1 00:00:00,000 --> 00:00:11,440 Welcome to the NGI Zero podcast, where we talk to the people who are building the next generation 2 00:00:11,440 --> 00:00:12,440 internet. 3 00:00:12,440 --> 00:00:14,080 Hi, I'm Ronny Lam. 4 00:00:14,080 --> 00:00:15,940 And I'm Tessel Renzenbrink. 5 00:00:15,940 --> 00:00:19,960 We're both from NLnet, a foundation which supports people who are working on a free 6 00:00:19,960 --> 00:00:22,280 and open internet. 7 00:00:22,280 --> 00:00:26,240 Our guests today are Kirill Zholnay and Inex Code. 8 00:00:26,240 --> 00:00:31,640 Kirill is the founder of LoRaType, a text messenger device using LoRa radio to communicate 9 00:00:31,640 --> 00:00:35,280 so you can chat independent of the internet. 10 00:00:35,280 --> 00:00:41,120 He's also the founder of SelfPrivacy, the project funded by NGI Zero we will be speaking 11 00:00:41,120 --> 00:00:42,960 about today. 12 00:00:42,960 --> 00:00:48,160 Inex Code is the lead full-stack engineer at SelfPrivacy. 13 00:00:48,160 --> 00:00:53,400 SelfPrivacy is a free application that helps you set up and manage your self-hosted services. 14 00:00:53,400 --> 00:00:58,160 The goal is to create an accessible tool that gives everyone the opportunity to create 15 00:00:58,160 --> 00:01:00,160 their own self-hosted infrastructure. 16 00:01:00,160 --> 00:01:03,160 Hi Kirill and Inex, welcome. 17 00:01:03,160 --> 00:01:07,240 Hello everybody, how are you? 18 00:01:07,240 --> 00:01:12,440 If we talk about the internet, what are the key issues that you see today with the internet? 19 00:01:12,440 --> 00:01:19,440 Oh, I am mature enough to remember the internet in the 2000s. 20 00:01:19,440 --> 00:01:26,960 Back then it was academic and decentralized, not commercial and centralized. 21 00:01:26,960 --> 00:01:32,880 It was about sharing information and not controlling users. 22 00:01:32,880 --> 00:01:37,920 Big tech didn't track your every move. 23 00:01:37,920 --> 00:01:45,960 Today the biggest problem is lack of privacy and it's getting worse. 24 00:01:45,960 --> 00:01:54,640 On the bright side, the European Union has improved things with GDPR, but it's unclear 25 00:01:54,640 --> 00:01:58,360 how well big tech is following the rules. 26 00:01:58,360 --> 00:02:05,920 As a system engineer, I think even if you ask your data to be deleted, it will remain 27 00:02:05,920 --> 00:02:09,880 in backups and cold storage. 28 00:02:09,880 --> 00:02:14,960 There are also negative trends such as chat control. 29 00:02:14,960 --> 00:02:22,240 And how does SelfPrivacy contribute to addressing those issues? 30 00:02:22,240 --> 00:02:30,920 When ordinary users realize they are being tracked, they seek ethical services. 31 00:02:30,920 --> 00:02:38,560 Not so bad, they switch to another big tech company, maybe more ethical, but still centralized 32 00:02:38,560 --> 00:02:44,200 like Matrix, Signal, Proton, Tuta. 33 00:02:44,200 --> 00:02:51,320 In the best case, they discover open source self-hosting, but it's too hard to set up 34 00:02:51,320 --> 00:02:55,400 and maintain these services securely. 35 00:02:55,400 --> 00:03:02,360 Even for experienced IT professionals, we make self-hosting painless. 36 00:03:02,360 --> 00:03:09,560 Self-privacy's main goal is to enable ordinary users to own their private services without 37 00:03:09,560 --> 00:03:12,560 relying on big tech. 38 00:03:12,560 --> 00:03:15,120 And how do you offer this service? 39 00:03:15,120 --> 00:03:17,680 What does it look like? 40 00:03:17,680 --> 00:03:27,440 In IT terms, our project is like Ansible and Terraform combined into an easy-to-use app. 41 00:03:27,440 --> 00:03:34,280 Users simply sign up to the same service providers that professional system admins use. 42 00:03:34,280 --> 00:03:41,960 It's virtual server providers, DNS servers, and backup storage. 43 00:03:41,960 --> 00:03:44,120 SelfPrivacy is not a service provider. 44 00:03:44,120 --> 00:03:51,360 We don't have any information about or access to the user's server. 45 00:03:51,360 --> 00:03:54,640 We know nothing about them. 46 00:03:54,640 --> 00:04:02,200 Our application is basically a set of scripts that set up, configure, and update user's 47 00:04:02,200 --> 00:04:03,200 server. 