Re: Building a secure communications server

[ng0]

On Sat, 13 May 2017, Pjotr Prins wrote:

> In light of recent political attacks on E-mail servers in France and
> the USA and in light of the current worm attack I think it is very
> clear we need communication servers we can trust. I am running my own
> E-mail server and with the progress we are making in GNU Guix (system
> configuration, image creation) I think we are close to creating a
> solution that others can use. What I want achieve is that we can fire
> up an image on a VPS with safe communications. It would contain a mail
> server and webmail. The user will have option to allow users to only
> communicate internally and, perhaps, keep incoming mail in one account
> keeping mail in 'escrow'.
>
> This image should be state-of-the-art in security setup. Guix can help
> greatly there. Part of the security will come from the fact that these
> machines are not centrally hosted. An alternative to protonmail, for
> example. We should be able to lose a few servers as long as we get
> notified somehow that they have been compromised. This is a biological
> model of defence.
>
> Who wants to help me create such a solution? It has to be a team
> effort. If you need bread we can also try and find some money. In fact
> it would be great to get someone full time hacking on this.
>
> Who wants to run such a server? We also need users. I would have set
> up a couple of such instances today for teams on the road in
> Asia/Africa.
>
> I realise this may take some resources from Guix development, but I
> think it is justified and it may gain Guix more attention and
> traction!
>
> Pj.

10 or 13 years ago something similar was my motivation. A project
which can be regarded as the base of some of my current work.
Its name was "arda/libertad". It was supposed to be an re-implementation
of the R-Plan, an Orangebook Autistici/Inventati came up with for
resilent servers running in an global network.

Logic and Progression drove me to distributed networks and ultimately
abandon the plan of using server based technologies, rely as little
as possible on servers even if it takes years of development.

That said, what you wrote is something I talked about with
people in Netherlands until 1 or 2 years ago the contact just
dropped. I think the very fragmented groups of anarchists in Netherlands
is one group of people who is interested. There are other groups,
but in general you have to be clear:
do you want people with prior knowledge in system administration to
use the 'spawn a VM' system, or do want to people without any prior
interest or knowledge in system administration to use this?
I tend towards the last option, but it depends on the system you
want to design.
This is still one of the reasons I am working on GuixSD and the
system I create with GuixSD. I don't want to talk about specific
groups or people, but there's huge value for easy to use systems
for the people running their own factories, people who fight against
oppression in their country, etc, last not least for everyone if
you design a system in a way that it can be used by anyone dead simple.

Some of the projects I am working on are vaguely oriented
around the R-Plan with extensions of own ideas. To some degree we could 
colaborate.
I can't work fulltime on this, but expertise and exchange of knowledge
is useful since we are working with the same system.
Once university starts my work on free software will, at least for a 
while, no longer be fulltime but since I am working towards a
business within the next 4 years I will continue to work on it.
It would probably help if I could be more specific as I have multiple
plans in parallel which involve GuixSD, but I am working on the separation
of interests.

Public documentation at the moment is rare, but in case you want to talk 
about ideas here is the fingerprint of my pubkey: 
17A9D52A7EE8885AB35D819DA58C87D08AFD4FAD

The link to R-Plan: https://www.autistici.org/who/rplan/