Dear USA, my data has left your building.

NSA, GCHQ, Prism, FISA, Project Bullrun, Sigint.

After Edward Snowden, former CIA and NSA employee, started revealing how massively, intensely and easily we are all being spied upon by the intelligence agencies of various governments, the terms above have suddenly been spending a great deal more time in the media.

Image by BLOGGING via TYPEWRITER

Image by BLOGGING via TYPEWRITER

It turns out that government agencies are allowed to extract, at a whim, your and my data from service providers, such as Google, Microsoft and Yahoo. There is no real legal process (unless you can call a secret judge in a secret court giving a secret order a real legal process), especially if you’re not a US citizen, and the providers that have been forced to give up your data in this way are not allowed to notify you about your digital self being violated. So even if they say that you shouldn’t worry, you can never be entirely sure.

Furthermore, it has also been revealed that the NSA has for years being acquiring encryption keys via legal (secretly forcing companies to give them the keys) and extra-legal (simply hacking into company servers) means. Even worse, they have for years been deliberately introducing security weaknesses into software products and encryption software in order to be able to crack open your data even more easily.

You can read more about this state of affairs in The Guardian’s NSA files. The Guardian has been doing a sterling job of analysing and bringing to light the depths to which our governments have sunk. There’s a whole lot of information, and most of it is quite upsetting.

For me the final straw was when secure email service lavabit voluntarily shut itself down, when faced with the prospect of being forced to leak user information to the US government without being allowed to tell anyone. The message on the site is quite chilling, and concludes with the following:

This experience has taught me one very important lesson: without congressional action or a strong judicial precedent, I would _strongly_ recommend against anyone trusting their private data to a company with physical ties to the United States.

At this point, I was a super happy and pretty heavy user of a number of US-based services, including GMail (all my email, about 40000 conversations consisting of 60000 mails, that’s excluding my work email which I also hosted on GMail), Google+ Photos (all my photos, about 21000 of ‘em), Google Drive, Dropbox (50G of data spread out over 120000 files). In all cases, I still consider these to be best of class services. In putting my money where my mouth is, I was paying both Google and Dropbox for extra storage.

I also had no problem with Google filtering through my email to show me targeted advertising. This is the deal I had with them. I also had no problem with the possibility of someone getting my data after due legal process. However, the idea that some NSA or other government agency flunky could quite easily stick their grubby paws into my data, and that I would never know about this, was too much.

There’s probably nothing much of interest in my data. However, it has become a matter of principle; Privacy is a basic human right. Here’s an old essay by Bruce Schneier if you need to read more about why privacy is so important.

In short: It was time to extricate all of my lovely data from probably well-meaning US companies, thanks to the ridiculously powerful and secretive NSA, and thanks to all of its shadowy counterparts around the world.

Here’s how I did it:

  • Considered building another low-cost Linux server, or even a Raspberry Pi. Decided against this due to time required for configuration and acquired a Synology DS213j NAS, which is at this moment standing on the desk about 1 metre to my left. My recommendation: Just get this, you won’t be sorry.
  • Downloaded 60000 emails to Synology using Thunderbird mail client. Deleted everything from GMail. Google engineers assure me that after a few months, data will really be gone.
  • My webhoster (WebFaction) receives mail for all my domains. My Synology retrieves mail every 5 minutes via POP (you can set this up via Roundcube on the Synology) and deletes it from WebFaction.
  • Outgoing mail is relayed by the Synology via the WebFaction SMTP server. I don’t have to worry too much about blacklisting and whatnot, my hoster does this.
  • I’m back to interacting with my mail using Thunderbird and IMAP SSL. The loss of GMail conversation view was initially really REALLY painful. People have forgotten the ancient art of quoting. However, I’ve configured Thunderbird to archive all mail to year-stamped archive folders, and to put my sent mail there. Poor-man’s Conversation View! (the conversations plugin is wonky. it’s shocking how much the availability of GMail, which works really well, has stunted the development of alternative email clients) Importantly, I am now able to use OpenPGP again for the strong encryption and cryptographic signing of my emails.
  • On my Android telephone (whoops…) I am using the Kaiten IMAP client.
  • All the data I had in Dropbox is now being synced between the Synology, two laptops and a workstation using BitTorrent Sync. This peer-to-peer syncing system is still a little rough around the edges, but falls squarely in the category of “Best Things Since Sliced Bread”, and it’s FAST. CloudStation, Synology’s dropbox-inspired solution, was just far too slow on my Synology model.
  • My photos (21000 of them) have been downloaded from Google+ Photos (thank you Google Takeout) and are now being served from the Synology using PhotoStation.
  • My music (5400+ tracks) is downloading from Google Music as we speak, and will be served from the Synology using AudioStation.
  • I make incremental backups of everything to an encrypted external USB drive, using dirvish. I will probably add an extra external drive to the mix and try to keep that off site.