48 00:04:03,200 --> 00:04:10,720 Okay, and so I was looking at it, and I really like the idea of having a lot of support from 49 00:04:10,720 --> 00:04:14,480 you to set up the self-hosting. 50 00:04:14,480 --> 00:04:20,400 And you tell me, as a system engineer, that you will not be able to see my data or my 51 00:04:20,400 --> 00:04:29,320 credentials, but how do I, as a non-technical person, know that it's true? 52 00:04:29,320 --> 00:04:36,160 You say you work with zero trust, but how can I verify that you don't know my stuff? 53 00:04:37,160 --> 00:04:41,160 Inex, do you want to say something? 54 00:04:41,160 --> 00:04:45,160 It's an interesting question. 55 00:04:45,160 --> 00:04:50,040 First of all, we don't have any access to your server. 56 00:04:50,040 --> 00:04:53,520 Our application doesn't send any information to us. 57 00:04:53,520 --> 00:05:02,760 While the server downloads from our server the configuration for the server, the module 58 00:05:02,760 --> 00:05:05,520 is to set up all the services. 59 00:05:05,520 --> 00:05:09,000 These are all the same for everyone. 60 00:05:09,000 --> 00:05:15,760 If you have the skills to check the NixOS code, you can read it. 61 00:05:15,760 --> 00:05:24,520 Yeah, so even if I personally can't check it, I can ask somebody who understands, who can 62 00:05:24,520 --> 00:05:27,080 read the code, to check it for me? 63 00:05:27,080 --> 00:05:31,720 Yes, like everywhere in the open source. 64 00:05:31,720 --> 00:05:40,080 You can remove our application and use your server without us. 65 00:05:40,080 --> 00:05:46,520 You can update your server manually if you want. 66 00:05:46,520 --> 00:05:49,280 You don't need SelfPrivacy for it. 67 00:05:49,280 --> 00:05:51,280 Yeah, thanks. 68 00:05:51,280 --> 00:05:54,980 That answers my question. 69 00:05:54,980 --> 00:05:56,720 You just mentioned NixOS. 70 00:05:56,720 --> 00:06:02,080 Can you tell me a bit more about the NixOS ecosystem? 71 00:06:02,080 --> 00:06:10,880 NixOS is a declarative operating system based on the package manager Nix, which allows us 72 00:06:10,880 --> 00:06:18,480 to declare all the system configuration and service configuration in one place. 73 00:06:18,480 --> 00:06:29,600 As it is powered by a Nix programming language, we were able to adapt the single configuration 74 00:06:29,600 --> 00:06:33,080 to address the needs of different users. 75 00:06:33,080 --> 00:06:41,400 We have a single Nix config, which loads the data of the user, like which services users 76 00:06:41,400 --> 00:06:51,480 want to launch, which configuration values does the user want, and using Nix language, 77 00:06:51,480 --> 00:07:01,040 we can modify the system without modifying the Nix files themselves on the user's machine. 78 00:07:01,040 --> 00:07:07,200 There are a lot of projects that are like ours. They try different approaches. 79 00:07:07,600 --> 00:07:15,000 There are projects like YunoHost. They use Debian installation scripts and stuff like 80 00:07:15,000 --> 00:07:20,000 this, like in the usual style of how things on Linux are done. 81 00:07:20,000 --> 00:07:27,000 There are projects that use Docker, Kubernetes, and other container systems. 82 00:07:27,000 --> 00:07:35,680 And when the project started, we saw that and we tried to do this using NixOS. Because 83 00:07:35,680 --> 00:07:42,520 initially, SelfPrivacy was a hackathon project, so we tried to do this with Kubernetes, and 84 00:07:42,520 --> 00:07:45,720 it ended up badly. 85 00:07:45,720 --> 00:07:55,840 So, as I know, we are the only project that tries to achieve this goal using Nix, and 86 00:07:55,840 --> 00:08:04,160 it is not easy. As for now, we see that if we try to use different approaches 87 00:08:04,160 --> 00:08:12,000 that are used by other projects, in many ways, it will be easier to implement, but advantages 88 00:08:12,000 --> 00:08:19,760 of using NixOS came out to be quite dramatic for us. And we are still sticking to this. 89 00:08:19,760 --> 00:08:28,360 We are trying to do stuff that wasn't done yet in this ecosystem. 90 00:08:28,360 --> 00:08:30,760 I think we are doing quite good at this. 91 00:08:30,760 --> 00:08:34,760 Shortly, we hate Docker and Kubernetes. 92 00:08:39,760 --> 00:08:41,760 We hear that a lot. 93 00:08:44,760 --> 00:08:48,760 How do you handle updates? 94 00:08:48,760 --> 00:08:59,760 As a user, do I need to log in to the server itself? Or will that be done from the app front-end? 95 00:08:59,760 --> 00:09:01,760 There are two options. 96 00:09:01,760 --> 00:09:06,760 If you have automatic updates enabled, your server will update itself every day. 97 00:09:06,760 --> 00:09:13,760 If you disabled automatic updates, you will have to open the app and click a big shiny 98 00:09:13,760 --> 00:09:16,760 button, update server. And that's it. 99 00:09:16,760 --> 00:09:22,760 You will see the progress with the recent updates that we will release this 100 00:09:22,760 --> 00:09:23,760 week. 101 00:09:23,760 --> 00:09:27,760 You will see in real time the process of NixOS rebuilds. 102 00:09:28,760 --> 00:09:33,760 And that also handles major revisions of NixOS? 103 00:09:33,760 --> 00:09:37,760 Could you please repeat? 104 00:09:37,760 --> 00:09:46,760 And that also handles major revisions of NixOS like 23.11 to 24.05? 105 00:09:46,760 --> 00:09:54,760 Well, previously, major releases of NixOS were such a pain for us because we had to 106 00:09:54,760 --> 00:10:03,760 switch channels. And it's not something you can quite automatically do with a single 107 00:10:03,760 --> 00:10:05,760 predetermined command. 108 00:10:05,760 --> 00:10:16,760 And in the previous year, we moved to using Flakes. And this allowed us to actually pin 109 00:10:16,760 --> 00:10:20,760 not just channel, but commit in the Nix packages. 110 00:10:20,760 --> 00:10:26,760 And now we may actually push updates of the new major releases. 111 00:10:26,760 --> 00:10:34,760 The problem was that when a new major NixOS release comes out, there are incompatible changes 112 00:10:34,760 --> 00:10:39,760 in the configuration that must be addressed. 113 00:10:39,760 --> 00:10:48,760 And before, when the channel and configuration updates were separate, they were out of sync, 114 00:10:48,760 --> 00:10:50,760 and it caused problems. 115 00:10:50,760 --> 00:10:59,760 Now, as our configuration itself pins a NixOS version, we can update them at the same time. 116 00:10:59,760 --> 00:11:05,760 And nowadays, when you click update, it will just update to a new version. 117 00:11:05,760 --> 00:11:10,760 It's clearly for end user. 118 00:11:10,760 --> 00:11:16,760 We hide this from the user, well, because user doesn't really need to know about this, 119 00:11:16,760 --> 00:11:17,760 like these technical details. 120 00:11:17,760 --> 00:11:22,760 We just made it so you click a button and it updates. 121 00:11:22,760 --> 00:11:25,760 Yeah, nice. 122 00:11:25,760 --> 00:11:35,760 And also, the setup is also very nice, that you handle it from an app on your phone, and 123 00:11:35,760 --> 00:11:40,760 the rest is being done automatically. 124 00:11:40,760 --> 00:11:44,760 Can you tell us something about working on this project? 125 00:11:44,760 --> 00:11:47,760 What is hard about working on it? 126 00:11:47,760 --> 00:11:53,760 First of all, our technology stack is complex. 127 00:11:53,760 --> 00:12:01,760 NixOS, Flutter, Dart, Python, GraphQL. Inex tell me more. 128 00:12:01,760 --> 00:12:08,760 Well, that's a lot of technologies. And NixOS is quite niche. 129 00:12:08,760 --> 00:12:19,760 It's hard to find specialists in this field. And our needs with NixOS are quite advanced. 130 00:12:19,760 --> 00:12:31,760 So, the hardest part here was to find people who are capable enough to actually implement 131 00:12:31,760 --> 00:12:34,760 our needs in the Nix language. 132 00:12:34,760 --> 00:12:40,760 How to implement different features such as single sign-on and others declaratively 133 00:12:40,760 --> 00:12:41,760 in Nix? 134 00:12:41,760 --> 00:12:43,760 How do we integrate everything? 135 00:12:43,760 --> 00:12:49,760 One of the most difficult tasks is also integrating everything. 136 00:12:49,760 --> 00:12:52,760 We have three layers. 137 00:12:52,760 --> 00:12:56,760 It's the Nix layer, where we have our configuration. 138 00:12:56,760 --> 00:13:01,760 We have API layer, which connects the system itself with the application, 139 00:13:01,760 --> 00:13:05,760 which modifies the Nix inputs. 140 00:13:05,760 --> 00:13:10,760 And the application itself is also quite complex. 141 00:13:12,760 --> 00:13:15,760 Second, the mission is challenging. 142 00:13:15,760 --> 00:13:20,760 We are creating automated cloud hosting for non-technical users. 143 00:13:20,760 --> 00:13:25,760 And third, the other one is political. 144 00:13:25,760 --> 00:13:30,760 I am Russian by birth, was in Ukraine before the war. 145 00:13:30,760 --> 00:13:32,760 And now I am in Germany. 146 00:13:32,969 --> 00:13:36,200 Jetzt lerne ich Deutsch. 147 00:13:36,760 --> 00:13:40,760 Our team of six people is based in Georgia. 148 00:13:40,760 --> 00:13:42,760 It's difficult. 149 00:13:42,760 --> 00:13:50,760 Talking about that, can you tell us something as to why you started making SelfPrivacy? 150 00:13:51,760 --> 00:13:57,760 I was amazed by the high level of privacy when I first saw DeltaChat. 151 00:13:57,760 --> 00:13:59,760 DeltaChat is my crush. 152 00:14:01,760 --> 00:14:03,760 Sorry, one moment. 153 00:14:03,760 --> 00:14:07,760 Can you explain what is DeltaChat for people who don't know? 154 00:14:07,760 --> 00:14:10,760 Improvise. 155 00:14:12,760 --> 00:14:14,760 He has better English. 156 00:14:14,760 --> 00:14:24,760 In a nutshell, DeltaChat is an email client, which behaves like a messenger, which also 157 00:14:24,760 --> 00:14:28,760 encrypts all the messages end-to-end. 158 00:14:28,760 --> 00:14:35,760 And it also allows group chats, and all the messages are encrypted. 159 00:14:35,760 --> 00:14:40,760 And it has quite a nice UX, UI. 160 00:14:41,760 --> 00:14:52,760 But the only way to achieve full privacy for DeltaChat is for both parties to use their own 161 00:14:52,760 --> 00:14:54,760 email servers. 162 00:14:54,760 --> 00:14:57,760 That was four years ago. 163 00:14:57,760 --> 00:15:05,760 There is still no easy way for non-technical users to set up their own mail server. 164 00:15:06,760 --> 00:15:13,760 SelfPrivacy does this in a few clicks and gives you unlimited email addresses for the 165 00:15:13,760 --> 00:15:14,760 cost of VPS. 166 00:15:14,760 --> 00:15:17,760 It's around 5 euros per month. 167 00:15:17,760 --> 00:15:25,760 And why do you think it is important to give non-technical users this possibility? 168 00:15:26,760 --> 00:15:31,760 They have no way to do it privately. 169 00:15:32,760 --> 00:15:35,760 I think only us. 170 00:15:35,760 --> 00:15:39,760 If you want an email server, what should you do? 171 00:15:39,760 --> 00:15:46,760 Well, you might contact other people who can set up the server, but do you trust them? 172 00:15:46,760 --> 00:15:48,760 Is it private? 173 00:15:48,760 --> 00:15:54,760 There are email server providers which will do it for you for money, but all your data 174 00:15:54,760 --> 00:15:56,760 is handled by them. 175 00:15:56,760 --> 00:15:59,760 Do you trust them? 176 00:15:59,760 --> 00:16:01,760 You likely do not trust. 177 00:16:01,760 --> 00:16:03,760 That's a very good reason. 178 00:16:03,760 --> 00:16:08,760 So earlier we talked about what the hard parts are of working on this project, but can you 179 00:16:08,760 --> 00:16:11,760 also tell me something that you really like about it? 180 00:16:11,760 --> 00:16:17,760 Oh, we enjoy reading feedback, like "it just works", "it's magic". 181 00:16:17,760 --> 00:16:19,760 It's very motivating. 182 00:16:19,760 --> 00:16:27,760 Many people know the difficulty of setting up an email server and getting the DNS setting 183 00:16:27,760 --> 00:16:28,760 correct. 184 00:16:28,760 --> 00:16:30,760 We just make it work. 185 00:16:30,760 --> 00:16:32,760 That's really nice. 186 00:16:32,760 --> 00:16:36,760 Yeah, I like the zero trust model that you use, 187 00:16:36,760 --> 00:16:46,760 and also, I mean, you are creating a communication channel for people that do not trust other 188 00:16:46,760 --> 00:16:53,760 servers, other companies, and especially not the Signal and the Telegrams of this world. 189 00:16:54,760 --> 00:17:06,760 One thing that I was thinking is, do you also use an encrypted file system on the server? 190 00:17:06,760 --> 00:17:11,760 Because it might be possible. 191 00:17:11,760 --> 00:17:22,760 One of the options that you offer through Hetzner, for example, is that those companies 192 00:17:22,760 --> 00:17:29,760 look into the server and read the files that are in there. 193 00:17:29,760 --> 00:17:34,760 Or am I now describing a feature request? 194 00:17:34,760 --> 00:17:41,760 Currently, users can choose Hetzner or DigitalOcean as their VPS provider. 195 00:17:41,760 --> 00:17:49,760 However, we plan to add Proxmox as a bare-metal server to increase independence and security. 196 00:17:49,760 --> 00:17:56,760 And then you can edit the encryption for the file system. 197 00:17:56,760 --> 00:18:05,760 I might also add that this is a feature request that we received, and we thought about it a lot. 198 00:18:05,760 --> 00:18:12,760 So the problem here is, for example, if we encrypt a virtual machine on Hetzner, they 199 00:18:12,760 --> 00:18:17,760 might just dump the operating memory and extract the keys. 200 00:18:17,760 --> 00:18:23,760 So this encryption only protects the data at rest. 201 00:18:23,760 --> 00:18:31,760 So it actually won't protect anything, and you still have to trust the provider. 202 00:18:31,760 --> 00:18:38,760 So that's why we are working on allowing you to set up SelfPrivacy on any provider 203 00:18:38,760 --> 00:18:44,760 or at your home. And only after that, we will add new providers to our application. 204 00:18:45,760 --> 00:18:50,760 For full privacy, you should use a dedicated server. 205 00:18:50,760 --> 00:18:54,760 Yeah, true. 206 00:18:54,760 --> 00:19:08,760 You're also working together with or making use of deSEC.io, which is also another NLNet-funded project. 207 00:19:08,760 --> 00:19:13,760 Why did you choose them, and how does that work out for you? 208 00:19:14,760 --> 00:19:19,760 I say, but maybe Inex repeats more correctly. 209 00:19:19,760 --> 00:19:32,760 Firstly, we are using Cloudflare because they have a DNS API. 210 00:19:33,760 --> 00:19:46,760 Nobody has it, but NGI told me about deSEC, and we are happy to use it. 211 00:19:46,760 --> 00:19:49,760 Inex, could you repeat correctly? 212 00:19:49,760 --> 00:19:53,760 Well, quite a lot of DNS providers have DNS API. 213 00:19:53,760 --> 00:19:56,760 They are not ethical. 214 00:19:56,760 --> 00:20:02,760 We are not sure they don't collect information. 215 00:20:02,760 --> 00:20:11,760 It is not ethical either, but we used it because it is only a DNS, so no user data actually 216 00:20:11,760 --> 00:20:14,760 passed through it. 217 00:20:14,760 --> 00:20:19,760 And it is really used because of the ease of its API. 218 00:20:19,760 --> 00:20:25,760 At first, when it was SelfPrivacy was a prototype, so it was the first one that was supported, 219 00:20:25,760 --> 00:20:30,760 and then we added deSEC because we wanted a more private alternative, 220 00:20:30,760 --> 00:20:33,760 and we knew that it was also NLNet-funded. 221 00:20:33,760 --> 00:20:37,760 It was also the reason we chose it. 222 00:20:37,760 --> 00:20:47,760 And it was lucky for us that deSEC also has an API, and it works well with our application. 223 00:20:47,760 --> 00:20:55,760 And in the future, we are planning to add many more DNS providers, but it will take some time. 224 00:20:55,760 --> 00:21:00,760 If you have an ethical VPS provider, we will be happy. 225 00:21:00,760 --> 00:21:15,760 Is running or having DNS inside the SelfPrivacy server, is that something that is or might be on the roadmap? 226 00:21:15,760 --> 00:21:22,760 We had talks about it, and it might be possible, but it's harder to implement. 227 00:21:22,760 --> 00:21:27,760 And here is a chicken and egg problem. 228 00:21:27,760 --> 00:21:33,760 How do we stop access to the server when it is not yet created? 229 00:21:33,760 --> 00:21:37,760 We still need DNS records to access it 230 00:21:37,760 --> 00:21:46,760 because we use TLS, encrypted connections, and we need a domain for that. 231 00:21:46,760 --> 00:21:56,760 What you might do, then, is use the initial hostname that is being set by the VPS provider. 232 00:21:56,760 --> 00:22:00,760 Well, not every provider actually provides it. 233 00:22:00,760 --> 00:22:13,760 And the server also needs to actually learn this address somehow from itself and acquire TLS certificates for it. 234 00:22:13,760 --> 00:22:18,760 There are technical difficulties with this. 235 00:22:18,760 --> 00:22:23,760 Maybe it is possible to implement, but it is not in our priorities currently. 236 00:22:23,760 --> 00:22:30,760 Our current priority is to add more DNS providers and implement other features right now. 237 00:22:30,760 --> 00:22:39,760 It is not private. Upstream traffic can read. 238 00:22:39,760 --> 00:22:42,760 They can read the DNS requests? 