Skip to content
  • Hjem
  • Seneste
  • Etiketter
  • Populære
  • Verden
  • Bruger
  • Grupper
Temaer
  • Light
  • Brite
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Kollaps
FARVEL BIG TECH
  1. Forside
  2. Ikke-kategoriseret
  3. I'm coming to the conclusion that community-owned and operated small clouds (co-ops) with easy onramps for self-hosting open source services like mail, storage, and VPN are the only way forward.

I'm coming to the conclusion that community-owned and operated small clouds (co-ops) with easy onramps for self-hosting open source services like mail, storage, and VPN are the only way forward.

Planlagt Fastgjort Låst Flyttet Ikke-kategoriseret
149 Indlæg 62 Posters 0 Visninger
  • Ældste til nyeste
  • Nyeste til ældste
  • Most Votes
Svar
  • Svar som emne
Login for at svare
Denne tråd er blevet slettet. Kun brugere med emne behandlings privilegier kan se den.
  • mttaggart@infosec.exchangeM mttaggart@infosec.exchange

    A fair number of the open source ones too, but at least money isn't changing hands.

    mttaggart@infosec.exchangeM This user is from outside of this forum
    mttaggart@infosec.exchangeM This user is from outside of this forum
    mttaggart@infosec.exchange
    wrote sidst redigeret af
    #10

    Not for nothing but I've written a very well-regarded guide on home labs if you want to get started.

    https://taggartinstitute.org/t/course-catalog/125/24

    brahms@chaos.socialB aleksei@social.fakeplastictrees.eeA sassdawe@infosec.exchangeS nieuemma@mastodon.deN 4 Replies Last reply
    0
    • mttaggart@infosec.exchangeM mttaggart@infosec.exchange

      I'm coming to the conclusion that community-owned and operated small clouds (co-ops) with easy onramps for self-hosting open source services like mail, storage, and VPN are the only way forward. Every corpo service is eventually going to make you ashamed to use it.

      d_rift@beige.partyD This user is from outside of this forum
      d_rift@beige.partyD This user is from outside of this forum
      d_rift@beige.party
      wrote sidst redigeret af
      #11

      @mttaggart Keeping this from just making groups easier to target will be... interesting, I expect.

      mttaggart@infosec.exchangeM 1 Reply Last reply
      0
      • d_rift@beige.partyD d_rift@beige.party

        @mttaggart Keeping this from just making groups easier to target will be... interesting, I expect.

        mttaggart@infosec.exchangeM This user is from outside of this forum
        mttaggart@infosec.exchangeM This user is from outside of this forum
        mttaggart@infosec.exchange
        wrote sidst redigeret af
        #12

        @d_rift Maybe, but it's not like the big corpos are doing great with their many-egged baskets. And it's never been easier to deploy with reasonable security baselines.

        1 Reply Last reply
        0
        • philcowans@universeodon.comP philcowans@universeodon.com

          @mttaggart @ireneista - this is something I very much want to do, for #CambridgeUK. Finding it harder to get started (find other local people who are interested) than I thought though.

          vfrmedia@social.tchncs.deV This user is from outside of this forum
          vfrmedia@social.tchncs.deV This user is from outside of this forum
          vfrmedia@social.tchncs.de
          wrote sidst redigeret af
          #13

          @philcowans @mttaggart @ireneista

          I think the dilemma is accountability/liability - what happens when one of your users does something that results in cops/feds demanding user data (or even seizing an entire server?)

          Here in England it seems possible to get nicked for harmless protests and now there's the paranoia about "keeping kids safe"

          How many people with a good career and salary in tech are going to risk it for the sake of someone /elses/ freedom, if they aren't making money from the venture?

