Ho Ho Ho! Merry new year! Hi there.
Damn this one took forever. New year's resolution of posting on regular basis seem to be taking a bad turn from the get go. No idea what happen as this blog post was going through number of iterations and changes due to having the post being postponed over and over again. Ok. This time for real. Hope your resolutions are holding up better than ours and you have settled in the new year.
First of, we are proud and excited that this year, we are publishing our yearly report now and not in July. Pat in the back for the team to deliver on time. As always in the report you can read some highlights of the year, financial overview as well as peak for plans for 2024. Check it here
Another point worth mentioning is additional information in our Privacy policy (version 1.5). Most notable changes are:
For quite a while our postings were irregular and we did not mention much about new features on each service, and when we did post, we rather focused on general Disroot-as-a-platform news. We want to change that and inform you about new features, changes and improvements happening on all services on a monthly basis. We check upstream changelogs so you don't have to. Additionally as some suggested we have changed the numbering of the newsletters and from now on, as you might have noticed, it will be Year.Month (24.03). Mainly to keep consistent with Disroot changelog but also make it easier to find things when needed. So on to the latest highlights from last three months:
Let's start with new service. For few weeks we have been testing out a replacement to forum service we have phased out last year. We are happy with it so far and so decided to invite you to give it a try. Lemmy is a similar service to reddit, but with a pinch of fediverse magic. Service allows to subscribe and create public communities where you can post links to interesting things, or start discussion threads. That's right. Lemmy is a federated service. That means when using our instance, you are not limited to the content and users on the instance, but you can interact with communities across many servers out there. We are still testing the grounds, but looks like Spanish disrooters already went all-in and are enjoying it. So waste no more time, create an account (it requires separate account), and share and interact. @fede has already cooked up tutorials. You can explore communities outside our server here
Last weeks @antilopa has worked on more unified color palette for themes on Roundcube and SearXNG. The result is pretty good already. We are especially happy with dark themes as it's hard to create those specially with the "Disroot colors". Enjoy :D
Oh! Another service. While preparing to close the last year, @meaz came out of the blue with ready to deploy setup for LibreTranslate. Since this has been requested by number of disrooters, and has very low (if any) littering / abuse factor, we decided to just go ahead with it. And so we are happy to announce we have our own Disroot Translate service at https://translate.disroot.org.
This is mind blowing news. Looking at the state of finances and amount of income in the past year, we decided we can secure funds for several purposes (check the yearly report for details). Among those, a financial compensation for @muppeth. Although not paid for his full time, it's an awesome step. Thank you so much! We have decided we can allocate monthly wages to @muppeth of 1000 euro for this year. As we do not want to get into financial issues, this is based on money we have gathered prior. We wish to be able to truly become financially independent in the future and compensate entire team full time. Your financial support of the project is crucial. Keep that caffeine coming!
Ok. We hyped it for a long time now. It's time to hit the Disroot servers finally. For past week we are running a so called silent testing on Disroot server. Since all email does need to pass through Lacre, which will then decide whether to encrypt or not, we can test Lacre's performance and fish out some of the bugs we could not find when on test server (simply due to the scale factor). And so for past weeks @pfm has been ironing out things as result of edge cases we have find. Once most of the issues are solved, we will import first keys from those brave enough to try the encryption out. Then we will announce a proper beta tests. So keep your eyes and ears open in April cause Lacre is definitely coming your way this spring \o/
The coming year is packed with work already and we are planning to do a lot. Check the yearly report to read about all the hype. We are confident we will do all that stuff this year but everything in small baby steps. You will read about all the progress in the upcoming newsletters.
We would like to give a shoutout to everyone who recently got more involved on our issue board providing feedback, suggestions as well as helping test and debug issues as well as provide helping hand in translations, helping with website texts, and much much more. That little corner of the project is becoming more and more alive and it's nice to see disrooters taking more active part in shaping the project. Special thanks to @floss4good, @Shadowstreik, @l3o, @mester, @kitleopold!
Speaking of issue board. In the Annual report 2023, you can read about our plans for this year. To make things a bit more clear and easy to follow, we have created bunch of project boards where you can monitor progress of goals.
Stay cool!
-Disroot Core Team
Hi there Disrooters.
