leave sysadmin mutual aid network to the latter. @gio introduced the Librerouter, a hardware mesh router that can be easily reproduced anywhere, and its sister project, elRepo.io that proposes a distributed cultural repository. We had the chance to benefit from Marsnet’s long experience with libre hosting in Marseille.