[guardian-dev] Blackphone

[Lee Azzarello]

While GP sponsored the development of ostel.co as a public service, it
is currently sponsored and maintained by Open Hosting, a commercial
cloud hosting service of which I am a partner. It is open, well
documented and free. User location data is centralized for the domain
ostel.co only. Given these facts, I don't agree that the line has been
blurred.

While there has been a bandwagon of "USA bad, Iceland good" as an
argument to define which nation du-jour is best to build real Internet
infrastructure, the ground level commitment to implement of that
infrastructure for services beyond passive proxying (for example, Tor
relays) has been weak. Thus far all the individuals and organizations
I've worked with to help stand up their own secure VoIP service have
been behind NAT routers on home connections with consumer level ISPs.

I believe this is due to the difference between the partners of a
retail cloud hosting company building infrastructure and offering that
as a free service and a customer of a retail cloud hosting company
doing the same thing. Building a business for cloud hosting is easier
than it ever has been, though it still requires a non-trivial capital
investment in wholesale bandwidth via a global ISP, a lease with
colocation facilities to deliver that bandwidth and physical hardware
to be purchased, racked and stacked in said facility. This is the
primary business concern of a hosting company, rather than building
applications that run on top of that infrastructure.

Anyone interested in contributing to a federated infrastructure for
realtime communications, (VoIP, IM, video chat) could get an account
with a real hosting provider anywhere in the world, with a static IP
on the public Internet and build out their own backend. Until then,
the big application providers (Google, Skype, Facebook) will continue
to own our data both in transit and at rest.

-lee

On Thu, Jan 16, 2014 at 11:33 AM, Nathan of Guardian
<nathan at guardianproject.info> wrote:
> On 01/16/2014 11:07 AM, Peter Villeneuve wrote:
>> Perhaps I'm being overly paranoid, but to me, nowadays, security/privacy
>> and US company in the same sentence sounds like an oxymoron.
>
> While many of the Guardian core team are US citizens and residents, much
> like the Tor Project, we do our best to mitigate that "flaw" through
> transparency and decentralization.
>
> We do have a small private business that we use to get contracts related
> to mobile security work, but it has no rights over anything related to
> the Guardian Project code, source, etc. We also have posted notices
> about warrant canaries, etc and actively support fighting against things
> like National Security Letters (see my advisory position at Nick
> Merrill's Calyx Institute:
> https://www.calyxinstitute.org/about/advisory_panel)
>
> Your paranoid is justified though when it comes to purchasing commercial
> hosting services. This is why we don't launch closed, for-pay centrally
> hosted services, and instead focus on open-source and teaching other
> people how to host their own infrastructure. While we have blurred that
> line with our Ostel.co service, we are eager to have others expand that
> network abroad, and are already underway with new instances coming
> online in Iceland, the Netherlands and Hong Kong.
>
> All in all, as an eighth-generation American (my family has been in
> California so long we used to be Mexican!), I do have some pride left in
> this beautiful land, and hope we can do some part to earn back what
> trust we still can.
>
> +n
>
>
> _______________________________________________
> Guardian-dev mailing list
>
> Post: Guardian-dev at lists.mayfirst.org
> List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev
>
> To Unsubscribe
>         Send email to:  Guardian-dev-unsubscribe at lists.mayfirst.org
>         Or visit: https://lists.mayfirst.org/mailman/options/guardian-dev/lee%40guardianproject.info
>
> You are subscribed as: lee at guardianproject.info