Hallo there. Missed us? Well, silent but not lazy. Last time, we wrote that the world was going crazier each month. Sadly, seems we couldn't be more right about it. While waiting for imminent UFO invasion (what else is left to surprise us right?), here is some highlights on what we've been busy with.
We have been hosting Cryptpad for several years now, and we're really happy about it. It's a great set of collaboration services for those who value privacy as all data is end to end encrypted.
Recently, some Disrooters contacted us to see if they could have extra storage on Cryptpad, like we do for mail and cloud. So first we extended the default free storage from 250MB to 500MB for everyone \o/.
We've also decided to allow user to allocate the extra storage they pay for as they wish between cloud, mail and now also Cryptpad. For example, if a Disrooter donates for 10GB storage, this user could decide to have 6GB for cloud, 2GB for mail and 2GB for Cryptpad. These extra gigabytes will be added on top of the default storage space given on account sign-up (so in that previous example the user would have 2,5GB of extra storage on Cryptpad).
Check our Perks page to see the extra storage prices.
Forgejo is the software powering our git instance. Last month we have added new feature called "incoming email". This feature allows for several actions that can be executed via email such us replying to issues or mentions. Specially useful if you want to stay active on your project while on the go.
For Halloween :), we've deployed two new services.
First, we have replaced ConverseJS with Movim as a xmpp chat service. It's far more user friendly which is something many of you were asking for. Apart from great interface, it provides also a form of federated social network features such as communities and blogging. All this federated with other Movim/XMPP nodes and in the future part of fediverse which is powering our akkoma instance instance and thousands of others in the network. We would like to thank a lot of all people involved in ConverseJS project for supporting and developing this webchat solution. We would like to send our love and greeting to jcbrand for all his work and support. Thanks for all the fish!
Second, service is a translation service you can find under translate.disroot.org. It is powered by LibreTranslate software. Our instance is still fresh and possibly unstable so if you notice anything worth feedback, please feel free to do so. It will help us get things stable and awesome!
As usual, the never ending war on spam continues. We're trying our best to combat this plague. This time we have tackle mostly the outgoing SPAM from Disroot itself. We are dealing with quite an amount of abusers creating Disroot accounts to send out spam, phishing and other abuse. This harms our reputation as a domain which results in emails sent from Disroot in general being viewed by others as spam. We did add some measures to combat this activity without harming users privacy and we do see some progress on the field. It does require consistency and adding yet another task to daily routine but we are sure it will yield results. Hopefully Disroot will become too much of a hassle for abusive scum so that they will loose interest and move away to look for easier prey.
Additionally, we have enabled a feature on webmail allowing users to mark emails as spam. Those marked emails are then forwarded automatically to us, and we can use them to further teach spam filters on our servers. If you do get some spam, please mark it as such. If you get a lot of it, move them to your Junk folder and drop us a line at support@disroot.org. We will then take care of the Junk mails for you and feed it to our ever hungry spam filtering system. If you use native client forwarding your spam to spam.report@disroot.org and your ham (false positive) ham.report@disroot.org will do the trick also.
Yet again, our privacy and safety in the internet is challenged. It seems that governments cannot stand the fact internet is our last free bastion to exchange information and ideas and are doing what they can to turn that medium into controlled one, just like radio, newspapers or television.
First they are coming for your correspondence. ChatControl legislation as a result of war against child pornography and grooming is planning to destroy any end-to-end encryption messaging as the authorities require service provider to snoop on all messages to filter out the suspicious ones. It destroys fundamental rights for your privacy of correspondence while totally missing the goal, as child abusers will continue to find the ways to distribute their content. It is much failed approach as solving homelessness with a legislation or banning kitchen knifes as they could be used to harm or kill others.
Secondly, EU behind closed doors is trying to push legislation that will force all web-browsers (and not only) to implement certificate authorities and cryptographic keys selected by EU governments. This essentially would allow government (or anyone else for that matter) who's in possession of such certificates to intercept encrypted data you exchange with the website and view it in plain in real time. For example, emails you send, posts, you upload, images you view, things you download or upload, people you communicate with. Essentially everything you do on the internet could be viewed in real time by the state. This is no joke, nor it's a far fetched conspiracy theory. This is our reality!
