A - I n f o s

a multi-lingual news service by, for, and about anarchists **
News in all languages
Last 40 posts (Homepage) Last two weeks' posts Our archives of old posts

The last 100 posts, according to language
Greek_ 中文 Chinese_ Castellano_ Deutsch_ Nederlands_ English_ Français_ Italiano_ Polski_ Português_ Russkyi_ Suomi_ Svenska_ Türkçe_ _The.Supplement

The First Few Lines of The Last 10 posts in:
Castellano_ Deutsch_ Nederlands_ English_ Français_ Italiano_ Polski_ Português_ Russkyi_ Suomi_ Svenska_ Türkçe_
First few lines of all posts of last 24 hours | of past 30 days | of 2002 | of 2003 | of 2004 | of 2005 | of 2006 | of 2007 | of 2008 | of 2009 | of 2010 | of 2011 | of 2012 | of 2013 | of 2014 | of 2015 | of 2016 | of 2017 | of 2018 | of 2019

Syndication Of A-Infos - including RDF - How to Syndicate A-Infos
Subscribe to the a-infos newsgroups

(en) France, Alternative Libertaire AL #295 - Digital, Self-hosting (2): The security in question (fr, it, pt)[machine translation]

Date Tue, 11 Jun 2019 08:33:43 +0300


What path is there to go so that anyone can emancipate themselves through self-hosting ? Part of the problem does not reside precisely in the sometimes individualistic logic of self-hosting, which can lead to overwork and security problems ? ---- In the previous article (see AL of May 2019), we saw that it is technically possible to self-host to emancipate proprietary and commercial services type Gafam. Technically, it is now possible not to rely on GMail for its emails, not to depend on Facebook for its social network, not to depend on Youtube for its videos, etc. In other words, it is now possible to install and put into operation at home its own server. ---- And the "security" in all this ---- However, despite this real possibility, it is easy to see that the promised emancipation is not there. Self-hosting remains a niche practice, not widespread. And for good reason: once the server installed, several questions «security"Must-haves arise very quickly. The system must operate flawlessly during the intended usage ranges and ensure access to installed services and resources with the expected response time. The system must also be honest, that is, the data must be the expected ones, and must not be tampered with accidentally, unlawfully or maliciously. Clearly, the data must be accurate and complete. Finally, and this is essential, it must be confidential: only authorized persons can have access to the information intended for them. Any unwanted access must be prevented. To these security questions, we can add the need for regular backups of the system: any electronic equipment (hard disk, memory card, etc.) will fail sooner or later, and often without warning sign. In addition, it is important to keep the system up-to-date, as long as the service is active, to ensure a good level of security and avoid the risk of hacking. If the hosted data is sensitive, it can be interesting, even essential to encrypt the storage used by the system.

We will summarize these different tasks as "system maintenance". This time consuming part requires some technical knowledge and is still difficult today for a novice. It can then be tempting to consider a "multi-homestay" collective, shared, where it would be enough that only one person has the expertise for all to enjoy. For example, Alternative Libertaire could consider self-hosting, in order to maintain control over its website and email addresses. If so, we have already asked the question very seriously ... but the step has not been taken.

A collective accommodation
In the case of accommodation for strictly personal use, the scope of the risks and liability is limited: if I maintain my system, I am alone to suffer the consequences. When housing becomes collective, many people use it, the risks, responsibilities and maintenance associated with it become significant and time-consuming, probably too much to rely on one person, expert or not. Self-hosting for collective use, so necessarily more intensive than for individual use, also shows its limitations when we think of the low speed offered by most Internet Service Providers (ISPs). In addition, when the server is in the home of a natural person, it is difficult to pool the maintenance. Added to this is the risk of service interruption in case of disability (vacation, illness, accident) of the person responsible for maintenance. Finally, the worst that can happen is the seizure of computer equipment following a legal concern (search) that would be subject to the owner of the premises where the server is stored, a user, a user or the entire collective who uses the service. The seizure could lead to the exploitation of sensitive data if they are not sufficiently secure. Exploitation of data that could also take place in case of simple burglary, targeted or not. Obviously, searches and burglaries are risks that a revolutionary and antifascist organization such as Libertarian Alternative must take into account.

A federalized solution: Kittens
When hosting benefits a community, it becomes necessary for the maintenance of the system to be collectivized. The prerequisite is obviously that the system must be physically in a place accessible by several people, and therefore by nature less secure than a vault of which I would be the only one to have the key. It is also necessary to take care of the training of the members of the collectivity, so that the maintenance mandate (s) can (turn) and no dependence to the good will of a single specialist individual is put in place .

Given the limitations mentioned, a collective housing should turn to federalized solutions, where already experts in computer systems and where the reflections mentioned above have already been conducted. The good news is that these hosts already exist! We can notably mention the Framasoft kittens: "Kittens is the Collective of Alternative, Transparent, Open, Neutral and Solidarity Hosts. It brings together organizations wishing to avoid the collection and centralization of personal data within digital silos of the type proposed by the Gafam (Google, Apple, Facebook, Amazon, Microsoft)."

So when will a libertarian communist kitten, with a training policy to fight against specialization and a thorough reflection on the physical security of data? Wait, not too fast, give us time to prepare that ...

The libertarian Alternative Libertarian working group

http://www.alternativelibertaire.org/?Auto-hebergement-2-La-securite-en-question
_________________________________________
A - I N F O S N E W S S E R V I C E
By, For, and About Anarchists
Send news reports to A-infos-en mailing list
A-infos-en@ainfos.ca
Subscribe/Unsubscribe http://ainfos.ca/mailman/listinfo/a-infos-en
Archive: http://ainfos.ca/en
A-Infos Information Center