🆕 Software Suggestion | 1984 hosting #673
Labels
No Label
🔍🤖 Search Engines
approved
dependencies
duplicate
feedback wanted
high priority
I2P
iOS
low priority
OS
Self-contained networks
Social media
stale
streaming
todo
Tor
WIP
wontfix
XMPP
[m]
₿ cryptocurrency
ℹ️ help wanted
↔️ file sharing
⚙️ web extensions
✨ enhancement
❌ software removal
💬 discussion
🤖 Android
🐛 bug
💢 conflicting
📝 correction
🆘 critical
📧 email
🔒 file encryption
📁 file storage
🦊 Firefox
💻 hardware
🌐 hosting
🏠 housekeeping
🔐 password managers
🧰 productivity tools
🔎 research required
🌐 Social News Aggregators
🆕 software suggestion
👥 team chat
🔒 VPN
🌐 website issue
🚫 Windows
👁️ browsers
🖊️ digital notebooks
🗄️ DNS
🗨️ instant messaging (im)
🇦🇶 translations
No Milestone
No Assignees
1 Participants
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: privacyguides/privacytools.io#673
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Basic Information
Name: 1984
Category: 1) Hosting 2) Domain Registration 3) DNS
URL: 1984.is (or) 1984hosting.com
Description
1984 is an Hosting Provider, DNS provider and Domain Registrar. Based in Iceland. Has three core values: 1) Free Software 2) Security, Privacy and Anonymity 3) Freedom of Speech and Freedom of Expression. Absolutely no personal information required for registration. Hosting services include Shared, Managed and VPS. Domain registration comes with WHOIS Privacy by default. DNS service can either be used as primary or secondary server.
PLEASE CONSIDER AND APPLY IN ALL 3 CATAGORIES.
I find the provided privacy policy (https://1984hosting.com/GDPR/) ... interesting:
On tracking:
On disclosure:
I recently used their hosting. Upon registration they email in plaintext all the login details for FTP, email, database, ssh, etc. However, you create a login for the dashboard, which should be the proper place to access those logon details instead of via an insecure email. They also recently had a massive data loss, which was a PR nightmare for them since they didn't do proper backups. I'd be wary of adding them without further review.
Yes, they even sent me passwords in email. I have no idea why they still doing it. But they do have dashboard where you can change the password. Also the current status regarding 2FA is via Yubikeys.
Anyway, they mentioned in privacy policy that their method of site analytics doesn't try to identify anyone. That combined with paying in bitcoin, they will have no clue who the user is.
It's good to hear they are using Yubikeys for 2FA, but that is kinda pointless when the first thing they do is compromise the account by sending passwords in clear-text, which includes SFTP and MySQL credentials. This was reported to them back in March 2017 and seems it is still not fixed. I had also told them about some other issues, which I am not sure if they fixed yet. They included:
Agreed. Thanks!