etke.cc
the only FOSS-based service offering Matrix chat server hosting
  etke.cc
  - the only FOSS-based service offering Matrix chat server hosting
🌓 Theme

security explained

🌐 This page is also available in: Deutsch

We’re taking customers’ security and privacy pretty seriously. On that page, you can find the applied security measures and notes.

Measures

  • firewall
  • intrusion prevention
  • ssh daemon hardening
  • OS-level permissions (matrix components run under separate Linux user and group)
  • docker containers hardening
  • single source of truth (any modifications done to matrix components configurations will be wiped and replaced on each maintenance run)

Data access

What data can be accessed by etke.cc?

  • any system file (because of the ssh access with sudo permissions)
  • any plaintext (unencrypted) information (e.g unencrypted text messages from bridged chats)

What data can NOT be accessed by the etke.cc?

  • encrypted data (encrypted messages, files, etc.)

Audit

How customers can check what is going on on their servers?

  • /var/log/auth.log available by default (due to default OS log rotation policies, there may be files like /var/log/auth.log.1, /var/log/auth.log.2, … as well)
  • The Linux Audit
  • In 99.99% of all actions on the customers’ servers performed by the automation system, source code is available on gitlab.com/etke.cc