It’s been an interesting process moving my stuff out, and getting used to these alternative systems is sometimes slightly uncomfortable, but I am quite happy with the end result. I hope that more people will take this step, and I really hope that more and easier-to-use alternatives for secure email (such as mailpile) and for ubiquitous private data will become available.

Addendum 2013-09-16

My submission of this post spent some time on the Hacker News front page, and from there was picked up by reddit as well. This brought many comments, a number of which were positive and thoughtful, and a number of which that were far less so. It’s amazing how anonymity and comment sections can bring out the worst in people. (if you have to know, the Hacker News community is generally MILES more polite than reddit)

In any case, I wanted to clarify an issue or two: After moving my data away from GMail and Dropbox, I am not under any impression that my data is now secure. I can still be hacked. My hardware and software could be full of backdoors. My email will still be read as it jumps from server to server, probably ending up in someone else’s GMail. :) However, if more people were to move their data out to their own premises, it becomes more complicated and costly for government agencies to monitor us all. At the moment, the NSA cuts deals with a few large email and other cloud service providers, and with that they’re able to monitor large swathes of users. However, if more of those users were to move away, many more deals have to be cut and servers hacked, costing more time and more money. Add to that increased used of OpenPGP (which I do use, and mention in my post), and it becomes even more difficult. I know that I’m just a drop in a bucket, but hey, at least I am a drop in a bucket!

My goal with posting this was to show that it’s relatively easy to move much of your data away. I have the feeling that many of the most impolite anonymous commenters still store their data with cloud providers, and would really prefer to believe that there are no worthwhile alternatives, hence all the ad hominem attacks.

Fortunately, each polite and humane comment makes up for a whole pile of bad ones. :)

56 Comments

    • Cool project! We need many more of these kids of efforts, so that evolution can start doing its thing and people can have a choice of various different excellent alternatives for securing their digital lives.

  • Nice one dude. I am going there too very soon. Just as soon as my free 50gb dropbox subscription runs out in November. Please, please report on your findings of BT Sync as it is my replacement plan too. I’ve been running a 24/7 home server with amongst others an sftp site that’s been really convenient. Since the smart phones and apps like ES File Explorer, I can even stream video media as long as the stream rate is less than my adsl upload speed. My server is in the garage and I do semi offsite backup to the green drive plugged into the AP in my living room. Considering adding a mail server to the mix but might wait till we get connected to fibre.
    Thanks for the continued inspiration.

    • My dropbox pro 100 runs out in May of next year, but I couldn’t wait any longer. :)

      I’ve only used bittorrent sync for two weeks now. The rough edges I mention have been cases where I needed to get in with some unix find fu to fix unsyncable files, see here: http://forum.bittorrent.com/topic/18614-syncing-not-completing/page-2#entry66896 — in a few more weeks I hope to be able to comment more on its usability as dropbox replacement(ish).

      Let me know if you want me to setup my webhoster thingy to relay mail for you as well.

      • So, If I am to understand this post correctly. You were moving away from American based businesses because you didn’t like the NSA. Yet Synology is located in Bellevue, WA and their product uses a hybrid cloud tech. Yeah. You REALLY didn’t do ANY research at all.