          This could maybe limit involvement to folk who are retired with good savings and less to lose (its already happening with the demographics of protesters)

          (that goes for all the current VPN and hosting companies too and is their Achilles Heel).

          philcowans@universeodon.comP ireneista@adhd.irenes.spaceI onepict@chaos.socialO 3 Replies Last reply
          0
          • mttaggart@infosec.exchangeM mttaggart@infosec.exchange

            Not for nothing but I've written a very well-regarded guide on home labs if you want to get started.

            https://taggartinstitute.org/t/course-catalog/125/24

            brahms@chaos.socialB This user is from outside of this forum
            brahms@chaos.socialB This user is from outside of this forum
            brahms@chaos.social
            wrote sidst redigeret af
            #14

            @mttaggart any suggestion on home labbing (two b's?) in this era of crazy hardware prices?

            mttaggart@infosec.exchangeM ithoughtisawa2@infosec.exchangeI 2 Replies Last reply
            0
            • brahms@chaos.socialB brahms@chaos.social

              @mttaggart any suggestion on home labbing (two b's?) in this era of crazy hardware prices?

              mttaggart@infosec.exchangeM This user is from outside of this forum
              mttaggart@infosec.exchangeM This user is from outside of this forum
              mttaggart@infosec.exchange
              wrote sidst redigeret af
              #15

              @brahms The book does, yeah!

              brahms@chaos.socialB 1 Reply Last reply
              0
              • mttaggart@infosec.exchangeM mttaggart@infosec.exchange

                @brahms The book does, yeah!

                brahms@chaos.socialB This user is from outside of this forum
                brahms@chaos.socialB This user is from outside of this forum
                brahms@chaos.social
                wrote sidst redigeret af
                #16

                @mttaggart I wanted to buy it anyway, now you double-sold 😂

                mttaggart@infosec.exchangeM 1 Reply Last reply
                0
                • vfrmedia@social.tchncs.deV vfrmedia@social.tchncs.de

                  @philcowans @mttaggart @ireneista

                  I think the dilemma is accountability/liability - what happens when one of your users does something that results in cops/feds demanding user data (or even seizing an entire server?)

                  Here in England it seems possible to get nicked for harmless protests and now there's the paranoia about "keeping kids safe"

                  How many people with a good career and salary in tech are going to risk it for the sake of someone /elses/ freedom, if they aren't making money from the venture?

                  This could maybe limit involvement to folk who are retired with good savings and less to lose (its already happening with the demographics of protesters)

                  (that goes for all the current VPN and hosting companies too and is their Achilles Heel).

                  philcowans@universeodon.comP This user is from outside of this forum
                  philcowans@universeodon.comP This user is from outside of this forum
                  philcowans@universeodon.com
                  wrote sidst redigeret af
                  #17

                  @vfrmedia @mttaggart @ireneista - this is something to be figured out, but I'm willing to spend some time doing that. Ideally there'd be some kind of network of local co-ops to share best practice in each jurisdiction.

                  ireneista@adhd.irenes.spaceI 1 Reply Last reply
                  0
                  • vfrmedia@social.tchncs.deV vfrmedia@social.tchncs.de

                    @philcowans @mttaggart @ireneista

                    I think the dilemma is accountability/liability - what happens when one of your users does something that results in cops/feds demanding user data (or even seizing an entire server?)

                    Here in England it seems possible to get nicked for harmless protests and now there's the paranoia about "keeping kids safe"

                    How many people with a good career and salary in tech are going to risk it for the sake of someone /elses/ freedom, if they aren't making money from the venture?

                    This could maybe limit involvement to folk who are retired with good savings and less to lose (its already happening with the demographics of protesters)

                    (that goes for all the current VPN and hosting companies too and is their Achilles Heel).

                    ireneista@adhd.irenes.spaceI This user is from outside of this forum
                    ireneista@adhd.irenes.spaceI This user is from outside of this forum
                    ireneista@adhd.irenes.space
                    wrote sidst redigeret af
                    #18

                    @vfrmedia @philcowans @mttaggart well, you find a solid lawyer as one of your first steps...

                    but yes, it's a significant barrier to entry

                    vfrmedia@social.tchncs.deV mttaggart@infosec.exchangeM 2 Replies Last reply
                    0
                    • brahms@chaos.socialB brahms@chaos.social

                      @mttaggart I wanted to buy it anyway, now you double-sold 😂

                      mttaggart@infosec.exchangeM This user is from outside of this forum
                      mttaggart@infosec.exchangeM This user is from outside of this forum
                      mttaggart@infosec.exchange
                      wrote sidst redigeret af
                      #19

                      @brahms Thanks! But also, I will just say it's absolutely brutal out there. eBay, Amazon refurb, Savemyserver, and GovDeals (US) are probably the best bets.

                      ajn142@infosec.exchangeA 1 Reply Last reply
                      0
                      • philcowans@universeodon.comP philcowans@universeodon.com

                        @vfrmedia @mttaggart @ireneista - this is something to be figured out, but I'm willing to spend some time doing that. Ideally there'd be some kind of network of local co-ops to share best practice in each jurisdiction.