The fight for our freedoms continues as long as the EU tries to implement regulations straight from totalitarian nightmares. Check the links below and get involved. It is about your privacy and freedoms after all:
https://www.eff.org/deeplinks/2023/11/article-45-will-roll-back-web-security-12-years
https://last-chance-for-eidas.org/
Also check out a great video from Nicco Loves Linux about this.
Next two months we want to focus on proper end of the year cleaning. We will try to cleanup, answer and finalize everything that is either urgent or easy to close on our issue board, support ticket queue and all started but unfinished. We will try to answer all old pending tickets too. We hope to welcome new year with nice clean slate, as little backlog as possible. Keep your fingers crossed.
We tried to resurrect the idea of XMPP custom domain but we have hit a concrete wall in the process and have not managed to get it up and running. The good thing though is that we are working on it finally, and we will try to find a solution to the issue we currently have. Hopefully it's a solvable matter. If you are interested in following the development of this feature or want to actively participate, check this issue page
Before the end of the year we hope to finally test Lacre (our approach to end-to-end mailbox encryption). @pfm has done quite some progress and we think we are ready, so stay tuned for more details coming really soon.
Stay cool!
-Disroot Core Team
]]>We have been hosting cryptpad for several years now, and we're really happy about it.
Recently, some disrooters contacted us to see if they could have extra storage on Cryptpad, like we do for mail and cloud. So first we extended the default free storage from 250MB to 500MB.
We've also decided to allow user to allocate the extra storage they pay for as they wish between cloud, mail and now also Cryptpad. For example, if a Disrooter donates for 10GB storage, this user could decide to have 6GB for cloud, 2GB for mail and 2GB for Cryptpad. These extra gigabytes will be added on top of the default storage space given on account sign-up (so in that previous example the user would have 2,5GB of extra storage on cryptpad).
Check our perks page to see the extra storage prices.
]]>Meta (the company formerly known as Facebook and owner of Instagram, WhatsApp and the Facebook "social network") has just launched a new platform called Threads that aims to "kill" Twitter. Every war (real or virtual) brings casualties. And in this one being waged by large corporations for control of communications, we think the Fediverse, and especially Mastodon, will be among those casualties.
When Meta announced its launch, it also stated that the new platform would be compatible with the ActivityPub protocol. The same protocol that powers the entire Fediverse. This means that Threads will be interoperable with other servers on the network, including our own. For some, it sounds like a dream come true: finally everyone, regardless of where their account "lives," will be able to communicate with each other. Sounds great on paper, yeah...
However, if we keep in mind what history has taught us, we seem to be repeating the tale of the sheep inviting the wolf to dinner.
Meta is one of those corporations that has a terrible and well known reputation. And it is very likely that most of you are here because you were looking to escape the "platforms" of "big tech corps" like this one. Well, guess what... Like the wolf in the story, the big corporations are getting a foot in our door again.
We believe that Meta's entry into the Fediverse will have very negative long-term consequences. Threads will become from day one the largest and most influential node in the federated network. In fact, it will be larger than all the current servers combined. And at least for us, this means that they can take the lead in developing new features and force other participants to implement them (for better or worse). Whether it be features that we have been waiting for a long time (such as account migration), others that harm users' privacy or the introduction of advertising platforms, which others will sooner or later have to implement in order to remain compatible with the rest of the network. The rest of the network, in this scenario, would be that other single server with billions of users.
Of course, at this point we can only speculate on what plans Meta has for us and how it will all play out, but given their track record, we cannot expect it to come in good faith. The fact that ActivityPub is an open protocol does not prevent Meta from using it, but as a network of servers within the Fediverse we do not need to engage with them and allow them into our spaces.
That is why we have decided that we do not want to cooperate with Meta at any level and therefore not federate with them. Not to federate with Threads is probably and simply the only way, for an instance or organization with the values we stand, to express their position and say that they do not agree and do not want to have anything to do with what Meta does and how Meta does it through its products: promoting and inducing the generation of interactions and conditioned habits for the production and extraction of data.
The only added value that Threads is bringing to the table is their users. We would love to see the whole Earth's population using ActivityPub, as it solves the problem of centralization, monopoly and gives the opportunity to small organizations, groups, families or individuals to self-host their social platform and have control over their data.
