I’m a Sysadmin, and for me it’s a matter of honour NOT to read users mail.
The only exceptions in the last 20 years were when a user asks for my help, eg to restore specifically Mail-xyz… I need to see the mail to know the restore worked!
GDPR isn’t the non plus ultra solution, but living here, we have to abide by it as far as possible!
As to most users, especially youngsters: most don’t care a damn about privacy. The want plenty of people seeing and commenting their “selfies”!
Why would people use eg GMail - and quite a lot use it, not just because they use Android and are forced to register at Gmail!
Likewise (though in my case, my only users are family). But you have the ability, and there are reasons you need the ability.
Several reasons come to mind:
When it was first introduced, it offered 1 GB of mail storage, which at the time was a ridiculous amount. Now, it’s increased to 15 GB.
A nice, clean, snappy web UI–probably the best webmail GUI I’ve seen (don’t even get me started on Exchange)
As you note, most people don’t care much about privacy in any event
Even if they did, there aren’t many free email providers who are any better (ProtonMail is the only one I know of)
Even ISPs (who used to provide your email service) are (1) outsourcing mail to one of the big providers (Yahoo seems to be popular-- ), and (2) monetizing every scrap of data about you and your Internet usage they can.
So when there are limited options that are better from a privacy perspective (to the extent users care about privacy at all), barring running your own server, why not use the big one?
Should the husband be able to see the entire Whatsapp communication of his wife as a matter of course?
A good husband must also be a good administrator for his wife. That’s why I use Mattermost instead of Whatsapp. There I can finely determine with whom she communicates and with whom not.
This is an awesome discussion. Really! It shows the conscience of the sysadmins using NethServer. @capote: hat off for your mindset. I can identify with this completely.
I share your view that any admin should have the moral duty to stay away from others mailboxes. On my own server that I use as private mailserver, my family has mailboxes too. But even as a parent, I wouldn’t even think of starting searching in their mail.
And that’s where trust is coming in. As an admin you should be trustworthy. Yes, you can have auditing on to provide evidence you did not access certain files or directories. And you probably are right that as a sysadmin, with such powers, you should be given options to prove you are trustworthy.
Many thoughts are crossing my mind right now about where do you draw the line when ethical boundaries are being violated.
Not that it has much to do with this conversation, but even if you encrypt directories - e-mail isn’t usually encrypted, it’s sent as plain text and can be read in transit by anyone with access to the hardware.
The bigger problem is training;
I have to release messages for delivery that get stopped by policy for containing sensitive information. I get a notice of the message, but not of the content, other members of staff get the full message so they can determine if it can be released.
We were changing payroll companies a few years ago, the security compliance officer and the first officer of the company both sent me their copies of the e-mail that HR was trying to send out with its attachment of an un-encrypted Excel spreadsheet of every user in the company, along with their home address, SSN, account and routing numbers, marital status, etc…
People are stoopid, do stoopid things, and shouldn’t expect machines (or governments) to protect them.
Encrypt your messages yourself, care for your own keys.
Thank you all for your opinions and for taking the time to think about the subject. I can’t go into every single opinion, it would tire you out and some of it would be redundant.
Therefore, a few explanations.
i don’t argue because i have the GDPDR or other privacy regulations in mind or because i think i’m particularly law-abiding (i drive way too fast way too often…).
Even if (or especially if) I would live in China and not in Germany, I would argue this point of view because it comes from my innermost convictions.
I am convinced that especially the adminstrators discussing here resist any seduction of power. But I am equally convinced that this does not apply to all administrators. All administrators are human beings, all human beings know weak moments. This has nothing to do with blaming anyone. It has rather to do with the fact that also in the group of the administrators a representative cross section of the society is represented. Just the more or less common sense tells me: the spectrum ranges from the saint to the criminal.
in addition, some administrators (e.g. in a small owner-managed company) stand in a blatant dependency relationship. And do they really always have the strength to resist when the boss asks them to take a look at what Müller, Meier, Schulze have written?
I am not talking about the legitimate cases, which I gladly concede.
But don’t you think it would be a good service for the colleagues if they could retreat in such situations to the fact that it is technically impossible for them to comply with such indecent requests?
I didn’t want to discuss purely philosophically either, it was a very concrete, very practical occasion, as Andy knows. Precisely because I voluntarily administer a company server for someone close to me (don’t worry, I’m not a megalomaniac, I have professional help) , I feel (!) the need to protect myself from any suspicion or mistrust, although or precisely because my position of trust has never been in doubt.
But I have the biggest problems with administrators claiming rights for themselves that they would never grant to others (and therefore run their own server).
Why shouldn’t others have the same justified mistrust towards us that we have towards others? And if I think about OTHERS, I must necessarily think about myself and my role, and thus challenge myself. That is only fair!
My initial mistake in the first post was certainly that I spontaneously asked a technical question with a narrow view on encryption. But if we put this aside once, the question remains whether there would not be possibilities to protect ourselves in the role as God-father and with it at the same time our “customers” (even if it is only friends, partners, children etc…) and to strengthen thereby trust. And be it by logging, as Michel-Andre described it.
And that brings me to the last point: I’m not just making a flat feature request, but just because I “fell in love” with Nethserver, I think it would be great, if it would get an added value by supporting such privacy aspects even more. And just because some of the users have no sensitivity at all and mindlessly enrich Facbook, Google, etc with data, that’s not an argument for me to be mindless myself. I use PGP encryption myself whenever someone participates. But you are dependent on this cooperation and sometimes have to bite into sour apples like Whatsapp. And that’s why I’m eagerly waiting for the Matrix implementation in Nethserver
Thank you all in this wonderful communty and I wish you all a blessed Christmas!
I have had an occasion that I said I wasn’t able to access the mailbox of a employee. Technically I could, so it was my way to ‘refuse’ an order by a manager.
Precisely because I voluntarily administer a company server for someone close to me
I am in the same situation. I manage the company server (a NethServer install on a HP microserver) for a friend of mine. And that is based 100% on trust.
There is Hushmail. That is a securemailservice that exists at least for 20 years already.
But if you have NethServer running, Who can you trust more than yourself and just use SOGo?
With similarities to protonmail there was tutanota (and possibly other email providers). OpenSource but generally only the client part, if I’m not mistaken.
There were projects like Lavaboom and Lavabit’s Dark Mail (magma?), but I don’t know their status (alive/dead/in progress…)
A good source could be the next list but I guess most solutions would be for generic mail servers (not so full-privacy oriented):
), and (2) monetizing every scrap of data about you and your Internet usage they can.
