Leaving the GAFAMily

What is GAFA(M)?

This is the name given to the services offered by the tech giants: Google, Amazon, Facebook, Apple, and sometimes Microsoft. Why do these companies get grouped up and named like this? Because they all have a common issue: they trade technology and convenience for their customer’s privacy and/or unreasonable amounts of money. They are a bit like a hydra: many heads of the same beast, and it is difficult to escape.

If you ever get bored while reading, just skip to the “how & where” section.

What is de-centralization?

It’s not just the latest buzz-word, it’s actually an old concept. To understand de-centralization, we first have to understand “centralization”. It’s just what it sounds like, it means everything is in a “center”.

What does this mean? It means that GAFAM has the information for everyone who uses their services. This is what they want.

De-centralized is just the opposite. There is no single “center” that has all the information for everyone. Instead, multiple servers talk to each other.

This may look scary, but you only have to worry about this:

You talk to your server, and it worries about talking with your friends. In this arrangement, each server only has information for its own users. It also means you get to choose which service you feel comfortable with using, instead of being forced to use the same central server as all of your friends.

Why and when should I leave?

“If you are not paying for a product, you are the product”

How would you feel if the Federal Postal Service read all of your mail and sold copies to anyone who wanted to know more about you? Your bank statements, your personal medical information, everything. Well, that’s basically what GAFAM does.



You may say, “But they say they won’t do anything bad with it.” Ok, maybe they won’t. But what if they have a data breach and some people with bad intentions manage to get into that same profile of information? It is no longer just being used to show you advertisements, it is now being used to steal your identity, or even send people to your front door because they don’t agree with something you said. There is no good reason to give all of this information away, or to let other people create such a profile about you.

A common response is, “I know it’s bad, but what else can I do? I don’t know about computers and servers and all the providers are doing the same bad things…”

“There is nothing new under the sun”

Ecclesiastes 1:9

Whether you are religious or not, this statement is still true even though it was written nearly 3,000 years ago. What does this have to do with GAFAM? GAFAM did not invent e-mail, chat, social media, or just about any of the services they offer. They simply package it in an easy-to-use way for their users, while also making it so they can gather as much information as possible about all their users.


Many of the modern chat platforms today started out by using the XMPP protocol (started in 1999 by Jeremie Miller). This is a free protocol that is intended to allow everyone to manage their own data and talk to everyone. It is similar to e-mail: only your e-mail server and the receiver’s e-mail server can see the information. It does not need to go to a central server. By nature, it respects your privacy. GAFAM have taken this free and secure technology and weaponized it against their users, while enticing them with a “free” service.


You can read a nice summary of the technology here, but basically, it was invented in the mid 1970’s and has not changed significantly since then. Only the appearance (interface) has changed, as well as improved security as the internet becomes a more and more dangerous place.

“The Cloud”

There is no such thing as “The Cloud”, it’s just someone else’s computer

There is no magic in “The Cloud”. There is no magic in an iPhone. They’re all computers using silicon chips.

Before computers were readily available, there was a thing called a “mainframe”. It was a centralized computer that only the biggest companies could afford, and they rented out “computing time” to others who wanted to use the services. Sound familiar? The main difference with the cloud is it’s not one gigantic computer, it’s a group of computers working together; this is more of a evolution in server architecture than the revolution that GAFAM like to pretend it is.

Again, GAFAM has convinced everyone that “the cloud” is a big new thing that is difficult and best for you to not worry about.

Why should you leave? Because you are trading all of your privacy (and security) for technology that is free, and costs GAFAM less than $1 a month to host for you. Is your personal information and privacy worth more than $1/month? I think so…

So, when should you leave? In my opinion, as soon as possible. It is never too late to fix, and it is not as hard as you might think!

How and where do I leave to?

Unfortunately, privacy used to be an assumption – but that is no longer true. The first part of “How”, is that you have to decide if you are willing to pay for your privacy. GAFAM is offering you “free” services, and selling your information to cover their minimal costs and keep the rest as profit. How much is your privacy worth?

The good news is that there better (and mostly free) alternatives. How to leave is first to find a replacement for each thing that you are currently using. You can see more about the specifics in this post.

Free Alternatives

Yes, I know I just got done saying that nothing is free. However, there are some people who desperately want to stop GAFAM and who spend their own money to help others leave. While there are many, I will list two good options.


☑ Chat☑ E-Mail☐ Social☐ Files
☑ Webchat☑ Webmail  
 2 GB  

This service is hosted in Germany, which enjoys strong privacy laws. It is operated by a single person who accepts donations to keep the service running.


☑ Chat☑ E-Mail☑ Social☑ Files
☑ Webchat☑ Webmail☑ Diaspora*☑ Nextcloud
 1 GB 2 GB

This service is also hosted in Germany, which enjoys strong privacy laws. It is operated by a group of people who accept donations to keep it running, and also offer additional storage for a reasonable price.

