Main Page

From aangat.lahat
Revision as of 04:55, 12 January 2024 by Admin (talk | contribs)

What is Aangat Lahat?

Kamusta! Welcome to Aangat Lahat. Aangat means "to lift up" or "to rise up" and lahat means "all" so aangat lahat to me can mean either "we should lift each other up" as in mutual aid or "we should all rise up" as in to rebel against oppressive systems. So the services under Aangat Lahat is my way of offering some sort of digital mutual aid for online communications. The amount of time and resources that I can dedicate to support and dealing with abuse is limited, so membership is only offered to close friends, family, and people in my affinity groups.

For Current Members

If you have an account, you can find the dashboard in this page. From there, you can log in and manage the services that are available to you. If you run into any issues, check out the status page to see if the services are running or contact me on:

Services running

Communications

Members have access to various communications and productivity tools. These are running on FreedomBox and Debian under the hood.

  • Email
    • Your own email address with unlimited aliases.
  • Jabber chat
    • Instant messaging with audio/video calls.
  • IRC bouncer
    • Instant messaging, 90s style.
  • File sharing
    • Share files like images and videos.
  • Calendar, journals, contacts, and to-do lists
    • You can use it for productivity stuff, too!
  • RSS reader
    • Follow blogs, podcasts, etc.

Tor Relays

These Tor relays are a part of the broader Tor network and not at all exclusive to Aangat Lahat members! But they're listed here because they do fall under the same umbrella of mutual aid in the form of bits and bytes. Tor helps circumvent censorship and provides anonymity freely to anyone and these relays help increase the health of the network. I run 4 non-exit relays and 1 exit relay. All relays are running OpenBSD under the hood.

Privacy and security

Summary

Event and access logs are disabled so I don't know your IP address or how frequently you use the services, but I do have access to unencrypted data like sent emails and chats and attachments.

Your data won't be viewed unless I'm investigating technical issues like abuse or spam. Make sure to use encryption if possible when using email (check out Mailvelope or Delta Chat or GPGTools) or when using jabber (check out Conversations, ChatSecure, Dino, or Gajim) or when sharing files (check out Hat.sh or Picocrypt) for extra privacy. Consider deleting old data that you no longer need as well if possible.

Backups are encrypted and stored on both Vultr and Rsync.net for redundancy.

Information collected

Email messages

Email messages that are sent and received can be accessed by the administrator. They are not encrypted automatically at rest I encourage you to check out tools like Mailvelope or Delta Chat or GPGTools with your contacts to encrypt them.

Jabber and IRC messages

Similarly to email, jabber and IRC messages are also unencrypted. I encourage you to look into Conversations, ChatSecure, Dino, or Gajim when using jabber. The IRC bouncer on this system (Quassel) does not have support for encryption.

Files uploaded

Files uploaded on bepasty aren't encrypted and thus can be accessed by the administrator. I encourage you to use Hat.sh or Picocrypt before uploading any sensitive files.

CalDAV (calendar) and CardDAV (contacts) entries

Calendar events, contacts, to-do lists, and journals that you store on Radicale are not encrypted and can be accessed by the administrator.

RSS feeds being followed

The blogs and podcasts that you follow on Tiny Tiny RSS are not encrypted and can be accessed by the administrator.

Information not collected

IP addresses

IP addresses are mostly not logged throughout the system with the exception of email. Rspamd logs IP addresses in it's history, but I've been purging this manually. I'm currently looking into ways to purge this on a daily basis automatically.

  • Event logs when using the service
  • Name, phone number, or address