        • When you say “hybrid cloud tech” it really sounds like you have absolutely no idea what you’re talking about. :) Bad computer maintenance course in Des Moines perhaps? ;)

          You’ve also completely missed the point of the whole project I’m afraid. Your whole email archive, along with those of millions of other users, is too easily searchable and filterable at gmail.

          If everyone were to put their mail and data on their Synology systems at home, and even if each Synology had a giant big gaping backdoor (which is unlikely, as its Linux based, and has a huge community of extremely tech-savvy users), it would still be more effort for government agencies to filter user data en masse (you can look up “en masse” on google, ok? ;)

          It’s not about being 100% secure, because that’s not possible, but about making it slightly more complex and costly for foreign parties to get to your data.

  • Wait, you’re worried about “privacy” but still using unencrypted email?

    None of the intermediate servers could POSSIBLY be compromised and/or be working with the various international spy agencies, right?

    Trading convenience for the illusion of privacy is a pretty damn stupid thing to do…

    • Whoohoo! I must be getting famous, there’s a troll on my blog!

      Maybe you’re not a troll, in which case I apologise, but you seem to have missed the “OpenPGP” in my post above. :)

    • It’s an economic boycott as much as anything.

      MANY people are quietly doing or planning the same thing, and those who are capable of taking things into their own hands personally are very often decision makers for organisations.

      All in all, a bit of an own goal for Uncle Sam.

  • Funny how people, like you, in other countries, where privacy is far less than in the US, write articles like this when they really only display their ignorance. “A secret judge in a secret court”?! The judge is no secret. Your picture of Obama implies Obama oversees all that yet it shows you aren’t aware that Obama has no control over this “secret judge” and, in fact, he has no control over this “secret court”.

    But I don’t blame you for being ignorant. You probably gained all your knowledge from forums where 80% of the USA visitors gained their knowledge from other forums and the TV.

    I could go on and on but I know people who write articles about these things know far too much to actually understand how our government works cause they read stuff on the internet. And their own country would NEVER do a similar thing!

    Where did you say you were from?

    • Dear Rob,

      Thank you for your comment, and all of your insults. :)

      Please read the whole post. I did not imply that the Dutch government does NOT snoop on everything. However, since my data is now on MY premises, and not in a datacenter in the US where MASS filtering and snooping can take place, it gets slightly harder for my government (or yours) to look around in my data. They can probably try to hack in here, but they have to make a specific effort to do that. No more “hey, let’s check out all Dutch users who’ve mentioned ‘weed’ in the past 6 months”.

      *That* was my point, NOT that any other government is less guilty of this than the US government.

      • You do know that you and your data is only looked at if you are suspected of something. If that is the case then they will make that effort. What possible data can you or I hold that is so valuable that the NSA will look into it. I am sure that my pirated Rihanna discography will not show up on their search.

        What I came here to say is in fact, that even if you moved your files to a private mini-server, until you are connected to the internet you can be traced, checked, and looked at.

        • That’s the problem. I also thought that was the case, but reading through the analyses, it turns out that your data is also trawled even when there is no suspicion. Please check out the Guardian’s NSA files.

          On the “I have nothing to hide” argument: I have nothing to hide *that I know of*. :) Also read Scheier’s post (linked above) on why privacy *is* important even when you have nothing to hide.

        • “You do know that you and your data is only looked at if you are suspected of something.”

          You are being naive.

          Probable cause is not stopping the NSA from archiving for later use EVERYTHING they’re analyzing. They don’t need to do a live wiretap when they’re creating a database of everything.

    • Rob, you may want to do some research before spreading your bullshit. The EU enjoys a significantly higher protection of privacy, while the US offers basically none. Even more so, there is absolutely no legal protection for non US-citizens under US law, a fact that doesn’t seem to bother Americans.

