Jan 3, 17 / Aqu 03, 01 10:59 UTC

Re: Asgardia exclusive email addresses  

Well, you don't need it. If you had need for secure email services, you'd already of done something about that a long time ago, email is nothing new. It would however be nice to have.

As previously specifed, the largest barrier will be the storage space for the user's inboxes, which again, at current population levels, and to be using the 8TB HGST drives because they're slightly cheaper than the 10TB ones(and larger tested for reliability) we're still looking at over 350 of them to provide just a poxy 5GB of inbox per user - 2.75PB(petabyte) of storage. To assume the HD's will sit in a standard 4U blade, and to select a model you can cram 60 HD's into a blade(more common to see numbers like 24), that's then another 6 nodes that need hosting(purchase fee of 350 HD's, purchase of 6 blade chassis, purchase of 6 motherboard, potentially requirement to buy 6 sets of networking hardware, likely to require additional RAID cards per unit as one-off fee, then the monthly cost of powering and keeping connected to interwebs) - to assume each chassis costs about $200USD(likely more), each motherboard & CPU to be about $250USD, about the same for the RAID card(s) in each system(assume the front panel splits into backplanes, allowing to fit 5x SAS drives to a single cable, and the RAID has five slots, you'd need three RAID cards per 60 bay chassis, 18 total) making the cost in obtaining the HD's alone $122,500USD, and requiring about $126,700USD total just to buy the hardware - Then there's likely setup costs at the datacentre(we could do with our own one of them, too, ideally more than one) and ofc fees to keep all that powered, cool, and connected.

That is a significant startup fee. However, we have a lot of citizens. To divide that fee equally across all citizens would reduce that number to $0.23/head - which is much more manageable. This ofc doesn't cover the (likely monthly, I prefer to pay for such yearly where companies support) hosting fees. Hetzner, the folks hosting the server used for this site would be able to host them for €167,23/month each(plus €167,23 one-off setup fee) which would be the largest headache. So for about $0.50USD/head we can buy all the hardware, manage the setup fee and keep the hardware online for just over 12 months. I'm not sure if these racks would be in a secure cage(ideally potential of this should be monitored, to indicate if it's being cut into to bypass the lock and on detection of, nuke system contents. Should be able to build something that can do this for about £10/unit. Likely less).

A one-off fee is possibly something many would happily sign up for, but the regular expenditure is another thing. As the yearly running costs are less than $1/head, it's likely most would agree to this too - but it's starting to hit the realms of requiring some form of (even voluntary) taxation. Something I would be eager to avoid if possible. it also doesn't cover events like hardware failure(tho the Hitachi 8TB HGST's do have a good failure rate, but like any other drive, they do fail. Large stocks recomended). It also doesn't cover backing up this much data, which would be irresponsible not to do and require at least three times as many HD's(to follow industry standard Father, Son, Grandfather rotation pattern, and three times that to rotate thusly in a daily/weekly/monthly pattern, and three times that if you'd sensibly store backups in local firesafe, and two geographically remote firesafes) and will be a time cosuming process just swapping drives to write backups to, and putting the written ones into the firesafe.

Also about now, we are not desperate for Email services. What we are more in desperate requirement of (IMHO) is collaborational tools. That same hardware could be used to give users a 5GB storage qouta and provide us with "multiplayer software" so we can collectively work on the same part of the same project at the same time. Ofc, there's nothing to say this hardware cannot fulfill both roles sharing the 5GB per user between their email inbox and their filespace.

  Updated  on Jan 3, 17 / Aqu 03, 01 11:00 UTC, Total number of edits: 1 time
Reason: typo

Jan 4, 17 / Aqu 04, 01 18:37 UTC

EyeR,

I'm the assistant facility manager for a colocation data center in the US. Perhaps we can talk leadership into an arrangement.

As for storage, we can always oversubscribe more space than we actually have. Not possible all 500k users will ever use all 5 GBs. Especially not right away. We could probably get away with 1-5% to start.

Jan 4, 17 / Aqu 04, 01 20:31 UTC

@JimWebb, you're right. Also we could think of initially having boxes of much smaller capacity and then expanding them. For example, for 95% of people a box of 700MB is more than enough, at least for about 4-5 months.

Jan 5, 17 / Aqu 05, 01 04:40 UTC

Asgardia is not Google. I am a UK citizen, but do not use or need a UK government email address.