However, we believe that this change has to happen organically, as people understand the concepts of federation and decentralization, consider them an important part of their digital life and build a balanced and self-owned network, free from the influences of the big tech corporations. Until then, the billions of users provided by Meta will destroy that concept.
We do want all of you in the Fediverse, but not on the terms dictated by Meta, Alphabet or others!
So what does this mean for you, dear Disrooters?
That when Threads enters the Fediverse, you will not be able to interact with users on it. Our server will not federate with Meta. If this decision presents a problem for you, thanks to the (still) diverse nature of the network, perhaps you can find a new home on a server that has decided to give Meta the benefit of the doubt.
While we have decided not to federate with Meta's new product, we fully respect the autonomy and decisions of others who choose to federate. Our "guns" are and always have been aimed at the big tech warlords. We are not aiming them at other fellow members of the Fediverse. We are not going to block instances that decided to federate with Meta. They have the right to do so, and while we may not always agree with their choice, we fully support their decision.
At the same time, we hope, wish and need to not turn against each other within the network that we have worked so hard to sustain. If there is one thing Meta and the others do very well, it is to promote the fragmentation of the network into sides fighting each other before Threads even becomes a real THREAT. So support your admins, support your users, appreciate the diversity of the network and make use of it.
We do not know what the future brings, but we do know one thing for sure. This Meta movement proves that federated networks are the future and corporations see it as a threat to their money making machinary. They are not coming in peace, but to take over the cake before others do and take control to maintain their monopoly and profits. We must keep our grounds and continue to do amazing work without them.
We don't need them. We have done just fine so far.
Let's keep the wolves out!
]]>Hi there Disrooters.
Time flies...
Welcome to the 10th issue of DisNews. Half of the year is behind us and so far no alien invasion happened. Although the world is getting more and more crazy with each month. We hope you are all OK and taking care of yourself and your closest ones.
Here is what we have been busy with the last weeks.
First of all, something we forgot to mention in the last DisNews: the annual report for 2022 has been published! Check it here
As some of you noticed we have not published the report for 2021. Of course we could blame COVID and the impact it had on our personal lives and how generally traumatic period it was and how hard to recall for annual report. Basically everyone would like to forget this year ever existed. The truth however is simplier than that: a dog ate our report draft.
That aside, check the report from 2022 and enjoy.
As you could read in our previous posts (DisNews #5), we have purchased new hardware. From the beginning of this year we have been busy setting up the servers, installing them in the datacenter and migrating all the services. This was a time consuming process but it is almost complete. All bare metal servers are hanging in the racks all powered on. All virtual servers hosting all the services have been migrated to the new beasts. The only thing left to do is migrating the biggest filestores which are user's mailboxes and Nextclould's user files. As those are quite big datasets (not only because of their size but -most importantly- the amount of files), it will take quite some time to complete their migration. We want to make sure no dataloss occurs during this operation. Another important thing is doing it with minimal, and if possible imperceptible, downtime for Disrooters. Hopefully all data will be moved without you even noticing it. That said, if you keep any important files on Nextcloud, during this period make sure to have an additional backup handy.
With new hardware at our disposal we can now focus on performance improvements, which is what we will be busy with in coming months.
As the platform grows so is the responsibility for delivering services to all of you without issues caused by broken, untested rollout of new features or code updates. "We test in production" motto is something we no longer accept and so we are working on workflows that minimize possible issues. One of the things we have already introduced last year is Maintenance windows. Every second Tuesday we roll out updates we work on prior. This has provided us with workflow giving a pulse to Disroot work. Additionally allows us for better planning on priorities and an overview of upcoming routine maintenance work. For you Disrooters, it provides insight into what is being updated as well as checking the past improvements via the changelog page. To further improve the testing prior deployment we have moved from virtual machines environments on our local workstations and instead we have invested into small, physical desktop machines hosted locally in our houses running a very similar setup as the one on Disroot servers. After initial work in setting up, updating documentation (also something we are taking more seriously now) and knowledge transfer, we can prepare changes on our local machines, test on each other's before the update landing on Disroot production servers. Although still far away, it does bring us one little step closer to a situation where we would be able to provide the possibility for anyone out there to spin their own Disroot like node. After all we are now running three independent Disroot nodes already.