                        ireneista@adhd.irenes.spaceI This user is from outside of this forum
                        ireneista@adhd.irenes.spaceI This user is from outside of this forum
                        ireneista@adhd.irenes.space
                        wrote sidst redigeret af
                        #20

                        @philcowans @vfrmedia @mttaggart that does sound like the right solution

                        1 Reply Last reply
                        0
                        • mttaggart@infosec.exchangeM mttaggart@infosec.exchange

                          I'm coming to the conclusion that community-owned and operated small clouds (co-ops) with easy onramps for self-hosting open source services like mail, storage, and VPN are the only way forward. Every corpo service is eventually going to make you ashamed to use it.

                          thief_of_fire@infosec.exchangeT This user is from outside of this forum
                          thief_of_fire@infosec.exchangeT This user is from outside of this forum
                          thief_of_fire@infosec.exchange
                          wrote sidst redigeret af
                          #21

                          @mttaggart personally, I'd like to start a cooperatively owned Mastodon instance where ownership costs pay for infra, admin, and moderation, with owners all having a voice in operation, governance, and direction. Trying to find models as alternatives to benevolent third parties and pleading for donations.

                          mttaggart@infosec.exchangeM 1 Reply Last reply
                          0
                          • thief_of_fire@infosec.exchangeT thief_of_fire@infosec.exchange

                            @mttaggart personally, I'd like to start a cooperatively owned Mastodon instance where ownership costs pay for infra, admin, and moderation, with owners all having a voice in operation, governance, and direction. Trying to find models as alternatives to benevolent third parties and pleading for donations.

                            mttaggart@infosec.exchangeM This user is from outside of this forum
                            mttaggart@infosec.exchangeM This user is from outside of this forum
                            mttaggart@infosec.exchange
                            wrote sidst redigeret af
                            #22

                            @thief_of_fire https://cosocial.ca/about

                            thief_of_fire@infosec.exchangeT 1 Reply Last reply
                            0
                            • ireneista@adhd.irenes.spaceI ireneista@adhd.irenes.space

                              @vfrmedia @philcowans @mttaggart well, you find a solid lawyer as one of your first steps...

                              but yes, it's a significant barrier to entry

                              vfrmedia@social.tchncs.deV This user is from outside of this forum
                              vfrmedia@social.tchncs.deV This user is from outside of this forum
                              vfrmedia@social.tchncs.de
                              wrote sidst redigeret af
                              #23

                              @ireneista @philcowans @mttaggart

                              I think even a basic hosting service for community organisations /could/ work, but you'd have to set clear boundaries on what it can and can't be used for *and* enforce them - (after all you wouldn't want the local Reform/Restore Britain group or the equivalent in other areas making use of the resources, or its no better than what Mullvad and others are doing and claiming its "free speech")

                              ireneista@adhd.irenes.spaceI 1 Reply Last reply
                              0
                              • ireneista@adhd.irenes.spaceI ireneista@adhd.irenes.space

                                @vfrmedia @philcowans @mttaggart well, you find a solid lawyer as one of your first steps...

                                but yes, it's a significant barrier to entry

                                mttaggart@infosec.exchangeM This user is from outside of this forum
                                mttaggart@infosec.exchangeM This user is from outside of this forum
                                mttaggart@infosec.exchange
                                wrote sidst redigeret af
                                #24

                                @ireneista @vfrmedia @philcowans It's why you need a legal entity in front of individuals to mitigate liability. But there are costs

                                And it's a trade-off. You're paying for conscience and choice with risk.

