[liberationtech] Advice needed for secure IM/Voice/Video Service
Anthony Papillion
anthony at cajuntechie.org
Sat Jun 29 12:57:02 PDT 2013
On 06/29/2013 08:14 AM, Nick wrote:
> Quoth Fabio Pietrosanti (naif):
>> It would be a nice transparency measure to run a small web server
>> that provide direct access to the full server filesystem, allowing
>> to browse everything and download any files, with few exceptions
>> such as SSH or SSL private keys.
>>
>> That way anyone would be able to fully inspect the server, even
>> without logging-in, by assessing configurations and checking out
>> that logs are not kept.
>
> It would be nice, but you're still entirely trusting the server
> admin to be providing an honest view of the system.
Both of you bring up good points and it's something I personally worry
about when using a service: even though a server admin "says" they
aren't logging, how do we really *they* aren't logging? In some cases,
we can go by reputation in the community. For example, if Jacob
Appelbaum from the Tor Project started a service, we could all be
"fairly sure" that he's not going to do something sneaky. But someone
like me, who's brand new in the community with zero reputation, that's a
different story.
Thank you both for the feedback. I'm going to look at what you both said
and see what I can do.
Thanks!
anthony
--
Anthony Papillion
Phone: 1.918.533.9699
SIP: sip:cajuntechie at iptel.org
iNum: +883510008360912
XMPP: cypherpunk at patts.us
www.cajuntechie.org
More information about the liberationtech
mailing list