Phasing out TLS1.1 - Time to phase out TLS1.1 has come long, long time ago. But each time we do it, we get someone complaining that their old device no longer works. This can't go forever and so 1st of July, we are phasing outy TLS1.1. Please consider upgrading your software (or hardware) if you are affected by this (Android v4.4, windows XP etc).
We have brought back app dashboard under https://search.disroot.org / https://apps.disroot.org which was missing since we have moved from Searx to its fork called Searxng
We have improved the color palette for our custom themes (specially dark) which we will work on to roll out on all services providing more uniform experience on entire platform
Lacre - @pfm has managed to fix the bug which initially prevented us from running Lacre alpha tests on Disroot. It was quite a battle. Dragon has been slayed opening the door to the Disroot test again. Expect announcement about upcoming test of end-to-end mailbox encryption on disroot soon.
Oh one more about Lacre. @wiktor one of the prominent developers of Sequoia has pushed to Lacre initial support for it. Sequoia is a more secure, robust re-implementation of PGP. We are very happy and thankful to @wiktor for his work!
Hi there,
This paragraph was originally about the fact we wanted to stay more consistent this year and send out DisNews on regular monthly basis. There would be nothing wrong except for the fact that, for some unexplained reason, this blog post draft was waiting to be published for over two months. So much for improvement...
On positive note, we still have couple of months left in 2023 to improve that. Here's what we've been up to.
New year brings new energy and new ideas. We decided to start the year by doing some early spring cleaning. One of the things we would like to focus on this year is making Disroot a more unified platform. Very often, services double-up some features, leading to either under-developed products or splitting community into smaller niches. This in turn requires extra maintenance labour and often results in unpolished and abandon-like state.
Taiga is one of such services. For years, Taiga served as a good alternative to project management board. It is a great tool for software related groups offering all the best SCRUM and Kanban can offer. However since few years there are good alternatives that better suit our userbase (and ourselves). Taiga is great but it's meant for professional development teams. For simple Kanban boards or todo lists, Nextcloud's Deck and Nextcloud's Tasks are better suited and for all dev related boards, Forgejo's issue boards are sufficient enough. On top of that, considering that our Taiga instance has been used by just a few people in the last years and recently that number has further declined, we see not much point in keeping it alive. The resources can be better spent elsewhere. And so, we have decided to kill Taiga on the 1st of July 2023.
Forum has always been a miss project. The main idea behind it was to provide users with a platform to create their own small public and private discussion groups. However due to software limitations this appeared to be very hard to implement and required hacky feature that never properly took off. Apart from a few private groups, the forum was mainly used as a support place for Disroot. This was not the intended purpose of the software. However, even for this use case, it has not worked good enough. It did not get much community involvement to help others with Disroot related issues (most of the active disrooters hangout on chatroom and Fediverse), it created yet another place for us, the admins, to keep an eye on and reply. To end this, we have decided to provide at this moment two contact points for support/feedback:
By email - more private way to reach us with your issues
Git Issue Board - where you can follow up on current developments, leave feedback, share issues, suggestions, etc. This board is public for anyone to see and follow.
So as of now, you can no longer view subjects on Discourse nor create new accounts. We're thinking about a replacement service to suit the idea of self ruled community discussion board service, but haven't decided yet which way to go. You'll most likely hear from us about this soon.
Last service we are planning to shutdown is Snappymail. For several months now, we've been offering two web based email clients. One is Snappymail, which some of you are more familiar with if you are an old school disrooter (reachable on https://mail.disroot.org/ ) and one called Roundcube, available on https://webmail.disroot.org being our default webmail for newcomers for some time now. Providing two web mail solutions allow all users to easily and smoothly switch from one to the other, and also helped us polish the replacement. So far, we're very happy with Roundcube: it integrates fine with Disroot's Nextcloud instance, so all your contacts set in Nextcloud are available in your webmail; has a good filters feature (which is important for many users) and for those that want to encrypt their emails, it also works fine with the Mailvelope webbrowser app. You can check the howto here. So the time has come to settle on one webmail solution. On the 1st of June Snappymail will go offline for good and Roundcube will be the only solution for everyone. For those on Snappymail that haven't made the transition yet, please have a look at tutorials on migration.
