Security Enhanced

Times have changed. And it is not worth the stress to be out of control what is being shared and what not. I’m quite open that I’m for openness, but personal privacy is even more important. So let’s shake things up.

My last push was Groklaw’s last article. It discusses the privacy of the internet, but more so what privacy is:

Safe privacy is an important component of autonomy, freedom, and thus psychological well-being, in any society that values individuals. … Summed up briefly, a statement of “how not to dehumanize people” might read: Don’t terrorize or humiliate. Don’t starve, freeze, exhaust. Don’t demean or impose degrading submission. Don’t force separation from loved ones. Don’t make demands in an incomprehensible language. Don’t refuse to listen closely. Don’t destroy privacy. Terrorists of all sorts destroy privacy both by corrupting it into secrecy and by using hostile surveillance to undo its useful sanctuary.

I think Pamela Jones hit the spot. I already was busy slowly getting off cloud-services, but this sped things up. In this article I’ll show the plan and update while progressing.

Plan

For myself, my friends and my work.

Hardened and more private server

The server is not secure enough.

  • Working through https://help.ubuntu.com/community/Security as a start.
  • *Fully* automatic backups for all user-data. Single-use passwords in case of data-breach? How to make sure the backup-drive cannot be wiped?
  • Automated applying of all rules/changes, so I can do a hard reset on the server any time.
  • Continuous version-watching of all installed software.
  • Lock-down when bash is used from unknown ip.

More privacy. I don’t want to see my friend’s data, nor backup-data. Neither do I want them to bother me when an account has been confiscated (walled gardens).

  • Move server outside Netherlands, where privacy is taken a bit more serious. Done, but I should be ready to move any time again.
  • Improved walling of the accounts.
  • Automated password retrieval.

Self-hosted

Replacement for all cloud-services I use.

  • Websites. Two still need to be transferred.
  • SSL-certificate for all domains on the server.
  • E-mail-server. Postfix + Courier.
  • E-mail-server. Anti-spam/virus.
  • E-mail-frontend, including agenda and all other office-stuff. Roundcube, Kolab?
  • Dropbox backup: automatic, incremental, protected backups. Owncloud? I don’t trust BT sync.
  • Dropbox media: Group-management for media-sharing. Photos and videos of friends and family. Website with easy session-kicking and restricted sharing with external friends.
  • Whatsapp: group-mail.
  • Whatsapp: chat-server.
  • Data-lockers: KeePass.

Home/Office

  • Better laptop-handling
  • Raspberry-Tor.
  • IM-replacement.

I will share my tips and tricks mostly on Ubuntu-forums. Hopefully this results in a

Leave a Reply

Your email address will not be published. Required fields are marked *