Fellowship Interview with Stefan Kangas

Stefan Kangas

Stefan Kangas

Stefan Kangas is studying his third year of his bachelors degree in Computer Science at the University of Gothenburg. He is currently the president of the recently started Fripost: the free e-mail association.

Chris Woolfrey: Fripost has been running almost a year. How has it developed?

Stefan Kangas: The association started in November 2010 – we more or less launched it with a presentation at FSCONS that year. During the spring we grew steadily and have now reached our goal of having 50 members, which was our aim for the first year. We still have a couple of months left until November, so we’re quite happy with that!

People have been using our email servers since around February. The systems are basically up and running, but at this point mainly on borrowed and donated hardware. We set our membership fee at 300 SEK per year (around 33 Euros) and that’s basically covering the running costs of an exclusive internet connection for the main server. Though it’s consumer grade at this point, we’re currently looking at a better solution; we want to be hosted in a more serious location.

We’ve discussed whether or not a virtual private server is OK, seeing as we want to keep everything under our own control. Obviously we want to control all hardware as well as the software. But at the moment we basically receive email and store it on our IMAP server. We have no outgoing email, though we are currently working on setting this up. We received the server just this week which has been lent to us for this purpose.

This spring we had a party which was quite successful, basically a “launch party”. We are looking to organize another party for October 1st. It’s nice that parts of the Fripost work are already going on outside the “main” channels, which means we can spread the work load amongst more people; a goal that we have for everything in the project.

We’re looking to keep this organization going for years, slowly scaling everything up as we go. We don’t want to jump right into the deep end of the pool, so to speak.

CW: Do you intend to compete with the likes of Google and Microsoft in the mail hosting market in future?

SK: We certainly hope to. Look, the way I see it we are already providing an alternative. Sure, we still have some stuff that needs sorting out, but to me, we have already achieved more than I would have dared hope for when we launched. So in my view it’s been a great success; and it’s all thanks to our members, people who have joined because they believe strongly in our ideals.

“The main strength of Fripost is that our members are dedicated to our ideas of freedom”

We think the cost of joining is quite high right now, but we hope to lower it as we get more members. People who already paying this arguably high price show a high level of commitment. That’s the main strength of Fripost: that our members are dedicated to our ideas of freedom.

Over at Gmail and Hotmail they obviously have some benefits, like much better uptime, and probably much greater bandwidth, as well as resilience to certain types of attacks, like distributed denial of service attacks, and stuff like that. But we have something they don’t have, which is a guarantee that it is the users who control their computing.

So this is a huge win. And basically, when you weigh everything together, the technical drawbacks are greatly outweighed by the social benefits. At least this is the way we feel, and obviously the people who have decided to join the association agree.

In that case, the question, really, is what one expects from a proper alternative more than anything else. And yeah, we would rather not have these technical drawbacks, but at this point they are inevitable. To resolve them we need more resources, which means growing, since we can never accept any outside financing for the primary stuff, because that would make users dependent on a third party. We need economic independence, as well as organisational independence.

CW: If a company offered Fripost a big donation, you wouldn’t take it?

SK: It’s not really about that. The way we see it, we can accept donations for “secondary stuff” or stuff that is not critical to the association. But the running costs have to be 100 per cent self-financed.

A one time donation that comes with no demands is just fine. Or at least, this has been the majority view up until now, but we haven’t gotten any such donations! Sure, if some rich dude wants to give us a million dollars, we would accept it. But only if we’re completely sure that we can do this without compromising our independence.

“The technical drawbacks are greatly outweighed by the social benefits”

Really, we don’t expect any outside donations. And the association has to be built in such a way that every step taken means we never expect any outside donations, because if we compromised on that, we compromise on the independence of our members. We’d probably never go to the EU and ask them for money for a project. Typically doing that means having to fit some norm concerning how these projects should be formed. It may or may not be the case that it would be what the majority of the members wanted to do, but we wouldn’t do it.

Let’s put it this way: if someone gives us a 19″ server, that’s just fine. But the membership fees alone have to be enough to keep it running. A case in point: we’ve already said ‘no’ to hardware – some huge rack server that took up like 8 units – that was too big for the association; we simply couldn’t afford to keep it running.

CW: Is finding open hardware to use an issue for Fripost?

SK: Yes, absolutely. One thing this work has shown us is that it’s not always entirely obvious what the limits to freedom really are or should be, where the line is to be drawn? Obviously projects like freebios, and cool guys working with open hardware, like OpenMoko, are already addressing these questions of hardware freedom, but at Fripost it is also about who owns what, who controls the internet connection, who pays for the electricity bills.

These are far ranging questions. Am I really free if I do not have physical access to the server? Am I really free if I do not have a root account? These are real questions.

I don’t know if our line of reasoning here is mainstream, but it’s something like this: if we have this association, democratically built, with democratically elected representatives, functionaries and administrators, with democratic by-laws and so on, then users will collectively exercise their freedom. That’s necessary for stuff like emailing, whereas it might not be for something basic like a text editor, that you just run locally. Email is a whole different thing; you need several servers at different locations, and it’s simply infeasible for one individual to achieve all this by themselves. So looking at it practically, in fact, not going for direct control of the servers, direct root access, and so on, means more user freedom, when you really think about it, it’s about the collective. Which is interesting, since superficially you would expect the opposite to be the case

When we started out we thought about this a lot. I think it was after Eben Moglen’s speech ‘Freedom in the Cloud’ that I first raised the question at our FSFE Fellowship meeting; we were quite unclear about what exactly to do and why, but we knew it was more than just the obvious “get box running, install postfix, win”.