If we say we will provide onion services you don't have to remind us every five years :). Yes. Finally here. It's one of the first requests that for some reason was pushed down the todo list over and over. Time has come to get to it and we have landed first portion of onion addresses. Currently most of web services have their onion address (autodetected on your Tor browser also). Next up are things like XMPP and email. Let's hope it won't take another few years.
Time and again profit gain greed destroys everything. Gitea, the version control software we provided at https://git.disroot.org some months ago became a commercial for profit entity. The idea behind this decision was to provide proper stable financial base for the core development team. And nothing would be bad about it and we would support this move 100% as we think people putting their time, effort and love to open source projects should be financially compensated for their work for the benefit of us all (this is why we try to share the surplus of our donation to those projects). However, very often the decision to pivot in direction of monetizing the project are just done bad, and story of Gitea is unfortunatelly one of the examples. In short, Gitea core team announced the creation of new for profit company and seized all assets (including the name, logo, etc.) without prior community consultation. Since Gitea as a project was not only developed by the core team but larger community of contributors, people felt betrayed. This was the reason some of the involved members decided to fork the project and create truly community driven derivative of Gitea called Forgejo. And, so we have decided to follow that notion and support them by switching our instance to Forgejo. You can read more about the whole situation here. Power to the People!
We wanted to also do a quick reminder about Disroot's account password. Lately, we've been receiving a lot of questions and requests from users who lost their password. It is necessary to remember that passwords and accounts are users' responsibility. Since we don't ask for more information than is strictly necessary for the operation of the service, we have no way to determine whether you are the legit owner of the account and therefore we never reset password for users. This means account can be lost. So here are some suggestions.
First, the best way to keep your password safely is to use tools like password managers (KeePassX, KeeWeb, QTPass, Pass or Bitwarden). They are life savers.
Second, if you still lose it for some reason, you could reset it by going to https://user.disroot.org. BUT you can do this only if you have already set:
So, if you want to be safe, don't hesitate to go to https://user.disroot.org to set those. Here you can learn how to do it (https://howto.disroot.org/en/tutorials/user/account/administration/ussc)
]]>Hi there,
Almost the end of yet another year. We would like to wish you all Happy Solstice, awesome new year celebrations and great, amazing and incredible 2023!
Here are the highlights of the past month and a half on Disroot.
Previously we have announced the purchase of new servers for Disroot. These new hardware will be replacing our current servers which have already reached the end of their life span long time ago so it's about time for upgrade. Since such operation takes quite some work, especially to minimize downtime, we have decided to replace one server at the time. On 13th November we have replaced the first of them. Roos has replaced the server (Nelly) responsible for handling all databases. It's a real boost in hardware performance and although we still have some optimization work to do, you can already feel the difference. The new server will allow us to further improve performance as well as add more services.
We are very pleased to announce that our work on Lacre (our end-to-end mailbox encryption project) has reached version 0.1 and is almost ready for proper battle test on Disroot. As you know we have announced open beta tests few weeks earlier. However, due to a bug we have noticed during closed alpha tests on Disroot server (yes we did already implemented it on Disroot but it had been disabled since), we decided to postpone it until issue is solved. @pfm as well as some of the community contributors are working hard to reproduce the issue and find a solution (special thanks to @darhma, @Onnayaku, and @l3o). The bug is a very nasty one to solve because it's hard to reproduce, and @pfm has been loosing his mind over it. He's been working tirelessly and he's closer to finding the solution. This means soon we will attempt to test end-to-end mailbox encryption on Disroot, and perhaps set it permanently. If you are on Fediverse, give him some love!
One of Disroot's pillars is to support federated services. Federation creates decentralized network of service providers allowing users to interact with one another even if hosted on different servers. One of the prime examples of federated service is email. Users on Disroot can send emails to any other user hosted elsewhere (eg. tutanota, posteo, riseup or even corporate ones like gmail or yahoo). There is no central owner of email service, and thus all providers have to cooperate with each other and allow intercommunication. No one can imagine having to create separate account on Disroot, gmail, and hundreds of thousands of other services to communicate.