      I never used Gmail for anything important, and I find the author hopelessly naive if not outrageously stupid for having done so. But I applaud him making changes and taking a stand, even if it doesn’t make him truly safe – because this is also about an economic boycott. Personally I cut all cords with US services and I will never buy a product made in the US again.

    • From one American to another…. You are the typical American asshole that when i meet non-American’s that they expect me to be like. Please shut up and stop being ignorant and condescending when clearly you’re not better than anyone else.

      I agree with this article and most of the comments. However i’ve gone past what you’ve done… you should deleting your Facebook, all pictures on the web, twitter accounts, yahoo/gmail/outlook/linked-in accounts. i have nothing left on the web, everything encrypted locally, multiple firewall layers, and i run most of my networking from within a VMWare session.

      ..its not paranoia when you know anything can and will be used against you.

  • I suggest that you take a look at Postbox . It’s based off Thunderbird so it supports Enigmail 1.2 for PGP and has a really good conversation view. It’s well worth the 10 bucks for a license.

    Postbox
    http://www.postbox-inc.com/

    Postbox Extensions
    http://www.postbox-inc.com/extensions

    • I would pay gladly for such a client, but I’m on Linux everywhere. Thanks for the tip though!

  • If you live in the Netherlands, you should not rely on a UK email provider – remember, Snowden revealed that the GCHQ is in some regards (“full take” capturing traffic) worse than the NSA.

    • You are correct. Best I can do now from my side, is to make sure none of my mail spends more than a few minutes on WebFaction’s servers. I agree this is not perfect. Other than that: OpenPGP! :)

      • How about running our own mail servers? It was a long time ago, but I have configured a mail server, MX records and all. I don’t know the current situation, but there are interesting projects like Kolab and Citadel that may offer even more than email, and Roundcube looks *really* nice (esp. compared to FOSS webmail solutions back then).

  • When do you plan to get rid of G+, Linkedin and Twitter?

    • I only post information on those networks about which I’ve decided that it’s fit for public consumption. I’m paranoid, but also pragmatic. :)

  • Many thanks for the detailed technical explanation cpbotha.

    I’m considering doing the same, but since I have some free time, I might give it a try with a raspberrypi first. Was there any hardware requirement with synology that was the deal breaker?

    Please keep the good work, this is a very good example of securing private data.

    • Thank you for your comment!

      My major concern with the Pi was the time it would take me to set everything up. The Synology has everything more or less preconfigured. If you have the time, I would say it’s worth playing with the Pi for this same purpose. Do keep in mind that the processor on the Pi is significantly slower than on the current entry level Synology models.

      Good luck with your endeavours!

  • Isn’t Webfaction a US company?
    I know they have servers in Europe but nevertheless they are probably bound by US laws if push comes to shove, no? Personally I use them and I’m very happy with them but I think I will look elsewhere for my hosting needs very soon. Yes, I too am in the process of moving out of US land. It is hard to move everything at once.. but Webfaction will too face the chopping block in favour of a completely non-US hosting company soon.

  • We have been working on a privacy friendly platform for years now:

    https://register.blib.us

    (Please beware that its Pre-alpha and being tested)

  • Dear cpbotha,

    Just want to say that your initiative is excellent and I hope it inspires more people and companies to take the same path, as a non US citizen I share with your the frustration and disappointment with the internet giants and governments that has being abusing and giving away our personal life in exchange for money (1) and financial/political advantages (2), they again have showed that human rights and peoples life is just the means for profit, all this backed up by the fear politics where everybody is a terrorist until proved otherwise.

    I also understand why many Americans are upset with your letter, when we criticise all these mess they tend to think that the critic goes direct to them, the people, and this is far way from reality, Americans are also the victims of a government that have deceived, manipulated and abused them for a long time, I could never understand why a society that pays so much taxes can not count on public health, education or some kind of social security, they spend years working hard to build the commons and when something goes wrong they are left alone, is this “all about business” society that they want to build for their kids? is this acceptable? Would you invest all your money in guns and war?