Only Asgardia staff should have Asgardia email accounts.

Jan 5, 17 / Aqu 05, 01 21:12 UTC

You're right. Asgardia isn't Google. It shouldn't try to be, Alphabet either. Or any other shady firm. However, there's legitimate cause for citizens to have their own email address: independant(of Earth) communication infrastructure. We need more than that, clearly, but it's a start.

Smaller inboxes are a potential solution, oversubscribing is not, it's a rediculous concept typically associated with greed and assured to generate problems at a later date. Who do you work for? I don't commonly place things in the US, certainly nothing with "sensitive data" - I just want to make sure to avoid them and their poor practices. 700MB isn't really overly considerable, rapidly filled if used to interchange various things like media of things operating, blueprints and 3D models, datasets, sections of source etc. However, a set of collaborational tools would allow one copy of that document to exist for all users...

Jan 6, 17 / Aqu 06, 01 16:07 UTC

As a technology and communications consultant, I would like to comment that email is not the communication platform of the future. Email, which has a habit of being used as historic archive, with plentiful copies of the same content and copies of complete threads, is soon to be taken over by Facebook or Yammer like concepts, where threads are formed within a group of people. People can either be added to or removed from a discussion. I do not think we should want to introduce technologies that are on the way out. That said, having separate identities for every citizen sounds like a perfect plan. Just do not refer to them as email addresses, but rather identities.

Jan 6, 17 / Aqu 06, 01 18:31 UTC

@EyeR, exactly, we must use a collaboration tools to all our government. So I think in this case 700 MB is enough.

@dbarto, Maybe we can analyze tools like that "slack" (for example). https://en.wikipedia.org/wiki/Slack_(software)

Jan 7, 17 / Aqu 07, 01 01:42 UTC

I don't think anyone had suggested that email is the communications platform of the future(tho, about fourty years later, it's still going strong) simply that it's a feature that would be "good" to exploit. Email is far from "on it's way out", just like "snail mail" is still utilised and still as "popular" today as ever. I don't recall email having "threads" - Newsgroups used to, organising replies to threads inside topics nicely into trees but that's not quite SMTP, and that basically evolved into "forums".

Concepts like yammer and facebook errode all rights and control of the conversation itself from the participating, and have history for unethical use of the data raped from the simpletons unable or unwilling to understand the terms and conditions provided by the service, I don't think in any manner they are suitable for comparison to anything we should establish, other than a "how not to" manual. They really can't be considered "new" technologies, as they leverage principles(and in some cases, even protocols) decades old. The only thing "new" about them is the backend abuses of the input, which mostly relies entirely on the users not knowing any better, and speaks volumes for it's users.

"Old" isn't always "bad". It's well tested for a start. A lot of problems solved, few - if any - remaining. A good example of this would be XMPP. It's nothing new, used by google for gtalk(as an isolated deployment), doctored and neutered of all security features or usability then deployed as whatsapp, the basis of jabber... and many more, forming an unadvertised backend to many things. Being open source, XMPP should be trustable as a protocol, and it has repeatedly proven itself resilient against assault. Clients existing on almost every platform and being able to trivially include in a web page it allows for optimum acessibility. Additional(optional) layers of GPG/PGP and OTR - on top of the native SSL/TLS - can both assure privacy and authenticity of the remote user. Able to support text/vid/voice/files - anything you can cram into an XML stanza - it's incredibly flexible and can support almost any uses the future brings need for. Suitable for use as 1:1, 1:many, and many:many comms, not isolating you to the connecting server(settings dependant) - resulting in distributed operation - There's not many reasons to not use it, really.

There's already "seperate identities" for every citizen. Refering to them by "email address" would be a lot easier for most users, being unable to recall the 16-digit number easily. Also, the less places this ID is used by the user, the better. I would personally favour something more sensible, like X.509 (which every user should be able to deploy now,) or PKCS 11, which would require most users to obtain additional hardware. Even GPG/PGP keys would be a good start. As previously mentioned, ideally such things would be embedded into something like the user's passport, and only rendered usable on entry of passphrase to assure both authenticity and authorisation.

