If mount them remotely. Not if the containers are downloaded first.
Again, not terribly convenient (and maybe not in keeping with OP’s intent), but effective.
You are heavily discounting the risk of a single point of failure, namely something happens to your home. Even Rentech, the best hedge fund in the world, encrypts and backs up its code and data and stores it in at least one other location.
1 Like
doesn’t need to be so if the person doing the back-up is storing a second/third/etc. separate backup(s) in different locations (could be trusted safe-house, friend house, etc.) even a Safe buried in the ground in the forest … but those are quite paranoid scenarios
In fact that is exactly what Rentech is doing.
Nice question, @Barugon. Here’s my suggestion but I do not know these work with Librem or not:
For email, read: Free Software Foundation | Webmail Subsystems
For complete GSuite solution, see: Nextcloud or instantly try Operation Tulip
For video conferencing: Jitsi and Big Blue Button
For messaging, read: FSF of India | Messengers Comparison
For Android, use: F-Droid
3 Likes
Thanks for the links.
I use Tresorit for basic e2e encrypted backup. Seems pretty good to me. I’m not very proficient myself, but perhaps you could leverage Tresorit?
I’ve been (unsuccessfully) trying to setup keeweb to connect to a kdbx file on Operation Tulip. Any idea how to do this? Keeweb has explicit WebDAV support.
I also have Nexcloud on a Raspberry. But it has given me more than one headache. Right now it doesn’t update from 20.0.4 and contacts are not synched in android with DAVx5.
So I’ve discovered something new:
-
syncthing https://github.com/syncthing/syncthing-android that basically synchronizes anything between multiple devices without accounts on any 3rd host server (has web UI, gtk client, extension for gnome, it can be in KDE tray, android app, windows client…)
+ -
DecSyncCC https://github.com/39aldo39/DecSyncCC for the CardDav CalDAV synch. Flawlessly. (Contacts and calendars) (you have to export them from Google first)
That for Android. Since I moved to CalyxOS on a Xiaomi MiA2 I bought for 50€ (it FLIES! this rom is awesome!) (you can re-close bootloader)
For mail I recommend Tutanota CTemplar and Proton (in that order). Although you cant import previous mails. But I don’t want. Fresh start away from Google.
For notes I use Joplin, that allows encryption and synchronizes via my nextcloud server (but also dropbox and others). And now that I discovered Syncthing, you can use just “local” and let syncthing do the job!!! Awesome!
As for fastmail, they don’t seem to have E2E encryption. Sure, your messages are protected by SSL/TLS while in transit, and by the SERVER’s encryption… but the messages themselves are not encrypted. That means they can be read by Fastmail (I would trust anyone more than Google now, but how much??) and any authority that asks them abiding by the law (wich being based in the US = probably without a judge…)
Once you’re paying, if you are interested in privacy, I’ll go with any or the 3 aforementioned. Proton gets last to me because it doesnt encrypt E2E the subjects of the email, and I would consider Tutanota the most interesting privacy wise (it goes a step above PGP, even allowing forward secrecy, apart from being open source as well). And from CTemplar I also value their jurisdiction and how they are transparent about how they procede with authorities and court acting).
Anyway, to sum up, for mail+privacy you have to pay. Now think how Google gives you 15-20GB for free and gets to be one of the most reach companies…
(Tutanota and CTemplar have 1GB free plans. But you need invitation for the latter. Proton is 500MB on free plan)
But anything will be better than Google. Just by the simple rule of compartmentalization of your data.
1 Like
We may be trying to achieve different aims: I am trying to protect myself against surveillance capitalism not against the governments (if only because I think the former is in the realm of the possible but the latter not). Fastmail has based its business on not spying on you; if it turns out that they do, I will move. With that perspective in mind, what I find very nice about them is that they provide 500 aliases, so I can compartmentalize my emails which on the margins makes it more difficult to aggregate information about me.
I also have a protonmail account, but there are limitations there as well: here is a good discussion by Rob Braxman.
Exactly. One has to evaluate his/her needs and decide. I am a lawyer in Europe, so a company based on the US (what is not already fully compliant with our GDPR) that’s not E2E encrypted, I simply can’t run my clients mails on those servers, even if the company promises on not using that for.advertisement. I also have aliases, but don’t need hundreds, and I value the fact that I can send an encritped mail to a client that doesn’t have any special mail server. Mails written from my fastmail would be “plain” text (accessible by google) on their gmail account. At least I can use the temporary encrypted inbox it generates for a client and send him/her a password through signal.
1 Like
You obviously have to ensure that you have done your best to be compliant with GDPR, but I have real doubts about how much it limits surveillance capitalism. Take a look at this article.
edit:
I worry that GDPR has created the illusion of data protection
I have had colleges with their phones audited here. And I am talking about a country that always need a court warrant… yet it happens. So companies that are in the 5 eyes, 9 eyes… not encrypted, no way. It’s our job to attend our clients and their fundamental right to communicate privately with us. If it’s on an Icelandic encrypted server, they need that Icelandic (so, another country and not part of extense International agreements on sourvillance) judge to agree on a targeted investigation with something to back it up. Not just because uncle Sam. And then get an encrypted nonsense.
If we are lucky, we get a fair trial while that happens
1 Like
From your perspective it makes complete sense and I would probably even avoid email, limiting communications to signal or telegram or threema or one of the other similar messengers.
In fact most of my personal communication is with encrypted messengers, but email is useful for communicating with organizations, buying on-line, etc.