    But there is hope, at least this is what I see in several communities, people seem to understand what their government politics is all about (business for the 1%), and this is truth in many countries where governments are so “above” and so close to a totalitarianism that is becoming evident, the UK censuring the internet is a good example.

    Anyway, to be away from American companies is, unfortunately, something pretty much necessary, this is a problem that american people and companies have to fight and fix and the only thing we can do is to protect ourselves from the abuses of their governments and also ours.

    I hope they don’t let the propaganda make they think that the world is agains them, because if this was truth I would never have trusted my digital life to them in the first place.

    Keep it up hackers!

    (1) http://www.theguardian.com/world/2013/aug/23/nsa-prism-costs-tech-companies-paid
    (2) http://www.theguardian.com/world/2013/sep/09/nsa-spying-brazil-oil-petrobras

  • Interesting post, and I really want to go the same way but there are some sticking points:
    -Serving website from my home broadband connection violates my ToS, I could see serving all my files from my home through web interfaces getting my broadband disconnected.
    -Calendar? Contacts etc? (the answer here is ownCloud).
    -Synology is not using open source software so may well have the same backdoors pre-installed that you are trying to escape.
    -Webfaction have some USA data centres.
    -Webfaction may log all your email, they have off-site backups which may log all your email after you delete it, they may provide government access etc.

    Rolling your own mail server on your own box seems better but the time investment in fighting spam is significant, and your mailserver may get blacklisted leaving you unable to send email.

    Sorry to be so pessimistic.

    • All valid points of criticism, some are true in my case and some not.

      What I have now is better than what I had in terms of privacy: It has become marginally more difficult to snoop around in my data as part of mass dragnet-type operations that are already in place.

      That being said, the remaining points are being worked on. :)

      In short: Your criticism is not a valid reason to be complacent about your data in the cloud.

  • Welcome to a world where paranoia is a a default state and anything else is just foolish.
    You took a while getting here but you will like it.

  • Nice writeup.

    I’m curious – aren’t you a tad bit nervous that you don’t have a serious offsite backup strategy in place? I know it’s incredibly unlikely that you would lose all your data given you’re syncing to 3 or 4 separate silos – but in a worst case scenario (i.e. fire, flooding etc.) each of these silos could be destroyed (especially if they’re in your home).

    Have you thought about how you might put one of these silos somewhere externally?

    Curious as this is on my todo list :)

    Ed

    • I am extremely nervous. :)

      Setting up an external LUKS/dm-crypt encrypted USB drive with Linux is straightforward, and my dirvish incremental backup configuration already works. After having added the extra external USB drive, I’ll either store it at a friend’s house, or ask my SO to take it with her to work.

  • You should checkout Tonido (www.tonido.com) as well. Basically, you can get dropbox type of sync, access to data that you have in your computers (it is crossplatform).

    While they provide relaying of traffic to avoid having to open ports in your routers, you can disable it and provide direct access by opening your port and setting your own SSL cert.

    Short of public cloud, I would say Tonido is a good alternative.

  • You may wish to consider having a look at Geary, which was made for Linux: http://www.yorba.org/projects/geary/

    It has GMail-like conversation view, but is very simple otherwise. I’m unsure of GPG support, however.

  • Fellow Synology user here…I went through the same process as you a couple months ago. Haven’t looked back after the (somewhat arduous process) of setting everything up at first.

    One of the previous posters questioned how to accomplish Contacts/Calendars. You can use CalDAV to do it:

    http://www.synology.com/support/tutorials_show.php?q_id=463

    Use the Directory Manager package for LDAP accessible contacts.

    Also, if you can get a static IP from your ISP, you can set up an MTA on your Diskstation, and bypass the ISP’s entirely. See here:

    http://www.synology.com/support/tutorials_show.php?q_id=448

    You can also use DiskStation as a git or SVN server, in case you want to get your data off github or whatever.