                                vfrmedia@social.tchncs.deV 1 Reply Last reply
                                0
                                • vfrmedia@social.tchncs.deV vfrmedia@social.tchncs.de

                                  @ireneista @philcowans @mttaggart

                                  I think even a basic hosting service for community organisations /could/ work, but you'd have to set clear boundaries on what it can and can't be used for *and* enforce them - (after all you wouldn't want the local Reform/Restore Britain group or the equivalent in other areas making use of the resources, or its no better than what Mullvad and others are doing and claiming its "free speech")

                                  ireneista@adhd.irenes.spaceI This user is from outside of this forum
                                  ireneista@adhd.irenes.spaceI This user is from outside of this forum
                                  ireneista@adhd.irenes.space
                                  wrote sidst redigeret af
                                  #25

                                  @vfrmedia @philcowans @mttaggart content policy enforcement is a trap though, if you build a mechanism it will be used against you

                                  ireneista@adhd.irenes.spaceI 1 Reply Last reply
                                  0
                                  • ireneista@adhd.irenes.spaceI ireneista@adhd.irenes.space

                                    @vfrmedia @philcowans @mttaggart content policy enforcement is a trap though, if you build a mechanism it will be used against you

                                    ireneista@adhd.irenes.spaceI This user is from outside of this forum
                                    ireneista@adhd.irenes.spaceI This user is from outside of this forum
                                    ireneista@adhd.irenes.space
                                    wrote sidst redigeret af
                                    #26

                                    @vfrmedia @philcowans @mttaggart what we're hoping is of course that knowing the people involved is some sort of solution, but there's a specific type of adversarial modeling we'd need to work through, for how that sort of thing plays out after the usual asshat bad-faith bullshit and a few rounds of legal threats

                                    mttaggart@infosec.exchangeM 1 Reply Last reply
                                    0
                                    • mttaggart@infosec.exchangeM mttaggart@infosec.exchange

                                      @ireneista @vfrmedia @philcowans It's why you need a legal entity in front of individuals to mitigate liability. But there are costs

                                      And it's a trade-off. You're paying for conscience and choice with risk.

                                      vfrmedia@social.tchncs.deV This user is from outside of this forum
                                      vfrmedia@social.tchncs.deV This user is from outside of this forum
                                      vfrmedia@social.tchncs.de
                                      wrote sidst redigeret af
                                      #27

                                      @mttaggart @ireneista @philcowans

                                      There's a similar discussion about this here and the issues involved (at least from a USA perspective)

                                      https://defcon.social/@thedarktangent/116823710775702749

                                      jt_rebelo@ciberlandia.ptJ 1 Reply Last reply
                                      0
                                      • brahms@chaos.socialB brahms@chaos.social

                                        @mttaggart any suggestion on home labbing (two b's?) in this era of crazy hardware prices?

                                        ithoughtisawa2@infosec.exchangeI This user is from outside of this forum
                                        ithoughtisawa2@infosec.exchangeI This user is from outside of this forum
                                        ithoughtisawa2@infosec.exchange
                                        wrote sidst redigeret af
                                        #28

                                        @brahms @mttaggart you can do more than you think with old desktop hardware and 16 gigs of DDR4 RAM. It is also much more energy efficient than server hardware (and much quieter too)

                                        mttaggart@infosec.exchangeM dbrand666@mastodon.socialD 2 Replies Last reply
                                        0
                                        • ithoughtisawa2@infosec.exchangeI ithoughtisawa2@infosec.exchange

                                          @brahms @mttaggart you can do more than you think with old desktop hardware and 16 gigs of DDR4 RAM. It is also much more energy efficient than server hardware (and much quieter too)

                                          mttaggart@infosec.exchangeM This user is from outside of this forum
                                          mttaggart@infosec.exchangeM This user is from outside of this forum
                                          mttaggart@infosec.exchange
                                          wrote sidst redigeret af
                                          #29

                                          @ithoughtisawa2 @brahms Absolutely, especially for individuals or families. When you need to guarantee reliability for a community, things do get more complicated if you're doing it right.

                                          ko@gotosocial.artK 1 Reply Last reply
                                          0
                                          Svar
                                          • Svar som emne
                                          Login for at svare
                                          • Ældste til nyeste
                                          • Nyeste til ældste
                                          • Most Votes


                                          • Log ind

                                          • Har du ikke en konto? Tilmeld

                                          • Login or register to search.
                                          Powered by NodeBB Contributors
                                          Graciously hosted by data.coop
                                          • First post
                                            Last post
                                          0
                                          • Hjem
                                          • Seneste
                                          • Etiketter
                                          • Populære
                                          • Verden
                                          • Bruger
                                          • Grupper