Server and mail security/privacy
-
Hi folks...
I have been wondering the level of security and privacy the Cloudron solution offers.
I have read the security and privacy section in the docs (https://docs.cloudron.io/security/) and understand "Cloudron has no mechanism to access your server". And that is indeed great privacy by design...
However, I have some specific questions as to the hosting company itself and the Email situation:
- VPS hosting
If for instance I host Cloudron on netcup.eu what privileges does the VPS hoster have on content? Off course if they wish they can terminate the hosting itself in effect dissapearing all content. With a Cloudron backup, hosting can simply be shifted to another provider if that should happen for some reason.
But what about actual access to the Ubuntu server and the cloudron instance itself? Will VPS hoster have any way of accessing that data? For example user data (mail, names etc.), number and names of cloudron apps? Can there be backdoors? If not I presume it is not necessary to sign a GDPR agreement with VPS hoster as no user data except my own registration and payment details can under no circumstaces be shared?
In the docs about Email (https://docs.cloudron.io/email/) "Secure out of the box" is advertised, however the linked URL supposedly explaining that is taken down: https://docs.cloudron.io/email/security/#email-security
So my question is what happened to that page and what does "Secure out of the box" actually imply in this context?
Does it for example mean encrypted at rest? possibility of E2EE (End to end encryption)? If not, can those at all be achieved within the Cloudron solution? (For example through Nextcloud). In other words is there a way of achieving or getting close to the kind of mail privacy and security offered by for example Protonmail and Tutanota, but using Cloudron?In any case... all comments regarding the advantages/drawbacks of the security/privacy situation on Cloudron are very welcome
-
-
@tubelubs said in Server and mail security/privacy:
But what about actual access to the Ubuntu server and the cloudron instance itself? Will VPS hoster have any way of accessing that data?
From Cloudron's point of view, we have no access to your server. We also don't know about the users or domains you add on your server. Unless given SSH access explicitly, we have no idea about what's inside it. We do have information on what apps are installed but not which domain they are installed in or configuration or anything else. We need to keep an app count on our servers per cloudron.io account for our subscription/pricing.
For the VPS provider (any provider and not just netcup), they do have access to your ubuntu server and in theory, can access everything inside it. I guess you have to ask netcup for their GDPR compliance. For example, DigitalOcean has https://www.digitalocean.com/legal/gdpr-faq/
Does it for example mean encrypted at rest? possibility of E2EE (End to end encryption)? If not, can those at all be achieved within the Cloudron solution? (For example through Nextcloud). In other words is there a way of achieving or getting close to the kind of mail privacy and security offered by for example Protonmail and Tutanota, but using Cloudron?
Data encryption at rest is a feature provided by the server hosting. For example, AWS has EBS encryption - https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html . E2EE encrpytion for emails can be done using PGP (which is enabled in Cloudron's roundcube package). This only works if your receivers understand what PGP is.
Also, if you want complete control of these things, you should look into having a server in a data center (which requires you to trust people running the data center) or run it at home (which is complicated for an email server). Ultimately, even with protonmail/tutanota, you are trusting them to do what they say. So, you have to trust someone. Also, it's not possible to do E2E mail across email providers, it has to be plain text (like if you send mail to some gmail).
-
https://www.confidantmail.org/ is an interesting non-email, e2ee message and file transfer system (unlimited size).
-
I tend to agree with (I think it was) @mehdi who said if you want to send secure messages don't use email as it wasn't designed to be secure.
-
@jdaviescoates right, securing email is a lost cause
I have had to help several customers enable legacy TLS versions in cloudron email server because big companies like orange, yahoo have not migrated.
