Table_of_Contents
Those who pay attention have heard reports of massive security breaches of customer data from large service providers. This data is collected by hackers and, in many cases sold to third parties for the purpose of email and phone telemarketing (spam), identity theft (bank accounts, credit cards). There is also the "problem" of the security state collecting (and recording) massive amounts of data including phone calls, browsing history, financial transactions. This basically amounts to perps "casing your joint". Something you may have said in a phone call years ago may be misinterpreted by the "powers that be", part of a campaign to bring you down, or extort you. Politicians, influential and wealthy people are particularly vulnerable to this risk.
"Knowledge is power". Knowledge (may be falsely alleged, by some) is used is to seek power over and exploit others, given that "rule of law" and free expression has been rationalized away by "rule of some men, enslaving others".
If you have nothing to take, you are safe and can live a life of freedom from everything except ignorance and want. As Janis Joplin opined "Freedom is just another word for nothing left to lose".
If you are a productive (responsible) person, you are a potential target. The fruits of your labors (wealth, property) are coveted by those with no end of rationalizations regarding why your property is theirs, or thugs, who need no rationalizations apart from their alleged needs / entitlements trump your rights.
If you own a business, with sensitive data and trade secrets, your information is extremely valuable to competitors and a target of industrial espionage.
For the purpose of discussion, information falls into three classes:
Any information can be speculated on and used to draw you into very risky / expensive legal action. Best to leave as little provable information as possible for those who desire to use it against you.
Information, factual or speculative can be used to extort you, especially if you are influential (wealthy, public figure, bureaucrat, judges, etc.)
The most basic argument for using SecureOffice to locally protect and store your communications and information is one of self-defense. Who is more trustworthy and diligent regarding protecting your information space? You, or, third parties?
Your home and property is your castle, harder to breach. The law alleges that it recognizes this basic fact. Third party service providers have their own concerns and are more prone to sacrifice your information privacy (better you than them), when threatened or placed at risk. Further, if third parties are under order to provide information, many such orders are wide ranging and your information may be disclosed as part of such "fishing expeditions", making you collateral damage, or at least risking being placed in a legal defense position. Such orders also allege that it is a criminal act to notify you or anyone that you are under surveillance and information has been demanded.
By locally managing and protecting your information space, you have at least insured that your information will not be disclosed by a successful security breach of your service providers. Anyone interested in your information will have to individually identify and target you, avoiding you becoming collateral damage to third party breaches and fishing expeditions. If the security state demands your information, they will have to deal with you, as opposed to not knowing that you are under investigation. It is also a simple matter of economics ("proceeds of crime" / effort). It is far more efficient for criminals to target large service providers and gain much information, than it is to target you and gain little information. Managing your own information space keeps you from being "low hanging fruit". You have been warned.
By locally hosting your services (file sharing / storage, databases, websites, phone system, emails, etc.), your information is inherently better protected from the following risks:
The reports regarding massive phone tapping and recording by the surveillance state are TRUE. States appear to believe that your private business is theirs (or, in general, YOU are their property, to be used as they see fit). If you disagree, you should DO something about it.
The SecurePBX phone system can, out of the box encrypt all phone calls, assuming the remote party has an encryption capable telephone, many of which are free PC and Android applications. Currently, the SecurePBX (FreeSwitch / ZRTP) call encryption is unbreakable. The only information that snoops can collect is the IP addresses participating in the phone call and when.
If you consider it important to hide who you communicate with and when (dissident networks, etc.), this is possible by configuring a VPN connection using SecureOffice which remote phones / extensions can use for connection to SecurePBX. It becomes unknowable by hackers whether or not phone calls are being made and between who
The developer and a close group of associates has been testing / using SecureOffice / SecurePBX for several years.
Email is the dominant method that hackers and other snoops use to gain access to your information, insert viruses, malware, ransomware, and spyware. Even with a properly configured local email server to prevent third party access to your sent / received emails, precautions need to be taken on your email client PC's, including antivirus. An overview of the risks and safeguards that need to be taken is available here: Email Risks and Precautions. It is also worthwhile to do an internet search: "email security precautions".
Using third party email servers to send / receive email such as your ISP, Gmail, Hotmail, etc. is a security risk, even if you use email encryption such as PGP, for the following reasons:
An overview of email servers is available on Wikipedia: Email Servers.
It is possible for email server applications to be created for SecureOffice, but that would also require keeping spam filters and anti-virus packages up to date to handle new threats. A better alternative is to run your email server in a virtual machine with automatic updates and much easier configuration. Sme-Server (free) is recommended for this purpose.
SecureOffice uses VmWare (licensed application, $) to host virtual machines. Instructions for installing and configuring VmWare and Sme-Server are provided.
If you use a third party hosted website with any of the following characteristics:
Your site may be hacked, spoofed, re-directing pages (such as registration or credit card entry) to other sites to collect information.
In general, without full local control over who can and cannot access your site, you are at risk.
Hosting your own website allows full control over access and security.
Websites can be directly hosted using SecureOffice, or, indirectly using a VmWare virtual machine, running on SecureOffice.
OpenWrt documentation outlines the webserver packages available for OpenWrt / SecureOffice: OpenWrt WebServers. SecureOffice uses and recommends the Nginx webserver.
This website and the developers email server use a Sme-Server virtual machine running on SecureOffice and has for several years.
Installation instructions for (licensed application, $) VmWare Workstation and virtual machine installation is provided on this site.
An Overview of the risks posed and precautions required if you use third party cloud storage and file sharing is here: Cloud Storage Risks. Much more information can be found by an internet search for "cloud storage security risks"
By using SecureOffice for local storage and file sharing, you have total control over what information is shared and, with who.
It is recommended to install NextCloud or equivalent to meet your local cloud storage and file sharing requirements. NextCloud is available (as a docker container) for SecureOffice: package details.
SecureOffice provides access to third party cloud storage for those willing to take the security risks or desire it for storage or sharing of insensitive or encrypted data.
RClone provides access to Google Drive, Amazon Drive, S3, Dropbox, Backblaze B2, One Drive, Swift, Hubic, Cloudfiles, Google Cloud Storage, Yandex Files and many other cloud storage services. RClone is available for SecureOffice: package details. General RClone information is available here.
|
Technologies Used: