gemini://sunshinegardens.org/

secure communications

nothing to see here, just organizing the resistance over megaphone

private networking

yggdrasil

private, but not anonymous, encrypted overlay network. yggdrasil is used to encrypt sunshine gardens' internal infrastructure and is the backbone of our CDN.

# DO NOT LIST THESE ON YGGDRASIL PUBLIC PEERS
tls://seattle-0.hypergate.nyu.tokyo:42069
tls://chicago-0.hypergate.nyu.tokyo:42069
tls://newjersey-0.hypergate.nyu.tokyo:42069

https://yggdrasil-network.github.io/

[TESTING] freenet

Freenet is built on the principle of small world networks. By connecting to nodes of people you already know, and the people you know in turn connect to people they know, one should be able to reach all nodes in a Freenet network.

for optimal security, consider peering with sunshine gardens' mesh network and using a yggdrasil address in your freenet configuration.

https://freenetproject.org/pages/documentation.html

encrypted chat

IDEALLY xmpp + omemo

this is the ideal self-hosted option and may require significant effort to deploy.

MOBILE CLIENTS should use remove google apps from their android device and run fdroid conversations[1]. for the purposes of security, google play services should be considered a rootkit. 1:1 conversations should be encrypted with omemo[2]. encrypted group chats are also possible, but are not supported by all clients.

1: fdroid conversations

2: omemo

DESKTOP CLIENTS are not that great. dino[3] and gajim[4] are among the best available options, but both have UX issues.

3: dino

4: gajim

ALL CLIENTS should choose a server operator that they trust.

SERVERS should verify compliance[4] to ensure correct operation of encrypted clients. sunshinegardens.org operates an ejabberd[5] server which has shown itself to be a very efficient and easy to admin program. prosody[6] is another option which may not scale as well as ejabberd, but has the plus of working mostly out of the box. for additional privacy, operating an xmpp network within tor is an option.

a properly configured xmpp server should be able to facilitate file sharing and, by extension, a variety of collaborative workflows.

4: xmpp compliance

5: ejabberd

6: prosody

ONLY IF NECESSARY telegram

CITATION NEEDED

fdroid telegram[7] supports encrypted channels using public sources which have allegedly been verified secure. use this as a last resort for communicating with contacts who do not have access to a secure android device.

7: fdroid telegram

DO NOT matrix

CLIENTS are bloated and feature insecure-but-convenient key verification.

SERVERS have unpredictable performance and require excessive over-provisioning to perform adequately.