Ask Slashdot: Where Are the Complete Hosting Providers?

Kludge writes "In 2000 there were thousands of email/web hosting businesses. In 2013 not much has changed. To get my email/web/webmail/domain/VOIP/public-key/XMPP/VPN hosting I have to deal with five different service providers. Where are the complete hosting providers? The absence of competition in this area drives many to Google, making data siphoning easy for the NSA. Why has hosting not advanced in the last 10 years? Where are the hosting providers that make end-to-end encrypted email/web/VOIP/XMPP easy and automatic for all my clients?"

Re:Managed servers

[girlintraining]

In other words.... Where can I purchase a car with all the amenities of the high end Rolls-Royce, for the price of a Civic?

You steal the Rolls-Royce. Hundreds of millions of computers right now are part of one kind of botnet or another because botnets offer everything the poster is looking for. There are websites out there where you can purchase the resources of the botnet for cheap; Just gotta know where to look. As a bonus, they also offer a degree of anonymity and resistance to the kind of tracking the author is apparently worried about. If you want to be resistant to a search and seizure by a government, I can think of few things better than a massively decentralized, worldwide network with millions of potential servers to shift your data around within.

Re:Moar tin foil!

[istartedi]

Yep. When I was a kid nobody* had a computer. Then for a while people had computers but little or no connectivity. Then everybody had a computer and fast connectivity.

During the sneakernet era you had computing ability, but if they wanted your data they'd have to get a warrant or ransack your office illegally.

If keeping things away from the NSA is that important, go all 1980s on your selves. It really wasn't such a bad time for most of us. Swapping floppies in person was actually kind of fun. There were no government agents at swap meets.... that I know of, LOL.

*The term "nobody" means no ordinary middle class household or small business. Yes, I know NASA and big companies had computers when I was a kid. "Nobody" is being used in the loose, colloquial sense here. The standard disclaimer about not inferring the ridiculous also applies. This includes casting a loose net over the definition of computer so as to include devices such as the abacus, or employees with "computer" as their job title and mocking me for implying that I'm older than written history. The standard disclaimer also applies to the text of the standard disclaimer.

Re:Moar tin foil!

[girlintraining]

During the sneakernet era you had computing ability, but if they wanted your data they'd have to get a warrant or ransack your office illegally.

Neither of which you'd necessarily be informed of. There's two ways to approach security; tamper-evident, and tamper-resistant. Everyone is focusing on tamper-resistant right now to deal with the NSA; "How do we stop them?" ... Have you noticed nobody is asking the question; How do we detect them? Sneakernet also had the benefit of being tamper-evident... if they broke down your door, you'd come home to a broken door. It'd be pretty obvious that something was up. Legal or illegal, when you physically search a property, you leave evidence behind that you did so. However, much of the technology the NSA is using doesn't leave any proverbial fingerprints behind.

Re:Moar tin foil!

[Tom]

Do you guys honestly think, for one second, that you can hide from these guys if they really want you? Any of you?

The qualifier is "if they really want you".

You can't hide from the NSA unless you're a government entity yourself. If I were to head the Iran nuclear program, I'd give it a try.

However, you can hide from the NSA dragnet, because it's not targetting you specifically.
So if you use any of the big e-mail providers, you can be 100% certain that a backup copy of all your e-mails exists somewhere in an NSA database. But if you run your own mailserver, the mails that you exchange over encrypted channels with someone else who also does that have a chance of not being caught by the net, not because they couldn't, but because the world is huge and even the vast NSA resources are limited.

The problem with the submitters concept is that as long as you roll your own, you can slip through the net (but never count on it, it's a probability like all things in IT security). But as soon as someone sets up a "secure hosting provider", he'll become a target. And the bigger it gets, the higher the chance that the NSA will expand some resources to penetrate it.

So it's not a viable business concept, and thus it doesn't exist. Of course, someone will make the claims, because scam is always a viable business concept.

Re:Ummm

[camperdave]

I agree TFA has it wrong - there is a lot of competition going on all the time and the large amount of services that exists are good for most of us.

Plenty of competition in marginal profit realms leads to a string of failed startups. How do you know the provider you choose is going to last?

The answer is in the post.

[Kludge]

What actually is a complete hosting provider?

A close example is Google. Google provides email, web, webmail, domain, XMPP, VOIP, all available from a single gmail login and manageable from a web interface.
No, I do not want to just rent a server from someone else, and set up and manage all this stuff myself. I want to pay for it, but I would like some competition, I do not like to send everyone to Google.
I realize that not every client will need or want all these services when I first set them up. Some clients will only use half the services ever. But having them easily accessible to the customer from a single provider if/when they need them has real value.

Re:The answer is in the post.

[Xest]

But what happens when a client wants half those services plus some others that aren't supported?

What services exactly do you deem to fulfil the criteria of being complete? What if someone wants an IRC server instead of XMPP?

If you really mean what you say then you can pay for it, if you don't want to set it up yourself you can hire someone to do all that for you and provide the arbitrary set of services and develop the bespoke software you need to integrate it all.

But what you're really saying in essence is "I want a bespoke easily managed server setup with integrated login, but I don't want to set it up myself and I don't want to pay enough for someone else to do it, I want it to be free like Google, or cheap". This isn't practical, Google can only offer what it does because it has a massive data mining operation and ad farm sat behind that to monetise it.

Contrary to your assertion otherwise, there is competition too, there's Microsoft with it's Office 365, Outlook.com and Skype offering but again they can only offer it because they have a massive amount of resources to do so and can monetise it through ads and data mining and tie in to their other offerings and it's not entirely free anyway - IIRC Office 365 is subscription based.

So again what exactly are you looking for? Seemingly you want to move away from Google because you don't like the NSA revelations, the data mining, or whatever else. You wont want Microsoft for the same reasons then I would guess given that it's at least as supportive. There's no business in anyone else doing it without that data mining operation behind it because no one will pay what it would cost then, most are happy to put up with the mining and ads if they get their stuff cheap or free. So the only option is for you to offer bespoke to your clients, but bespoke costs, and you don't want to set it all up yourself so you need to up the costs by hiring someone else but I'd wager you don't want this either?

What exactly is your position? it doesn't seem to make any sense. It sounds like you want to offer all in one services to people (clients?) but you don't want to actually do any work to earn your money from them. It sounds like you want to get a client and give them some turnkey bespoke solution, but a bespoke solution that you neither want to spend the effort to create, or presumably pay someone else to create. Are you asking to just make money as a middleman without putting the slightest bit of effort in to adding value to that position? That's what it sounds like.

If you are willing to pay someone else to do it then ask any number of bespoke software development houses. It's not going to be cheap though which again is going to return you to the question of whether there's even a business model in it, and if you return there you'll probably have your reason as to why no one else is doing it because you're again going to be outcompeted by Google's ad supported model.

I suspect this isn't the answer you wanted, but does it give you the answer you were looking for?