Since the dawn of Disroot, we were providing a federated social network. Since 2020, we have searched for new social network platform based on new interoperable protocol called ActivityPub. We have tested number of services like Hubzilla, Mastodon, Pleroma and at the end settled for Akkoma. Akkoma is a fork of Pleroma software but what's most important it is compatible with the entire ActivityPub protocol family. ActivityPub is a network protocol allowing multitude of services such as microblogging, video hosting, file sharing, etc., to communicate with each other. This means that not only users can communicate with other Akkoma users, but can communicate with the entire Fediverse. Fediverse is a network utilizing ActivityPub protocol and allows intercommunication between different platforms like for example Mastodon/Pleroma/Akkoma (microblogging like twitter), PeerTube (video publishing like youtube), PixelFed (photo publishing like instagram), and many others. Imagine having instagram account, interacting with facebook post or commenting on reddit without the need to leave instagram nor having account on reddit. ActivityPub is very rapidly growing protocol with all sort of new services emerging.
We would like to invite you all to our microblogging fediverse instance called FEDIsroot This is our first embark onto the network and we will be providing more fediverse services in the future. Our Akkoma instance is working fine, though still has few issues here and there we need to solve in the coming weeks (for example usernames with dots are not accepted due to an issue we are working on solving). If you experience any issues with fe.disroot.org, have feedback to provide, etc., please use our communication channels (listed below) to let us know. Your feedback, especially for young service such as this one is very important.
We would like to wish you all amazing 2023 \o/
]]>We are sorry to inform that we have decided to postpone this weekend's Lacre test on Disroot. Last weekend, we have unofficially run Lacre on Disroot server. Since all email traffic passes through Lacre regardless whether user uploaded their public key or not, we could observe how Lacre would perform. We were very happy with the results, both under normal everyday "plain text" load as well as when stress-testing with generated encrypted traffic, Lacre performs superb and we are confident it will have minimal impact on server performance. However, thanks to running Lacre in ordinary traffic situation, we have found number of issues we would not find otherway. Although most of them have been addressed and fixed (pfm for president \o/ ), there is one issue, we have not managed to address yet. Even though the bug affect rare cases, we do not want to risk issues in mail delivery, especially when it may also potentially affects users not participating in the beta tests.
So with hard feelings, we have made the decision that it is better to focus on ironing issues out, especially the ones we know about, and announce new date once we are ready. We would love to enable Lacre to all of you (and us) right away, but it's important to provide the best experience possible. We are very close to achieving that, we've waited for years so few more weeks aren't that bad.
Sorry for that and let's look forward to new beta or even Lacre's permanent appearance on Disroot. For all those that do want to check things out and play with Lacre, you can always join our chatroom and ask for a test account. Check our project's website on https://lacre.io.
]]>Hi there,
As you know, for the past months, we have been busy with Lacre. Open source, GnuPG based mailbox encryption software. @pfm has been working like crazy exceeding the initial plans and bringing the project to the next level. We have now reached milestone allowing us to finally battle test it on Disroot. Our dream is coming true folks. This is why in the weekend between 4th and 6th of November we will enable Lacre on Disroot mail server for open beta testing for everyone interested. The objective of this test is to see how Lacre will behave at scale and realistic load scenario. Additionally, we would like to gather user experience feedback. This will allow us to iron out all possible issues before we add Lacre permanently.
Here is some important information about the event. Please read it carefully before you decide to participate.
This test is directed at those Disrooters familiar with GnuPG mail encryption! - Once you enable Lacre on your Disroot account all incoming emails will be automatically encrypted for your email address with supplied public key for the duration of beta tests. If you don't know what you're doing and lost us already, please do not join the tests or you may loose access to encrypted emails. Keep in mind you can always use your @getgoogleoff.me and @disr.it aliases.
Lacre encrypts only current incoming emails. This means it won't encrypt your entire mailbox so you don't have to be afraid about emails sent prior the moment you setup your key with Lacre.
In case the mail server becomes unstable, causing outage or in any way impacts the operation of the server, we will terminate tests concluding, we need much more work before it is stable enough and move back to the drawing board. All of you who would like to further help with testing, can reach out to us to get access to our test server where we continue to work on things.
Resetting your key in case key is lost does not currently work properly (hence you should know what you're doing). However since it's just testing you can always reach out to us for help. We can still reset encryption however we wont be able to decrypt emails.
