Fellow users!
In order to increase security of user’s accounts, while also ensuring
the privacy for users, we are going to be changing how we do account
recovery.
For new users, at account creation time, we will be writing the file out
that contains the email address used at creation time. The file will be
located at:
~/.thunix/recovery
This will be the only email address we will accept, or send new
credentials to. Users are free to remove this file at any time (We will
never re-create it), or to change the contents from an email address, to
a passphrase.
If we see a non-email address in there, we will accept the passphrase as
proof of identity. You can even combine them!
So, your ~/.thunix/recovery file could contain:
ubergeek(a)thunix.net or "I really love Mountain Dew!"
Or:
ubergeek(a)thunix.net
Or:
I really love Mountain Dew!
It is not intended to be machine readable, and the only time an admin
will look at this file is if we get a request for credentials reset.
If this file does not exist, or is empty, we cannot accept credentials
changes. This is to ensure your account doesn’t get taken over by
another party.
Please, create this file at your earliest convenience. You can do it
like so:
mkdir ~/.thunix; echo "email(a)example.com" > ~/.thunix/recovery; chmod 600 ~/.thunix/recovery
--
There's no place like ::0
State of the Thunix - Janurary 2020
===================================
Well happy new years to all you Thunixers! Hope 2019 was a blast.
Thunix.net is officially over 1 years old this month! We've had some
great times this year, and have some seen some awesome improvements:
- We started off on a tiny Digital Ocean Droplet, and moved to a
dedicated server
- We've implemented a Continuous Integration/Continuous Development
system for our website, man pages, gopher site, and system ansible
playbook.
- We offer:
- Basic web services, like page hosting, email accounts, etc
- VHosts if requested
- DB's if requested
- Rather liberal storage, RAM, and CPU usage guidelines
- Our services are encrypted via TLS whenever posssible (Email, chat,
website)
- We have a Tor Onion service for all services
- Multiple open source projects have had their births here
- We've iterated through **three** major software versions for our
website
- We now have a community wiki
And tons more. This is all largely thanks to you, the community that,
and our admins Naglfar and Fosslinux (aka Fossy). Our goal it to
continue to tightly focus on building the community of users here, and
to make the system more privacy focused, and secure. To make it a better
place for you, and a safer place.
At the close of the year, we will be re-doing some of our policies. No
major deal breaking changes, but more or less making official some of
the things we do, and being even more open and transparent, which is our
goal.
We've always tried to remain as transparent and open as possible, but we
also recognize that we can always do better at it.
Namely, our terms of service will get cleaned up, and some additions
made. The privacy policy will be getting reworked as well, to be far
clearer in what we do. We will also be considering adoption a separate
"Code of Conduct" for community members.
That being said, last week, we implemented a third party email
monitoring service. NO. They do not get your emails, and scan them. We
would never even consider that. But, our deliverability reports are sent
to a company called "Postmark." They aggregate our DMARC reports, and
send us nice reports. They do not get any of your personal information,
but we most certainly want to be open about when we engage in third
parties for our data analysis. When we can, it will be replaced with a
open source tool, but that requires us to write one, because at this
time, none exist.
So, all that: I'm looking forward to a great 2020! We will keep growing,
and maybe the US will come out of it with a sane president, instead of
the current dumpster fire :) Cheers, and excited to have you all aboard
for many more years to come!
Your sysop,
ubergeek/ub3g33k
