October 2015 Newsletter

Hello to everyone!

-New espiv.net webpage-

As you may already have seen, our site espiv.net has been upgraded. Our new webpage is now also hosted on espivblogs multisite, alongside the vast majority of groups hosted on the server. This transfer was deemed necessary for technical upgrade reasons, and is part of our overall effort to move all of our websites into espivblogs multisite. This effort concerns both new blogs and many of the older ones hosted outside of multisite. The basic features of our site remain the same.

You can submit a request for services in the same way as before: through the Join Espiv form (see Hosting). You can use the Bug Report form (see Contact) if you’d like to report any malfunction/remark on our new webpage. Please contact us via the same Bug Report form regarding problems/remarks/questions or any suggestion you might have related to espiv.net services.

For issues unrelated to espiv.net services (general communication purposes), please contact us via the Contact form.

-New secure connection certificates for espiv.net and espivblogs.net-

Espiv.net are using secure communication protocols (TLS) in all of its services. The certificates issued for these services come with an expiration date, thus renewal is required.

As of July 5th2015, all espiv services use the newly issued certificates; two wildcard certificates are being used: one for espiv.net domain and one for espivblogs.net domain.

Please make sure you are using only secure communication protocols (such as HTTPS) with the following certificate fingerprints:

espivblogs.net

SHA256Fingerprint
B6:EE:9A:3E:9D:41:68:C9:06:FF:CA:85:0A:1E:7E:36:11:7F:DE:35:E0:37:A3:C7:E8:DF:A1:7C:43:2B:B6:DE

SHA1Fingerprint
9D:64:5B:B0:4A:99:BE:34:CB:FF:8E:FC:89:80:2C:DE:45:3B:74:67

espiv.net

SHA256Fingerprint
C3:A6:30:4E:AC:61:C2:6E:73:BF:48:5B:D2:51:5B:EB:21:A2:96:8B:7C:19:4D:0E:88:16:65:40:E1:BD:85:F4

SHA1Fingerprint
6C:32:01:E8:A5:9B:BC:F0:ED:C1:46:8B:3B:16:0F:69:D8:8E:78:39

Modifications are currently active on all websites, blogs, webmail, email, mailing lists and forums that are administrated by espiv.

-Hosting requests to espiv-

Espiv is an antagonistic infrastructure. Terms for being hosted in the server can be found here: https://espiv.net/en/terms_of_service.

Our only criterion for providing our services to you is your acceptance of these Hosting Terms.

When you fill in the Join Espiv form (see Hosting) to request hosting services, we ask that you submit an active email account, as it is for us the only way to verify that this account belongs to specific users, once a service is activated. For example, if you need initialization (reset) of password at some point, or some other problem occurs, we will use your initial contact email. So, it is important that this email account belongs to the same users.

It is understandable that, in case you lose access to this backup email, you will not be able to retrieve your password. Additionally, if a malicious person gains access to your backup email, they will have the possibility to request password initialization of an espiv.net email or service. In these cases, espiv.net administration collective will not be able to help you.

-Creation of new Discussion Forums (SMF) postponed indefinitely-

As you may already know, since October 2014 we no longer provide the possibility of creating Discussion Forums (SMF) at espiv.net. Unfortunately, for the time being, there doesn’t seem to be a secure and centralized mode for administrating forum software, which is essential for us to continue to support it with our current resources. Besides, the space occupied by forums on the server has greatly exceeded the limit we had set for this particular service.

As a result, and mainly because of these two facts, the creation of new forums has been postponed indefinitely.

There are other collectives (outside of Greece) that provide similar services. Please have a look at the list of radical tech collectives and their services: https://we.riseup.net/yellowpages/services.

-Proper use of espiv services-

Already at previous newsletters, we have highlighted the significance of secure use of our services. It is equally important for the viability of our project that users preserve resources. The hard disk space is a relatively expensive resource for our servers. Also, the less data/emails we store on the servers of providers we use, the better for the security and privacy of the individual or collective that uses an email/forum. Please find out how to download/back up your emails to a local drive. You may also read: https://espiv.net/en/2014/09/13/newsletter-σεπτέμβρης-2014

It should be taken into account that an infrastructure like espiv does not have “unlimited” resources, as some commercial providers do, and that their overuse by registered users may hinder activation of new users in the future.

We ask you to check the space occupied on our server by the services you are using (mainly email accounts and forums), and try to stay within the recommended limits.It is strongly advised that you store your email and forum data locally.

If you need to share a file, it is preferable to use our file sharing service offered at https://files.espiv.net. You can upload up to 400MB of files, which are automatically deleted after a maximum of one month. The upload password to files.espiv.net is: espiv

We recommend everyone to use espiv services through Tor: https://espiv.net/en/yphresies/onion-services-tor

-Email account and data retention policy-

We want to summarily remind you of our email account and data retention policy in espiv.net:

– Spam/Trash are automatically deleted after 21 days.

– Email accounts are deactivated after 6 months without login.

– Email accounts, whose users have not contacted us for reactivation, are *deleted* after 12 months without login.

More here: https://espiv.net/en/yphresies/politiki-diatirisis-dedomenwn-kai-logariasmwn-mail

-New service of encrypted mailing list-

We have launched a new service that is very similar to a fully encrypted mailing list (technically called “re-mailer with encryption capabilities”). To join such a mailing list, you must necessarily have a GPG key. As member of this type of mailing list you will have your own GPG key, and the list itself will have such a key as well.

To send an email to such a mailing list, you need to send a message encrypted with the list’s public key and signed with your own key. The mailing list will verify the signature of the email generated with the user’s key, decrypt the email text and then encrypt it again separately for each of the rest of emails/GPG keys in the mailing list.

The mailing list is administrated by one or more moderators, who are responsible of adding/removing members and their keys in/from the list.

The benefits of using such a mailing list are many:

I. The original sender of an email is not shown in the headers or body of an email unless someone decrypts the email sent through the mailing list. This makes it much more difficult for a third party to find out who the members of a list are.

II. Because of the fact that every email has to be signed by the member’s key before being sent to the mailing list, it is impossible for a third party to use the “From:”address of a member of the list and send a fake email to the list. Members of such a mailing list are sure of the sender’s identity once they see an email sent to their list, something particularly useful for closed user groups.

III. Since the sender and the content of emails are encrypted, even if someone gets access to a user’s mailbox on a server, they will not be able to read these emails unless they ALSO gain access to the decryption key located on the user’s computer, but ALSO to the decryption password known exclusively by the user.

IV. No one (except moderators of the service) has access to the private key of the mailing list; that is, if a member leaves the group, they can no longer have access to the list and read the emails; moreover, there’s no need to change the key of the list just because a member has left the mailing list.

V. The particular software, but also the setup process we’ve chosen, has made it possible to remove a great many headers that could reveal personal information of users (IP, mail client, etc.). Every such list tries, as much as possible, to protect the anonymity of its members from people that are _not_ members of the list, such as mail server moderators.

We suggest you find out how Public Key Cryptography and Gnu Privacy Guard work.

If you are interested in using this service, please contact us at support[at]espiv.net

espiv.net administration collective

About the Author: cybri