I really think 700MB is going to be inadequate, even short term. 5GB isn't really suitable, long term. 1TB of shared space for the collaborational tools output with strict AuP and mercyless enforcement would work(by my reckoning) purely for the "doing Asgardia things" but I was under the impression that the email was wanted for personal use, and thusly I would expect it to rapidly be filled with 500,000 copies of the same amusing cat video, or a dog in a hat - Send this to twenty people or my parrot dies - and other cancer as multiple 'tards simply try to make it an extension of FB. Things like being regularly emptied or well maintained cannot be assured, so naturally should be countered with increasing space. Even "legitimate" use - provisions of datasets from experiments etc - will rapidly fill 700MB.

Jan 8, 17 / Aqu 08, 01 04:59 UTC

what about IRC?... that is super old and very effective... im actually using "discord" lately for conversations... just until Asgardia has PM and group chat available.

Jan 8, 17 / Aqu 08, 01 05:12 UTC

ok, email POP3, load your own HDD and free up the server... done. if you want to archive it elsewhere just forward it to your gmail or whatever account... unless you dont want it to get hacked... then you wont use mainstream email clients anyway. TOR? nope, exit nodes are bad. pay for a VPN service running on a Stockholm based server? sure, but are we really that paranoid? maybe, it depends on what we are playing with right? double 128 bit crypto? p2p? skype?

Jan 8, 17 / Aqu 08, 01 06:55 UTC

POP3 isn't clever, especially to users of multiple machines. POP3 was perfectly fine for most users in 1984, but there's a reason why IMAP was even developed let alone widely adopted. It would only still store emails on the server, the deleting on retrieval part is optional - and due to the issues this can cause should be disabled - in cases where users are unlikely to frequently check and or maintain their inbox, then it's unlikely to provide for an effective solution.

Mainstream email clients are not the main reason email services tend to fall prey. It's most commonly unsafe practices taken by the user that literally hand over access. No client side deficit should allow to mitigate serverside security save for allowing third parties access to the authentication details.

TOR, not taking into account it not being email, is possibly best something avoided if possible for a variety of reasons. A VPN - also not email - is a more sensible solution to the problem most people think TOR is intended to solve, and you would want exit nodes in more places than Stockholm to provide a usable service.

I'm not aware of any open source P2P email solutions. Generally tunneling data that may contain "sensitive information" is most sensible to transfer through the smallest number of random third parties as possible. Preferably 0.

Skype, also not email and providing for third-party on-demand transparent forwarding of the desktop, filing system, keyboard, mouse movements, gestures and clicks, microphone, camera, and a lovely list of exploits stored server-side to unload, is something I hope you included to inject some humour, because I laughed when I read it. "solutions" that "monitor" use and collect conversation data should not be considered options.

Double 128-bit crypto, on what exactly? What cipher(s)? 128-bit sounds alarmingly low, too....

QQ I have little experience with, but considering it's popularity in china, and the way their government hasn't attempted to outlaw it, it's highly likely to introduce as many if not more defects than skype and additionally hand over all conversations to the chinese government.

IRC might be old, but is also another example this not reducing from it's effectiveness, however, it attempts to solve a slightly different problem to email. It's also commonly heavily targeted for a wide range of abuses, and many ircd's are not that great at standing up to some abuses. XMPP would be a "better" solution doing everything IRC can do, and bringing more features to the table in the process. It would be able to be trivially implimented with a web portal, or standalone clients on user's devices. Unlike IRC you are required to authenticate before it even lets you on the server, and web-based implimentations of IRC are traditionally somewhat lacking.

Jan 8, 17 / Aqu 08, 01 08:29 UTC

Mail nation should use only government agencies and ministries. Ordinary citizens do not need such a post.

Jan 11, 17 / Aqu 11, 01 22:10 UTC

I don't understand the need to specify a country in an email address. Is Asgardia a nation or is not? I'd feel more comfortable with [alias-of-own-choice]@[asgardia.com]. I think that keeping out the first nationality would help to build a more genuine community, avoiding the stress to overcome biases and stereotypes of any kind.

Jan 12, 17 / Aqu 12, 01 13:29 UTC

i dont see it as priority but it is useful. i suggest a platform like Facebook for the asgardia Forum... it is more important.

Jan 12, 17 / Aqu 12, 01 13:29 UTC

i dont see it as priority but it is useful. i suggest a platform like Facebook for the asgardia Forum... it is more important.