Background information: Security is not a one-way street

10 Sep 2013

In irregular intervals we would like to provide you with important basics about how to protect your privacy in the internet and on your computer.

All servers and services of systemli.org are maintained by a left tech collective. The servers are encrypted. Connecting to our servers is exclusively possible through SSL-encryption. Only minimal Logs are used which are necessary to run the servers; of course the Logs are encrypted as well.

That means, if you and your communication partner are both using Jabber via systemli.org (user address: …@jabber.systemli.org), the conversation is fully covered by SSL-encryption. This is consistent with the type of encryption in online banking and is regarded to be secure. There are also other Jabber servers: jabber.ccc.de of the Chaos Computer Club could be recommended likewise if the SSL-encryption is activated. But we cannot guarantee that other Jabber servers do not store your data and are reasonably encrypted!

What third parties can see if you use our services and SSL-encryption.

If you don’t completely trust SSL (and/ or systemli.org) and you would like to have an additional encryption, you can use Off-The-Record encryption (OTR) or GPS in addition to SSL: OTR/ Pidgin

Basics

We can only ensure secure communication if you yourself take certain security measures!

You should regularly check the fingerprints of the certificates!

You should compare them with the ones of friends and the ones you can find on our page or on Twitter. If they don’t match, something is wrong and maybe someone is listening in on your conversations. If you have problems or if an unusual warning appears it is best to contact us and we try to find the source of the problem. If the certificates are changed we will publish this on our website and our Twitter account.

2. We can only take care of the server; you are responsible for your computer!

If your computer is not encrypted and you did not disable the message-logging (storing) it is just as if your messages would lie printed out on your desk and everyone passing by could read them. If these people do not like you, you have a problem.

Conclusion: If you use our services, encrypt your computer and disable the message-logging of your Jabber client.

Guide to encrypt your computer:

Disable Jabber-logging