“At Fripost freedom is also about who owns hardware, who controls the network, and who pays the bills”

We had to think about stuff like this a lot. We’ve even drafted a manifesto of sorts, starting with the idea of “user freedom”: what does it actually mean? We all know we have the four freedoms, but when you start discussing software as a service (SaaS), and even the questions posed by stuff like the Affero GNU Public License, it’s clear that it’s not always the case that these four freedoms are maintained. So we toyed around with the idea that one could define “free computer usage”: obviously, one needs to do all computing with free software, but also, one needs to exercise direct control over the hardware.

CW: That’s a real dedication to freedom that you’re describing. Is there a political implication to the community ownership model that you’ve outlined?

SK: We are trying to be a broad association for everyone who believes in our ideals. It’s not really about left or right here, though obviously we say some things that might provoke some people.

We say that a user can never attain the same amount of freedom if she is merely a customer, but that one really has to be a member if she wants the amount of freedom that Fripost looks to provide. We see it like this: if you are a customer, then you can leave, and you may or may not get to take your data with you. It’s not you, but the owners of the business that really exercises power over your computing. That’s always true of services in “the cloud”, which is what email really is once everyone hands management and control of their messages to Google or Microsoft.

It’s funny, because although the structure of the Internet is inherently distributed, along with many of its protocols like SMTP, the way that the Internet is used today means that most communication ends up going through just one of a few centralized nodes, and the power has moved away from the users.

But it’s important to remember that this isn’t just a problem with Google and Microsoft and the like. How distributed were services like email to begin with? My email might have been with my Internet service provider, my university, or my employer. So our association is about more than just “taking back” the Internet; it is about really freeing the Internet’s users once and for all.

Obviously emailing is just one out of a gazillion different things that needs freeing, but it is the most crucial one, or at least we believe so. Citizens communicate with authorities, employers, and all sorts of people via email, and we don’t do that to the same extent on Twitter or Facebook. We don’t do our taxes on Twitter or Facebook, but we can get messages about them via email. But email isn’t necessarily any less Free.

It’s really about having the users exercise direct control over their computing, and we want to feel free, and to be free in our lives. We don’t need to get embroiled in politics in order to achieve this. Everyone is welcome to join.

CW: Do you think that Fripost’s dedication to freedom could be an obstacle to growing to have many more members?

“Email is the service that most crucially needs to be freed”

SK: No, we completely think democracy is feasible on a large scale. But you have to start small, and take it step by step.

CW: Tell me more about the practical side of how Fripost runs its systems.

SK: At the moment, we have one server that acts as main storage for all emails. Users connect to this server via IMAP [use abbr tag], and is the main server, the most important one for users; this is the one we are looking to upgrade to a serious location, we hope within the next two months. In addition we’ve got two servers at two different locations which are receiving email from the open internet. They move the emails over encrypted SMTP tunnels to the main storage servers. At a completely separate location we have a backup server, with two identical disks in a raid 1 array. Currently, it backs up the main server every 20 minutes. The main server has 2 of these disks too, also in raid 1 array. In terms of the webmail interface, we’re using Roundcube.

We’ve got the git/wiki on another server, and the web server is separate too. We’re encrypting all data on the main server as well as the backup server, and the disks are encrypted, so we hope that gives additional protection.

We’re working very hard to keep the servers secure. We’ve been lucky; we’ve only had one occasion of downtime on the IMAP server since we got it running in March. And we hope this improves once we upgrade stuff, and get better hosting.

In terms of the software we’re using, we’ve got Debian GNU/Linux squeeze, postfix, dovecot, apache, Roundcube, Org mode, ikiwiki, bacula, and plenty more.

CW: What are the plans for Fripost in the next 12 months?

SK: To involve more interested people. We’re keeping everything in Git: minutes from meetings, documentation, the website, our wiki…

“We want to spread information as much as possible both inside and outside the association”

The technical documentation is especially nice; we try to keep it in such a state that if one of the admins goes AWOL, then anyone can pick up where that admin left off, and I think there’s almost a recipe for building our systems – it’s all there. If someone would like to give it a try it would be awesome, and if our documentation is poor, patches are welcome. If something is unclear we would be delighted if someone pointed out where it needs improving.

We want to encourage people. Some people were thinking about building a Fripost Debian package, so that people could just install it and get most of the stuff automatically.

Basically, we want to spread information as much as possible, and share knowledge, inside and outside the association. We want to see similar associations cropping up all over Europe, in lots of countries, even all over the world. So if someone wants to do it: go for it! We’d encourage them. It’s a lot of fun, it’s really rewarding work, and you’d be amazed when you see the positive response you get. Nobody who’s been actively working on this over the last year has expected to see these kinds of results this fast.

But it’s so important, and it’s easy to do. It’s all very feasible, and a lot of fun. It’s a concrete way for people to create pockets of Freedom in which people can participate. Obviously you need some technical people that can set up the servers and keep everything running, but this is the good part: non-technical people can free stuff that would otherwise not be possible for them.

“It’s a way of opening up the Free Software movement to people that we don’t normally reach”

It’s a way of opening up the Free Software movement and our ideals to other areas of work, to reach people we don’t normally reach. We’ve seen people come to Fripost that would never have come to a Fellowship meeting, where we’re always discussing hardcore stuff like software patents.

Because let’s be frank: that’s not what really gets people going. Obviously it is important for everyone but Fripost is one way of opening people’s eyes to the right direction without scaring them away with technical stuff, or law stuff, or abstract ideas. Instead, we’re dealing with something concrete that they are familiar with and use every day. And people are worried about this stuff! People are really, really worried about user freedom on the internet. Facebook has been a real eye-opener.

The Free Software movement needs to think about how to channel that, and also take the opportunity to spread our ideas, since we’ve been talking about this stuff for way longer, and we know about user freedom. And when it comes to questions people have about Internet freedom, our ideas are superior to most of what anyone else produces.