Difference between revisions of "Philosophy"
m (→Technical security principles) |
|||
(2 intermediate revisions by the same user not shown) | |||
Line 12: | Line 12: | ||
== Open source software == |
== Open source software == |
||
− | DLNET.ORG Cloud runs entirely on [[Wikipedia:Open-source software|open-source software]]. That means that everyone can check the source code and verify that there are no security and data leaks. It also means that we benefit from and contribute to the open source community, which develops the software that makes the DLNET.ORG Cloud possible. |
+ | DLNET.ORG Cloud runs entirely on [[Wikipedia:Open-source software|open-source software]] (see also [[List of software]]). That means that everyone can check the source code and verify that there are no security and data leaks. It also means that we benefit from and contribute to the open source community, which develops the software that makes the DLNET.ORG Cloud possible. |
== Technical security principles == |
== Technical security principles == |
||
=== Being small === |
=== Being small === |
||
The most efficient way of avoiding hackers is by making the incentives for hackers as small as possible. The benefits, from the hacker's perspective, of hacking a small server are tiny. It is much more lucrative to go after large companies. |
The most efficient way of avoiding hackers is by making the incentives for hackers as small as possible. The benefits, from the hacker's perspective, of hacking a small server are tiny. It is much more lucrative to go after large companies. |
||
+ | |||
+ | (Unless of course, you are a high-profile target. In that case you should take additional measure like encrypting all your data.) |
||
=== Separation of user areas === |
=== Separation of user areas === |
||
Line 22: | Line 24: | ||
=== Encryption when beneficial === |
=== Encryption when beneficial === |
||
− | We use encryption only when it actually provides security benefits. All communication from and to the server is encrypted with SSL. |
+ | We use [[encryption]] only when it actually provides security benefits. All communication from and to the server is encrypted with SSL. |
− | There is nothing that beats true [[Wikipedia:End-to-end encryption|end-to-end encryption]]. But that is, in the case of email, impossible to offer as a provider. We encourage users to set up [[ |
+ | There is nothing that beats true [[Wikipedia:End-to-end encryption|end-to-end encryption]]. But that is, in the case of email, impossible to offer as a provider. We encourage users to set up client-side [[encryption]] yourself. When open source file sharing software becomes available that offers encryption and decryption in the browser, we will make it available as soon as possible. |
Latest revision as of 17:41, 6 December 2020
DLNET.ORG Cloud is a not-for-profit project that aims to change to way in which people use the internet. It offers a radical alternative to the internet services offered by large companies, particularly Google. This page explains the principles on which it is based.
Contents
Be owner of your personal data[edit]
Large internet providers like Google operate on a business model that is based on exploiting your personal data. You don't pay Google with money, but with your data, which it sells to advertisers. Another way to put it is: you are not the customer, but the product.
We believe that people should keep control over their personal information. That means you have to pay for internet services with money instead of data. It also means you should choose wisely to whom you provide your data.
Decentralization[edit]
We are heading towards a global society in which a few companies manage the personal data of everyone. In such a situation, it is very easy for bad actors to cause damage. Data harvesting has already been use on a large scale to influence elections, for example in the Facebook–Cambridge Analytica data scandal. A lot more damage could be done if malicious hackers gain access to the data stored by these large companies; or if authoritarian governments demand access to it.
The more scattered data is, the healthier our societies. The best situation is that you are the only one with access to your data. However, such a thing is hard to arrange with many internet services like email and synchronization across your devices. Hence, we believe it is best to opt for a second-best situation, in which you share a server with a couple of people. In that case, only the server administrator and yourself have access to your data. Compare this to Google, where other companies and thousands of employees have access to your data.
Open source software[edit]
DLNET.ORG Cloud runs entirely on open-source software (see also List of software). That means that everyone can check the source code and verify that there are no security and data leaks. It also means that we benefit from and contribute to the open source community, which develops the software that makes the DLNET.ORG Cloud possible.
Technical security principles[edit]
Being small[edit]
The most efficient way of avoiding hackers is by making the incentives for hackers as small as possible. The benefits, from the hacker's perspective, of hacking a small server are tiny. It is much more lucrative to go after large companies.
(Unless of course, you are a high-profile target. In that case you should take additional measure like encrypting all your data.)
Separation of user areas[edit]
If a hacker intrudes into one part of the network, they should not have easy access to the rest of the network. For that reason, each DLNET.ORG user has its own virtual private server, in which all their services run.
Encryption when beneficial[edit]
We use encryption only when it actually provides security benefits. All communication from and to the server is encrypted with SSL.
There is nothing that beats true end-to-end encryption. But that is, in the case of email, impossible to offer as a provider. We encourage users to set up client-side encryption yourself. When open source file sharing software becomes available that offers encryption and decryption in the browser, we will make it available as soon as possible.