239 00:22:42,760 --> 00:22:45,760 Requests, yeah. 240 00:22:45,760 --> 00:22:50,760 What is your target audience? 241 00:22:50,760 --> 00:23:00,760 What people do you have in mind that should be using SelfPrivacy? 242 00:23:00,760 --> 00:23:15,760 My dream is everybody use family servers for a loved one. 243 00:23:15,760 --> 00:23:22,760 I am not a businessman. I am a bad marketing guy. I am just technical. 244 00:23:22,760 --> 00:23:32,760 I see the problem and I know how to fix it with technical possibilities. 245 00:23:32,760 --> 00:23:40,760 Well, you are not entirely a bad marketing guy because I looked at your website and it is very clear. 246 00:23:40,760 --> 00:23:48,760 It is kind of funny, I think. And it has these really nice cartoons on it. Who made those? 247 00:23:48,760 --> 00:23:55,760 It is our designer, Nevfy. She is awesome. 248 00:23:55,760 --> 00:23:58,760 It is so young and so cool. 249 00:23:58,760 --> 00:24:05,760 It is presented really nice and as I said, it also really explains what SelfPrivacy does. 250 00:24:05,760 --> 00:24:16,760 We are not sure. Even IT guys don't understand what we are doing and why. I don't know why. 251 00:24:16,760 --> 00:24:19,760 It is because we are here. 252 00:24:20,760 --> 00:24:35,760 Talking about business, what steps are you taking to ensure the longer-term sustainability of your projects? 253 00:24:35,760 --> 00:24:45,760 I think about it every time. This project is expensive for me. 254 00:24:45,760 --> 00:24:56,760 I spent a lot of money and time for it but I didn't see an ethical way to monetization. 255 00:24:56,760 --> 00:25:06,760 We don't want to be engaged with a service provider because it is not zero trust. 256 00:25:06,760 --> 00:25:10,760 We don't want to know our clients. 257 00:25:10,760 --> 00:25:21,760 Maybe we can create a subscription in the marketplaces. 258 00:25:21,760 --> 00:25:26,760 For example, Google Play Market 259 00:25:26,760 --> 00:25:41,760 We tried to publish our software to the Apple Store but we were banned or something else. 260 00:25:41,760 --> 00:25:44,760 Nobody responded to us. 261 00:25:44,760 --> 00:25:59,760 But I want SelfPrivacy free always for Android users. 262 00:25:59,760 --> 00:26:03,760 It's very critical. 263 00:26:03,760 --> 00:26:10,760 Maybe we can add a commercial project in the SelfPrivacy-like platform. 264 00:26:11,760 --> 00:26:17,760 For example, some data analytics. 265 00:26:17,760 --> 00:26:19,760 I don't know. 266 00:26:19,760 --> 00:26:32,760 Now we have a platform for any open-source software which allows NixOS. 267 00:26:32,760 --> 00:26:36,760 And I like that. 268 00:26:36,760 --> 00:26:42,760 If you have some business mentor I will be happy to speak with them. 269 00:26:42,760 --> 00:26:45,760 Actually, we do. 270 00:26:45,760 --> 00:26:51,760 The NGI Zero Coalition also offers practical support. 271 00:26:51,760 --> 00:26:59,760 One of those supports is organizations like Apple or CCT 272 00:26:59,760 --> 00:27:03,760 they offer mentor support for business models. 273 00:27:03,760 --> 00:27:08,760 We could definitely help you with that. 274 00:27:08,760 --> 00:27:10,760 Awesome. 275 00:27:10,760 --> 00:27:14,760 And did you think about a donation model? 276 00:27:14,760 --> 00:27:18,760 I don't believe that. 277 00:27:18,760 --> 00:27:26,760 I know nobody who can earn with donation. 278 00:27:26,760 --> 00:27:31,760 Maybe I have a lack of information. 279 00:27:32,760 --> 00:27:35,760 But I know one. 280 00:27:35,760 --> 00:27:42,760 It was... If you know TOGAF 281 00:27:42,760 --> 00:27:45,760 ArchiMate program 282 00:27:45,760 --> 00:27:52,760 it's enterprise architecture software 283 00:27:52,760 --> 00:27:57,760 and they can live on donation. 284 00:27:58,760 --> 00:28:05,760 If I understand correctly you are basically funding this yourself, right? 285 00:28:05,760 --> 00:28:07,760 Yeah. 286 00:28:07,760 --> 00:28:12,760 You're paying people to develop it. 287 00:28:12,760 --> 00:28:15,760 Yeah, I'm paying every week. 288 00:28:15,760 --> 00:28:20,760 For Georgia it's fine. 289 00:28:20,760 --> 00:28:24,760 It's impossible to do in Europe. 290 00:28:24,760 --> 00:28:27,760 Europe is too expensive. 291 00:28:27,760 --> 00:28:34,760 So you have other businesses where you earn the money and then you just put it into SelfPrivacy? 