Hey you! Host something!

Following on from my previous post, about many small "pubnix" systems

being better than a few monoliths, and about spreading your services

out across many providers to minimise the burden represented by

walking away from communities gone bad: if you are interested in "all

this stuff" and you want to do something concrete to make the online

world a better place, I think the single best thing you can do is to

host some free service - webspace, gopherspace, email, XMPP, Mastodon

whatever. It doesn't have to be the most professional, reliable thing

in the world. But do your best (you'll learn a lot) and most

importantly just don't be evil. The big companies have set the bar

very low here, it's not hard to do a better job. The more community

offerings there are, the easier it is for people to spread themselves

around.

Doing this is easier than ever before, thanks to cheap VPSes (and, of

course, dedicated free software authors who have spent decades build

kick ass tools), but there's still a big psychological barrier. Often

the biggest concern is not wanting to deal with potentially bad users.

People are, perhaps rightly, scared about offering shell access,

because their users might try to hack the server and cause mischief.

People are, pehaps rightly, scared about offering email because their

users might send spam. These risks probably put a lot of people off

who would otherwise give this a try. Here are some tips to take the

edge off:

Regarding webspace and gophespace - you can do this by giving your

users very little access to the server. You do not have to give

them shell access. In the old days, this was achieved using FTP.

Nowadays, you can do it with SFTP. The OpenSSH server has options so

that you can configure users in a particular group to only have sftp

access (this is how the Zaibatsu works, at least initially). This

doesn't even use a potentially exploitable user shell to launch a

potentially exploitable third party SFTP server. There is an SFTP

server built right into the OpenSSH daemon. Frankly, there are few

teams you can trust more than the OpenSSH devs to deliver secure

software. This is a very secure way to offer somebody access to a

home directory that you can then serve. Make the home directory

non-executable, and use a server that doesn't support CGI or anything

else like that: static content only. This is a very low risk hosting

operation that you should not lose sleep running, but people can

still do great things with it.

Regarding email - I think an interesting idea that I've never seen

before to is to offer a kind of restricted email based around

whitelists. I've been considering trialing this at the Zaibatsu,

where email is currently local only (precisely because of not wanting

the hassle of filtering incoming spam, or having to deal with spam

coming from users I gave shell access to but should not have, plus the

hassle of ensuring deliverability to receipient mailservers run by

admins who are very suspicious of people not using Gmail). It seems

like it would be pretty easy to use a combination of Postfix settings

and firewall rules to provide a pretty strong guarantee that email

will only come in from and go out to specific other servers - say SDF,

Grex, and the tildeverse servers. This is obviously a lot less useful

than full blown email, but I think it's also a long way away from

being useless. Most of the people I converse with under my solderpunk

pseudonym are members of some pubnix or another. An email address I

could only use to talk to them would still be somewhat valuable. The

big bonus compared to offering full email service is that such a

system is a very unattractive target for spammers to abuse, because

99.99% of the email addresses on their spam lists will be at Gmail or

Hotmail or Yahoo and they will not be delivered, and is very unlikely

to receive a lot of spam because, hopefully, most pubnixes are

sufficiently well run that their users cannot blast spam through them.

If problems do arise, they can hopefully be sorted out by quick,

direct communication between fellow admins.

So, there are ways to offer "lite" versions of many services which

reduce the risk of offering free hosting much more than they reduce

the utility of the service. So what are you waiting for? Host

something!