Main Page
What is Aangat Lahat?
Kamusta! Welcome to Aangat Lahat. In Tagalog, Aangat means "to lift up" or "to rise up" and lahat means "all" so aangat lahat to me can mean either "we should lift each other up" as in mutual aid or "we should all rise up" as in to rebel against oppressive systems like capitalism and states. So the services under Aangat Lahat is my way of offering some sort of digital mutual aid for online communications. The amount of time and resources that I can dedicate to support and dealing with abuse is limited, so membership is only offered to close friends, family, and people in my affinity groups. Let me know if you're interested in an account.
For Current Members
If you have an account, you can find the dashboard in this page. From there, you can log in and manage the services that are available to you. If you run into any issues, check out the status page to see if the services are running or contact me on:
- Email / Jabber: jag@aangat.lahat.computer (PGP Key)
- Email: jag.talon@posteo.net (PGP Key)
- Mastodon: @jag@weirder.earth
Services running
Communications
Members have access to various communications and productivity tools. These are running on FreedomBox and Debian under the hood.
- 📮 Email
- Your own email address with unlimited aliases.
- 🗨️ Jabber chat
- Instant messaging with audio/video calls.
- 🗨️ IRC bouncer
- Instant messaging, 90s style.
- 💽 File sharing
- Share files like images and videos.
- 📅 Calendar, journals, contacts, and to-do lists
- You can use it for productivity stuff, too!
- 🗞️ RSS reader
- Follow blogs, podcasts, etc.
Tor Relay
These Tor relays are a part of the broader Tor network and not at all exclusive to Aangat Lahat members! But they're listed here because they do fall under the same umbrella of mutual aid in the form of bits and bytes. Tor helps circumvent censorship and provides anonymity freely to anyone and these relays help increase the health of the network. I run 2 non-exit relays. All relays are running OpenBSD under the hood.
Privacy and security
Summary
A lot of attention has been put towards minimizing the amount of data collected on this server. Event and access logs are held in memory temporarily to help track down issues and abuse, but they're never written to disk. You're also very much welcome to access this website over Tor or a VPN whenever you use the services on this website. Not everything stored on this server is encrypted so I do have access to unencrypted data like sent emails and chats and attachments.
Your information will of course never be viewed unless I'm investigating severe abuse or spam. Make sure to use encryption if possible when using email (check out Mailvelope, Delta Chat, GPGTools, or Thunderbird ) or when using Jabber (check out Conversations, ChatSecure, Dino, or Gajim) or when uploading files (check out Hat.sh or Picocrypt) for extra privacy and greater peace of mind. Alternatively, consider deleting old data that you no longer need as well if possible.
Information collected
Email messages
Email messages that are sent and received can be accessed by the administrator. They are not encrypted automatically at rest so the contacts of the email including who it was sent to can be read. I will never look into your emails, but I encourage you to check out tools like Mailvelope, Delta Chat, GPGTools, or Thunderbird with your contacts to encrypt them.
Jabber and IRC messages
Similarly to email, Jabber and IRC messages are also unencrypted. I encourage you to look into Conversations, ChatSecure, Dino, or Gajim when using Jabber with your contacts to encrypt your messages. The IRC bouncer on this system (Quassel) does not have support for end-to-end encryption unfortunately.
Files uploaded
Files uploaded on bepasty aren't encrypted and thus can be accessed by the administrator. I encourage you to use Hat.sh or Picocrypt before uploading any sensitive files.
CalDAV (calendar) and CardDAV (contacts) entries
Calendar events, contacts, to-do lists, and journals that you store on Radicale are not encrypted and can be accessed by the administrator.
RSS feeds being followed
The blogs and podcasts that you follow on Tiny Tiny RSS are not encrypted and can be accessed by the administrator.
Information not collected
IP addresses
IP addresses are not logged to disk, but they're held temporarily in RAM to help track down issues and abuse. It gets wiped whenever the machine reboots. You're also very much welcome to access this website over Tor or a VPN!
Event logs when using the service
The various events created by a member (time and date of login, page visits, number of logins, etc.) are not logged to disk, but are temporarily held in RAM. It gets wiped whenever the machine reboots.
Name, phone number, address, or financial information
Real names, phone numbers, addresses, or financial information is not requested when a member signs up. Only a username is necessary for any member.
Member's system details
There's no browser fingerprinting or logging of operating system information on the various systems.
Operated by a human
I'm doing my best to limit the amount of data stored on the server, and I'm continuously vigilant about protecting people's data. That said, I can make mistakes so some data or metadata may find its way into log files or backups and may not be properly expunged.