292 00:28:34,760 --> 00:28:38,760 Yeah, you're right. 293 00:28:38,760 --> 00:28:41,760 That's true dedication. 294 00:28:41,760 --> 00:28:43,760 It is, yeah. 295 00:28:43,760 --> 00:28:51,760 And I can also recommend doing some donation model 296 00:28:51,760 --> 00:28:54,760 putting a donation button on your website 297 00:28:54,760 --> 00:29:05,760 because I'm very sure that there are donors out there that really believe in privacy 298 00:29:05,760 --> 00:29:08,760 and would like to fund you. 299 00:29:08,760 --> 00:29:10,760 Okay, thank you. 300 00:29:10,760 --> 00:29:12,760 But I need help with it. 301 00:29:12,760 --> 00:29:24,760 And I'm afraid that Google banned us because Google don't like donation on the site. 302 00:29:24,760 --> 00:29:32,760 Google doesn't like it when you put links or use payments outside of the Google system. 303 00:29:32,760 --> 00:29:35,760 So we might add it to the Android flavor donation button. 304 00:29:35,760 --> 00:29:43,760 But speaking with Google Play, maybe it will be easier just to make an application paid in the Google Play and free in the F-droid 305 00:29:43,760 --> 00:29:45,760 like, for example, OsmAnd does. 306 00:29:45,760 --> 00:29:47,760 Yeah. 307 00:29:47,760 --> 00:29:52,760 What are the next steps for SelfPrivacy? 308 00:29:52,760 --> 00:30:01,760 At the moment, SelfPrivacy offers services such as email, video meetings, password management and file server. 309 00:30:01,760 --> 00:30:06,760 We are planning to add more communication and collaboration services 310 00:30:06,760 --> 00:30:12,760 in particular Fediverse services such as PeerTube, Mastodon and Castopod. 311 00:30:12,760 --> 00:30:23,760 What I really like about that list of projects is that you are choosing truly open-source projects. 312 00:30:23,760 --> 00:30:28,760 Yeah, that's an amazing list. 313 00:30:29,760 --> 00:30:35,760 I might say that we add services that we use ourselves 314 00:30:35,760 --> 00:30:40,760 because we all are self-hosters with a large experience. 315 00:30:40,760 --> 00:30:44,760 Me, for example, I self-host for years already 316 00:30:44,760 --> 00:30:51,760 and I know all the pain of setting everything up on different systems 317 00:30:51,760 --> 00:30:58,760 how it is actually not always easy to maintain everything. 318 00:30:58,760 --> 00:31:01,760 It might be easy to set up something 319 00:31:01,760 --> 00:31:04,760 but maintaining is a chore 320 00:31:04,760 --> 00:31:07,760 and sometimes it is not a chore you actually want to do. 321 00:31:07,760 --> 00:31:09,760 But you have to, 322 00:31:09,760 --> 00:31:12,760 because, for example, there are security advisories, 323 00:31:12,760 --> 00:31:15,760 there are updates that you have to apply, 324 00:31:15,760 --> 00:31:17,760 you run out of space, 325 00:31:17,760 --> 00:31:19,760 something is down, you have to up this and 326 00:31:20,760 --> 00:31:26,760 sometimes it's just sad seeing all of this. 327 00:31:26,760 --> 00:31:34,760 What can the listeners of our podcast do to help you to bring your project further? 328 00:31:34,760 --> 00:31:37,760 Just install SelfPrivacy, 329 00:31:37,760 --> 00:31:40,760 communicate with your loved ones via DeltaChat, 330 00:31:40,760 --> 00:31:42,760 and escape big tech surveillance. 331 00:31:42,760 --> 00:31:46,760 Send me a nice message on DeltaChat if you want. 332 00:31:47,760 --> 00:31:57,760 When I want to speak with someone I want to send an email to the private server. 333 00:31:57,760 --> 00:32:00,760 I have a private server. 334 00:32:00,760 --> 00:32:06,760 I want everyone to have a private server. 335 00:32:06,760 --> 00:32:09,760 That's really nice. 336 00:32:09,760 --> 00:32:14,760 Can you tell us something about how NGI Zero helped your project? 337 00:32:15,760 --> 00:32:18,760 NGI Zero has been a lot of help. 338 00:32:18,760 --> 00:32:24,760 First of all, it's confirmation that we are doing the right thing. 339 00:32:24,760 --> 00:32:35,760 When I look at other projects that NGI has supported, I feel that there is still hope for privacy on the Internet. 340 00:32:35,760 --> 00:32:42,760 Can you give advice to people who are also considering to apply for NGI Zero? 341 00:32:42,760 --> 00:32:43,760 Be brave. 