Categories
Announcements

Charter Second Maintenance Attempt

Charter (Spectrum) has notified us they’re going to try maintenance again Thu 6 Dec 2018 12:00 AM – Fri 7 Dec 2018 6:00 AM with a claimed 240 minutes loss of service during this timeframe.

Since the previous attempt went extremely poorly and resulted in 57 hours loss of service, we can only hope their maintenance group is prepared for this second attempt. We will provide updates as necessary.

UPDATE 12/6/2018: Charter (Spectrum) tried to migrate our circuit again, and now IPv6 is broken due to BGP failing to establish.

UPDATE: Charter (Spectrum) IPv6 BGP was finally restored on December 10 at 22:01.

Categories
Announcements

Recent GDPR Stuff

Since everyone has been posting GPDR updates, we should probably say something about it too.

In a nutshell, Roller Network has never collected or used customer’s personal information. We do not require any personal information to set up an account beyond an email address, and we have never monetized any information. We’ve never had any advertising hooks in our systems whatsoever. We do not have any third party affiliates and we do not engage in data sharing. Information required in the account control center to use a specific service is limited to the scope of that service, and anyone can readily add or delete information as they see fit using it. Realistically, we’re a small company and don’t care about “big data” analytics.

On our colocation side of things, because we don’t offer “cloud” hosting services, our systems do not contain customer data. That’s one major benefit of colocation over cloud: your data and your hardware is yours, it’s not subject to the whim of a larger companies’ policies which – and be honest – can’t to be in your favor because they need to track and monetize your usage very closely.

We also don’t have a default contact preference when signing up for an account: an account can’t be created without choosing one of the three contact options. This means we can be 100% sure that everyone’s contact preference was made intentionally. There’s no check or uncheck the box with confusing wording kind of trickery here that other companies engage in so they can share your data with third parties.

Ironically, we do occasionally get complaints about having to pay for services or why our free accounts are slowly going away. This is why: because we don’t have anything except customers paying for services. For anyone who does want their personal data shared and monetized to get “free” services, Roller Network is not the place for that, and we’re not planning on changing that.

What we have done is enabled some cookie warnings since it’s harmless, and annoying at worst. We’re also no longer using Google Analytics on our main website and removed the Facebook integration from the Newspipe. We will continue to use Twitter.

Categories
Announcements Q&A

Mail Mirroring as “Email Insurance”

On a semi-regular basis we receive a call or email for help because something has happened to someone’s email: messages were accidentally deleted, their mail server had a config change and rejected everything or accepted and silently discarded messages. Although we do maintain disaster recovery backups, we charge for staff time hourly to try and find and restore a few files without any guarantees to how far back we can look, and that’s only for IMAP; with POP3 the client can remove messages as they are received which never make it into a backup window. Then there’s the SMTP queue: the queue is constantly changing, but since we’re not secretly storing copies of messages just in case, there’s almost no chance to recover anything. In the end, the messages are gone and there’s no simple way to recover them, if at all.

That’s where the Mail Mirror feature comes in. included with every account. A mail mirror uses hosted mail boxes to store copies of messages that pass through our system. Mail Mirror allows you to define addresses or domains to “mirror” to a hosted mail box by storing a copy for backup or emergency access purposes. It uses the independent storage of a normal hosted mail box, which is not affected by the constantly changing mail queue. Once a message goes into a mirror it remains there until it expires based on how long you configure it to keep messages or is manually deleted by logging into the mirror box. This way, a mirror is self-maintaining and won’t keep growing in size. Mail Mirror is available to all accounts and only counts as hosted mail box storage, but for it to work it needs to be enabled before there’s a problem, not after.

Mail mirroring works with all types of mail configurations. You may never need to access your mail mirror, but just like insurance, it’s there just in case.

We’ve also posted a topic to our forums for any questions or discussion on this feature: Mail Mirror – A Helpful Safety Feature

Categories
Announcements

Fraud Alert: Telerus Claims to be an Agent

Today we were notified by a customer that they were contacted by a company called Telerus who claimed to be an agent for Roller Network. We have not engaged Telerus for any services, nor does Telerus have any agent or resale agreements with Roller Network.

Telerus is NOT an agent for Roller Network, nor affiliated with Roller Network in any manner. Any claims otherwise are fraudulent.

If you are approached by Telerus claiming to represent Roller Network, we recommend declining to proceed; otherwise you risk falling victim to a scam or other fraud.

Categories
Announcements Changes

Migration to HTTPS and Why HTTPS Everywhere

We’ve recently migrated all of our sites to HTTPS. The account control center and webmail will continue to use Extended Validation certificates like they always have, while everything else will now be using certificates from Let’s Encrypt.

Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit. This helps create a more secure and privacy-respecting web.

Why HTTPS Everywhere?

Recently there’s a lot of buzz about moving to an HTTPS-only web. Previously, the cost of obtaining lots of HTTPS certs, having to manually install them, renew them, and pay fees for them discouraged using HTTPS unless needed. Let’s Encrypt solves many of those problems. Deploying HTTPS does take a little more effort, but there’s another reason why you should do it even if you think your site isn’t really that important to go encrypted: to help protect your visitors from their ISP.

We’ve personally experienced content hijacking with Charter, the local cable provider in Reno, NV (that now likes to be called Spectrum but we’re still going to call them Charter). Charter, for example, will hijack HTTP requests on residential and business coax service to provide content other than what you’ve requested. This is not the same as DNS redirection. HTTPS not only protects your privacy, but encryption ensures that the content you’ve requested passes between you and the site in its original, unaltered form without being rewritten or hijacked by your ISP, in addition to preventing eavesdropping. This is also known as a “man in the middle” attack. References: here, here, here, and here (plus we’ve seen it ourselves on home cable).

It is our opinion that an ISP altering content is entirely unacceptable for any reason. The only way we can truly protect ourselves is with encryption, not laws or depending on ISPs to “do the right thing”. Read more at EFF: Encrypting the Web.