> is there an alternative when you decide that you want to self-host and have
this level of control over the server hardware
Self-hosting doesn't really gain much in my eyes besides pushing the burden
of a broken system on to people. You shouldn't need to bother with things
like DNS, GPG or other garbage, you should just be able to find someone by
their public key whether through friends or through a public directory.
Messaging should also be anonymous. We should be moving to serverless
end-to-end encrypted technologies like bitmessage or i2p-bote.
> (Metadata is of course still a serious issue.)
I hadn't thought about this though in a sense it's actually worse than you
might think: Self hosting means you stand out and can be pinpointed which is
actually worse than something like gmail. I'm sure surveillance agencies have
graphs of who talks to who, but this makes it easier to find real identities.
> And while you definitely lose some privacy by using a proxy in this case,
as long as the connection is still end-to-end-encrypted, at least the content
itself would be still safe.
Ironically proxying would help give you privacy in this case.
> I think this database could be easily hosted by your box itself, and that
would make the most sense to me.
I don't know why I didn't think of that. That does make sense.
> This technique they're using at least can only end up better than sending
plain unencrypted mail, and I think is the same that services like Tutanota
are using, so it's not completely unexplored territory.
This is true, but you have to remember that this is being marketed as 100%
confidential and good enough for whisteblowers.