342 00:32:43,760 --> 00:32:47,760 Apply and don't be afraid to discuss your ideas. 343 00:32:47,760 --> 00:32:51,760 Your idea could be a breakthrough. 344 00:32:51,760 --> 00:32:55,760 It could change everything for the better. 345 00:32:55,760 --> 00:32:59,760 Unfortunately, many IT professionals are too shy. 346 00:33:01,760 --> 00:33:03,760 That's beautiful advice. 347 00:33:04,760 --> 00:33:16,760 To go back to the start of this conversation we asked you both what are the issues today with the Internet. 348 00:33:16,760 --> 00:33:26,760 You are giving a slice of the solution by creating and maintaining SelfPrivacy. 349 00:33:26,760 --> 00:33:35,760 Do you see any other initiatives or trends that are contributing to improving the Internet a bit? 350 00:33:35,760 --> 00:33:38,760 Maybe I'm too pessimistic. 351 00:33:38,760 --> 00:33:44,760 So far, all I can see is that privacy is getting worse. 352 00:33:44,760 --> 00:33:49,760 I've also heard that NGI might have funding problems 353 00:33:49,760 --> 00:33:52,760 but I hope for the best 354 00:33:53,760 --> 00:33:59,760 and we will continue to develop SelfPrivacy as much as I can. 355 00:34:03,760 --> 00:34:09,760 If we are to solve the problems of privacy on the Internet what should be done? 356 00:34:09,760 --> 00:34:13,760 What would be the fundamental steps that would improve it? 357 00:34:14,760 --> 00:34:15,760 Inex? 358 00:34:18,760 --> 00:34:30,760 My first thought is that it's educating people about privacy, about their data, about how the data is processed, what can be done with it. 359 00:34:30,760 --> 00:34:39,760 Because Big Tech did a great job at educating people of their own paradigm. 360 00:34:39,760 --> 00:34:43,760 It is hard for people to move to actually private services. 361 00:34:43,760 --> 00:34:48,760 Federated protocols are very confusing for ordinary people. 362 00:34:48,760 --> 00:34:52,760 We see a lot of problems people have, 363 00:34:52,760 --> 00:34:54,760 things like choosing a server, 364 00:34:54,760 --> 00:34:55,760 what server 365 00:34:55,760 --> 00:34:58,760 do I have to choose? What is a server anyway? 366 00:35:00,760 --> 00:35:03,760 And a lot of people... 367 00:35:03,760 --> 00:35:06,760 I'm not sure about places like Germany. 368 00:35:06,760 --> 00:35:09,760 I heard that in Germany people really like privacy. 369 00:35:09,760 --> 00:35:13,760 But in other places it is a common thing to hear, like 370 00:35:13,760 --> 00:35:16,760 "I don't have anything to hide!" 371 00:35:16,760 --> 00:35:25,760 It's hard to actually change this mind usually, from the people. 372 00:35:27,760 --> 00:35:31,760 NGI has supported a lot of great independent initiatives. 373 00:35:31,760 --> 00:35:42,760 The best thing you can do is keep doing this for the long term and make the Internet healthier. 374 00:35:43,760 --> 00:35:47,760 Yeah, I think that's a good combination of solutions. 375 00:35:47,760 --> 00:35:56,760 On the one hand to educate the end users and on the other hand make the Internet actually better so that they have something to choose from. 376 00:35:56,760 --> 00:35:58,760 It's really good advice. 377 00:35:59,760 --> 00:36:00,760 Thank you. 378 00:36:00,760 --> 00:36:03,760 Do you have any more questions, Ronny? 379 00:36:04,760 --> 00:36:12,760 No, I think this was a wonderful conversation about a very interesting project. 380 00:36:13,760 --> 00:36:14,760 Thank you. 381 00:36:14,760 --> 00:36:16,760 I can end it. 382 00:36:16,760 --> 00:36:24,760 There would be no room for conflict if the world could exchange ideas without being watched. 383 00:36:24,760 --> 00:36:32,760 People can all agree on anything when there is no asymmetry of access to information. 384 00:36:33,760 --> 00:36:34,760 That's beautiful. 385 00:36:34,760 --> 00:36:37,760 That's a beautiful way to work towards. 386 00:36:38,760 --> 00:36:42,760 Well, thank you Kirill and Inex very much for this great conversation 387 00:36:42,760 --> 00:36:47,760 and even more for the SelfPrivacy project that you are working on 388 00:36:47,760 --> 00:36:51,760 because it's really contributing to a better Internet for all. 389 00:36:51,760 --> 00:36:52,760 Thank you very much. 390 00:36:52,760 --> 00:36:53,760 Thank you. 391 00:36:53,760 --> 00:36:54,760 Thank you. 392 00:36:54,760 --> 00:36:56,760 Большое спасибо!