    Finally, since all this NSA-prompted paranoia gets pretty depressing, here’s something fun. Spend the $30 and get a USB sound card…of course you can always use DLNA or whatever, but if you want to hook your Synology up to a legit receiver AND control your music from your phone, sound card is the way to go. I have this one:

    http://www.amazon.com/gp/product/B000KW2YEI/ref=oh_details_o08_s00_i00?ie=UTF8&psc=1

  • Since you have the Synology that you chose over the RPi then could you share the config settings with us so that those of us who cannot afford it can do the same with an RPi instead?

    For everyone’s information: Synology server = $~180. Raspberry Pi = $~40

  • I find it funny how it has been received on reddit. For example, the current most upvoted comment says


    So to secure his email he is bouncing it through two other places, unencrypted, and he figures that will be better? Jesus Christ, this guy is a few electrons short of a capacitor if he thinks anything he did helped his online privacy at all.

    Despite the fact that the author cites he uses OpenPGP.

  • Hello,
    could you please explain step by step how to download all emails from google to thunderbird?

    Isn t there a limit of emails you can donload at once?

    Thank you

    nadim

    • That’s a good question, thank you!

      I used GMail filters to label all of my mails per year, so I ended up with a 2004 label, a 2005 label, and so forth until 2013. I configured my Thunderbird to talk to the GMail IMAP interface, and then proceeded to copy all of my mails (by dragging and dropping), year-folder-by-year-folder from GMail to the Synology. Some of the years had 12000 mails in them, but this was no problem.

  • Great post! I actually did something similar and blogged about it a few weeks ago (and got the same negative feedback on HN/reddit :-) – Maybe some ideas to share, feedback welcome: https://eschnou.com/entry/implementing-prism-break-62-25013.html

    Also, congrats on hosting your own site, identity and owning your data. You should join the #indieweb community, it won’t require much effort on your side (e.g. microformat markdown in your html) and you’ll help build this great social layer around the web, far away from the commercial silos. And then next time I can comment on your blog directly from my site :-)
    http://indiewebcamp.com

    • Much appreciated, thank you for stopping by!

      You’ve written a super useful post, I like the list of changes that you’ve described. I have to say, I’m not quite ready to turn off my Android telephone yet. :)

      As soon as the dust has settled, I’ll take a look at indieweb.

  • Thx for sharing! Did pretty much the same with my online files, now looking for alternatives for gmail and evernote but that ain’t easy… Especially looking forward to Mailpile too.

    I also found http://prism-break.org/ to be a nice resource, it provides a list of alternatives for online/USA based software solutions.

  • I drank the Gmail Koolaide back in 2004 when I first received an invite, and fell in love with it. I then proceeded to obtain 500 free Google Apps accounts for my company (which you could ask for and receive way back) and linked them to the domain my company owns for a 500 user, trouble free work email system. I signed up for, received, and beta tested a Cr-48, had a SSD problem with it (which I dutifully reported) and received two more at the end of the testing period. I was able to fix the original one, so have all three now still in service. I embraced Google Voice early (back when you could get a local number) and use it heavily to this day. I never embraced Google+, as I deleted my FaceBook and Twitter accounts for my New Year’s 2012 resolution, and wasn’t looking for a replacement social media service. In short, for nearly a decade, I bled red, green, yellow, and blue blood, and preached the “Google Way” to anyone who would listen. I don’t carry a smart phone, I use an acient Motorola V325xi (no camera) and my Cr-48 with built in 3G in lieu of that (I’m also a frugal bastard) and was happy as I could be.

    That is, until Edward Snowden came along, and all of the subsequent revelations now coming to light.

    Part of the reason I killed my FB and Twitter accounts was because there was already something somewhere in the back of my mind in late 2011 nagging me that we were giving up way too much privacy voluntarily by using these services, and realized the same applied to Google — if you’re not paying for a service, then you’re not the customer, you’re the commodity being sold. But I believed in their “Do No Evil” mantra and thought they would protect me from my government. Now I realize that they can’t, even if they want to.

