Privacy and Servers

Privacy and Servers

Interesting definition from Dan Appelquist:

Loss of privacy can mean

Altman said, privacy is not about anonymity, privacy is not about hiding data, privacy means you can say who shall get your data.

[Both statements heard at FSW2011]

That's exactly what secushare is intending to offer, by cutting out the middle men also known as server administrators. Read more about it in conspiracy.

Respect the Constitution

When sending a letter to a friend by snail mail we expect all intermediaries not to open and look into it. Yet in digital communications, be it chat, e-mail, social networks or SMS, there are almost always servers in-between that can read our messages, or keep a copy just in case, while we can't even tell it happened, as there is no envelope that has been tampered with. The constitutional right of Secrecy of Correspondence hasn't been translated properly into the digital world.

Federated Web Servers Are Never Private Enough

Web browsers only let you encrypt data for the server you are talking to. That means, you always entrust your server fully. When it comes to conversation and social interactions, the only situation where this is okay in our point of view is when the server is on your own computer or in your house.

Web browsers do not provide for end-to-end encryption between you and your contacts, not in a one-to-one mode let alone in a one-to-many or many-to-many configuration. Even with plugins promising to add this kind of abilities to your web browser, the web server could pretend it is using the plugin and in fact transmit the data unencrypted.

It's also important that your peers do not use a server for their social identity, because they would then expose your data to administrators of a server you don't even know, with all the spooks and agencies who then have further access to that.

We can still use servers for faster routing and throughput, but they must not know what they are delivering and must not be in the know who is talking to whom. We call them agnostic relays.

That's privacy according to secushare.

If you still think you can have end-to-end encryption in web browsers, read the technical details of our criticism. If you still think you can trust random well-intended administrators, read more about the fallacies of federation.

See also