If you look at these numbers, it is about half of what Google offers for free (5 GB between pictures and e-mail). Dropbox offers 2 GB just for files and Box offers 10 GB just for files.

How much space is 2 GB? It’s enough to share some pictures or files, but it’s not enough to keep all of your information available everywhere.

Paid Alternatives

For e-mail, unless you’re wanting to go to the next level (encrypted e-mails, hosted in a privacy protecting country, etc.) then there’s no reason to look further than the free providers listed above.

For file storage, Dropbox currently offers 2 TB of storage for $10/month if you buy it for a year at a time. This is a competitive rate, but I don’t know anything about their privacy, and it’s just for files. Box offers just 100 GB for $10/month.


If you start to add up the costs, $10 for 2 TB of storage, $10 for private e-mail, and so on, you will be at $30/month very soon. For $30/month, you can have your very own server with more than 2 TB of space, unlimited e-mail addresses, etc. Also, you can share this with your family.

The simple approach is to simply get Nextcloud (either rent it directly or host it yourself). The only extra thing you will need is e-mail, which you may be able to get from a domain name provider. Nextcloud has basic modules to access webmail and run a basic chat service.

The next level up is to use Nethserver, which has easy-to-install modules for Nextcloud, a mail server, and XMPP chat.

A good and cheap provider with large storage options is Hetzner.

Installing Nethserver

  1. Get VPS
  2. Get a Domain and point it (and MXE record) to VPS
    • Also point www.myDomain.com to the same IP
  3. Install unattended to make the default password easier and no extra users
    •  Make sure to remove the iso after the installation. If it restarts with the ISO in it will try to install again. Varies per VPS.
  4. Connect to: https://myDomain.com:980. Ignore the SSL error because we have not set up the certificate yet.
  5. Login with default user/password: root/Nethesis,1234
  6. Do the first config wizard to change your password, adjust timezone, etc.
    • Note, that none of the settings (including the password) will happen until you finish the wizard.
    • Set your host name as www.myDomain.com
    • If your provider does not allow sending e-mail directly you will need a Smarthost
  7. After the wizard, it will complain about the DHCP for the network adapter depending on your VPS. Ignore this.
  8. Go to Configuration > Server Certificate
    • Add an SSL cert by uploading one you have or getting one through Let's Encrypt
    • Click the v next to "Upload Certificate" and click "Request Let's Encrypt Certificate"
    • Add your e-mail in, also add in the following domains:
      • myDomain.com (without the www)
      • mail.myDomain.com
      • conference. (for chat)
      • pubsub. (for chat)
      • sms. (for chat)
    • Once it finishes, set it as Default.
  9. Refresh the page, the SSL error should be gone now. Now let's get to installing modules!
  10. First, we need to have a way to manage users. So we will install a local LDAP server
    • Click on Management > Users and groups
    • It will prompt you for LDAP or Active Directory. Select LDAP.
    • Select "Install Locally"
  11. Go to Administration > Software center
    • Install packages ONE AT A TIME. Installing all at once can cause it to crash
    • E-Mail
      1. It is recommended to enable DKIM Signing
        1. Configuration > Email > Domains > Update myDomain.com by adding a TXT record with the host as suggested in the DKIP. Copy the key as the value
    • Instant Messaging (Jabber/XMPP)
      • Configuration > Chat Server
        • Enable Administration Web Interface (we need to add a user to jabberadmins group)
        • Enable federation (S2S) if we want to be able to connect to other servers
        • Enable Additional Modules > Message Archive Management (mod_mam) if we want to store message history
    • fail2ban
      • This is for extra security
    • Webserver
      • No additional modules. Just for managing virtual hosts
      • Now you can go under Management > Virtual hosts to manage subdomains
    • Nextcloud
      • This will set up Nextcloud at www.myDomain.com/nextcloud
      • By default, it will have an issue if you access it without www.
      • Need to update trusted domains in Nextcloud

These steps may be a bit out-dated now that they are moving to their new Cockpit based admin page.

Migrating E-mails

As I said, there is nothing new about most of the technology being offered by GAFAM. Most e-mail providers are using IMAP for e-mail storage. Because of this, migrating is really easy.

You can work with an MBOX backup from Google (you can get all of your Google data from Google Takeout)

  1. Install the Import/Export plugin for Thunderbird if you want to use MBOX files.
  2. Import the data from MBOX into your local Thunderbird
  3. Copy/Paste e-mails from one folder to another
  4. That’s it!

With Thunderbird, you can also copy e-mails directly from your existing GAFAM provider into your new e-mail – whether it is hosted through someone else or on your own server.