We are looking forward to this event and can't wait for results. No matter the outcome, we are already happy and proud that the little idea materialized and is so close to completion. Big thanks to Pfm whitout whom we would not get that far, and to everyone helping along the way. Special thanks to NLNET who's financial aid helped a lot Lacre and ton of other projects (https://nlnet.nl/project/).
Keep your fingers crossed. Set a reminder, check the page and join us on 4th of November!
]]>Hi there Disrooters,
Been a while since you heard from us. The blogpost we have been planning for July got very much delayed. This was due to the fact we had to take care of some personal things as well as resolve some of the most pressing server issues that made it impossible to release planned features. Thankfully this is behind us and we are back on track. Below we would like to present to you summary of last three months of work.
So let's get to it. Here's what we prepared for you.
Some of you who decided to link their custom domain to our mail server, have been requesting this feature. It allows you to receive all emails addressed to your domain even for addresses that don't exist. After much anticipation, we have finally managed to make that happen. And so, everyone with their domain linked to our service can now enable or disable the catchall feature by updating your account's settings at https://user.disroot.org. This was also a reason we have not process new domain linking requests, so if you have applied for one, we will have some good news for you in coming days.
Our beloved Searx instance has been pretty much unusable for quite some time. We have been trying to find a way to improve the situation but we could not find a solution (perhaps lack of time to dedicate to the issue is to blame or lack of expertise). While trying to fix the situation, some Disrooters have pointed us to a recent fork of Searx called SearxNG (due to internal conflict within the development team some of the people decided to leave and start their own project). We have decided to try it out and see whether this will improve the situation. To our surprise, apart from UI (user interface) improvements, our SearxNG started providing results. We are very happy with this change but we have still not made our decision, whether to stay with SearxNG or go back to Searx. As much as we enjoy the improved UI we want to investigate the situation better to make best decision possible. Searx has been with us since the beginning and we very appreciate all the work asciimoo (author of Searx) so that decision needs more thought to be put in.
In our last post, we have announced our decision to move SPAM automatically to Junk folders. Recently we have loosen some of the spam prevention such as RBL list checks, greylisting and number of other checks that were straight up rejecting suspicious emails. We wanted to give more decision power to Disrooters to handle their email. This naturally leads to increase of potential SPAM emails. To help combat the increasing amount of SPAM, we have ordered our anti-spam bot to autolearn what is SPAM and what is HAM. Choosing autolearn option allows us to improve spam autodetection. In order to response to false positives where legit email got marked as spam, we urge you to forward such email (or at least it's headers) to ham.report@disroot.org email address. This will allow us to tweak the settings so that legit email does not end up in Junk folder. Additionally we have created an email address where you can report email that should be marked as spam (spam.report@disroot.org). With your feedback, we will be able to strike the balance in the war on spam and improve the situation for everyone.
Do you remember when we announced migrating to Roundcube back in 2020? Well, that took a while, but after a bit of delay it's finally here. Our new webmail is ready to be used. You can reach it under new url at https://webmail.disroot.org Give it a try and help us with feedback. We are aware of some rough edges and we are sure there is much more to discover once more people start using it. For the time being we provide both SnappyMail as well as Roundcube, but eventually we will stick to just one solution, which we hope will be Roundcube, however we don't want to close all the doors yet. What is particulary interesting is that Roundcube is syncing automatically with your Nextcloud contacts. To learn how to migrate your contacts from snappymail (current webmail) to Roundcube or Nextcloud, check the howto's baked by @fede
As the global inflation is on the raise, we have decided to increase the limit for files uploaded when using our xmpp chat service from 10MB to 512MB! While doing that we also decided it makes sense to make file retention and chat history equal and so we set it both to 1 month.
Do you want some disroot swag? Were you dreaming about putting that awesome disroot sticker on your laptop to show everyone you are using service that no one heard about? XD For a while we wanted to provide some merch for all disrooters and while we are waiting for @muppeth and @antilopa to build their shirt printing facility and be able to self produce shirts, we decided to start with sticker packs. And so, we present you the first disroot sticker pack. The idea is simple. Donate at least 10 euro and leave address where we should send you the stickers to in reference of your donation. We plan to change designs everytime we order new batch of stickers to make things more interesting.
That is it for now. We are planning as always big things but we won't jinx it. Let's hope for more regular news from now on :P
Cheers, enjoy yourself and stay safe.
]]>