    I’m a Linux server guy in my day job, but a Windoze sysadmin as well. Lately, I’ve been thinking about doing exactly what you’ve done, and have thought deeply about how to go about it. I was using Thunderbird on Ubuntu (or SuSE, maybe?) back in 2004 when I switched to Gmail, and it looks like I’m going to be reuniting with an old friend soon. I have already acquired a used Synology DS1010+ (it’s a five bay pro grade monster) and stuffed it full of new 1TB drives. I finished the rebuild last week and have completed moving ~430GB of family photos, movies, music, and other “can’t lose” folders to it.

    I’m now to the most painful part, the email part.

    I apologise for the wall of text, this is indeed agonizing leaving what I’ve grown to love and have proselytized to so many others, but it’s time. Thanks for all the pro tips.

    TL;DR — Yup, gotta do this, and give up a lot of convenience for a little added security.

  • Your emails are automatically being collected at every major ISP junction in the us. it doesn’t matter if you pop for IMAP, SMTP on the back end is in the clear. Even encrypted files are collected till such time as they can be decrypted. every single key is shared with the NSA under threat of treason – the last executable offence under federal law. Just using the internet or searching is tracked by the NSA. Google and thus android has every single password you store on your system. It has recently come out that google mapping has been capturing every WiFi password as it drives around mapping every street in ‘Namerica.

    We have no hope of reversing this trend till we change election finance reform. Big $$$ are in bed with politics to ensure intellectual property rights are maintained and we the people own nothing.

  • My good sir, I have an inquiry regarding whether or not you ever considered a solution named owncloud (http://owncloud.org/) to fulfill your requirements regarding data storage and syncronization for the various media. If yes, how come you did not end up using this option.

    Kind regards

    Pic

    Ps. it was a good read

  • Cool idea but the issue of security vs privacy is what crosses my mind. Because Google has more people securing their services then you do securing your server. So after a couple of hours on the net your servers IP is already known by a few hundred hackers that scan subnets constantly. Probably is easier to access your data on your home server then it would be for any if those hackers to access it on Google. Now the US gov won’t take advantage of your data but black hats or crackers will. So the question I have is the trade off of a secure service where your data is protected from bad guys, but an agency that doesn’t care about you can snoop your stuff vs a bunch of probably really bad people having the opportunity to hack into your open source server.if you have nothing to hide then the choice isn’t one I would make.

  • Respect and thanks for sharing.

    You are obviously more tech savvy than the average user of many of these products, so mere mortals will most probably be stuck using the easy-to-use nicely integrated services (e.g. Gmail, Dropbox, etc). We have become so used to the behemoths that it has become to daunting to even contemplate moving, as en example, just photos from Google/Flicker/etc.

    In my daydreams I am hoping that one of the following two alternatives come to pass:
    (1) Google/Dropbox say: “To hell with it” and move to another country, free from the shackles of the US “legal” (in the broadest sense of the word) system.
    (2) [and this is my favourite] Google buys another country (Iceland may be up for grabs…) and move their whole operation there. I am sure there are some other tech companies sitting on piles of cash who would be willing to chip in. They can them have a free and fair, “Don’t be Evil” constitution. That would really stick it to the man!

    One can but hope!

    OK, back to reality. I need to watch some CCTV cameras and look at what my colleagues are storing on their hard drives.

  • Good to hear that more people are doing this now! Not that it matters as much to you since you have a working setup, but for the nerds who are willing to use some lower level tools, here is an ok howto for emails: http://dbpmail.net/essays/2013-06-29-hackers-replacement-for-gmail.html

    And then indirectly linked elsewhere, another alternative to DropBox is git-annex. I use it to manage my music collection since that wouldn’t fit on DropBox anyway and I’m really happy with it.

    Ignore the haters! Fight the good fight!

  • […] via Dear USA, my data has left your building. — cpbotha.net. […]

  • […] a week or two ago I read this post via reddit where someone described how they started to move away all their stuff from US based […]

  • […] Happy that my last 16 years of email is all on my own server. […]

  • […] Happy that my last 16 years of email is all on my own server. […]

Join the Discussion

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>