Published on: November 13, 2024
In an age where privacy concerns are paramount and organizations seek alternatives to traditional, centralized cloud services, MaadiX is pioneering a different path. Founded with a commitment to user-controlled, open-source solutions, MaadiX empowers individuals and organizations to manage their own secure infrastructure without relying on third-party providers. In this SafetyDetectives interview, MaadiX CEO and founder Maddish Falzoni Gallerani, shares insights into how MaadiX has evolved to meet the diverse needs of its users, providing robust tools that prioritize data sovereignty and privacy.
MaadiX’s unique approach stands out in a crowded tech landscape. With a strong focus on adaptability, the platform continues to innovate based on user feedback and evolving digital privacy demands. Through intuitive features and a responsive support team, MaadiX ensures that even non-technical users can take control of their data in a secure, accessible environment.
Can you share the story behind the founding of MaadiX and what inspired you to develop a platform focused on open-source solutions and user-controlled clouds?
Several years ago, as part of Xnet—a digital rights organization of which I’m a member—I was involved in workshops aimed at activist organizations handling sensitive information. These workshops focused on building online campaigns, and I was responsible for introducing and explaining the available tools and how to use them effectively. Naturally, my primary recommendation was, “Don’t rely on third-party services,” especially those from large corporations with a history of disregarding privacy, which ultimately results in a loss of control over your data—and, by extension, the data of your community.
At this point, however, I often faced the same question: “Yes, that’s ideal, but what can I use instead?” Unfortunately, I had no satisfactory answer. At the time, I was managing the infrastructure for multiple organizations, and it became clear that a solution was needed. This realization led me to create a platform that could fill this gap—a tool providing essential online services like email servers, file sharing, VPNs, and collaboration tools, all at a low cost, easy to set up, and most importantly, designed to protect your data without needing to entrust it to anyone else.
So that’s how MaadiX was born.
What were some of the challenges you faced in the early days of MaadiX, and how did you overcome them to establish the platform as it stands today?
Once we decided to take on this big adventure, the first challenge was designing and developing a reliable architecture. Perhaps my biggest fear early on was getting stuck in a Gordian knot and potentially having to abandon the project. If you discover partway that the technology you chose doesn’t work, what do you do? You might have to go back, undo all the progress, and start again.
Luckily, that wasn’t our experience. We’re still using and endorsing that original architecture, and it’s only evolved from there. The initial structure remains the same, which is a testament to the solid foundation we built.
Financial resources are often scarce in a new project, and you run through them quickly, especially when profits are almost nonexistent in the beginning. We managed to secure grants and financial support to develop some features, which helped us avoid passing these costs on to the community. Our goal from the start was to make this tool accessible and affordable. Privacy tools, in our view, shouldn’t be a luxury.
Getting grants initially was challenging because those offering financial support need assurance that a project won’t fade away. But proving that early on is tough. Fortunately, it worked out for us in the end.
One of MaadiX’s core principles is enabling users to protect their data without relying on third-party cloud services. Can you elaborate on how this philosophy is embedded into the platform’s features?
MaadiX isn’t a service; it’s a tool. This distinction is important because, with MaadiX, we don’t act as your system administrator.
Unlike other solutions such as Protonmail, if you use MaadiX the mail server is installed in your own infrastructure, which means you don’t have to take anyone’s word about how it operates. You have root access to your server and can check everything directly. You maintain full system access, and your data, like emails in your inbox, is stored on a server that only you control. This is a significant difference compared to other online services.
This applies not only to email but to all other applications.
While you can use MaadiX on your own server, you also have the option to purchase hosting with us. In both scenarios, we don’t have SSH access to your server. Technically, we’ve designed a system where the installation process, or “installation recipes”—a series of commands and tasks needed to set up and configure tools—are initiated from the client’s side. This allows us to manage the provisioning without needing direct access to the server.
Security is a critical aspect of MaadiX, with tools like encrypted communications and VPN support. How do you ensure that even non-technical users can effectively leverage these features to protect their data?
The primary objective of MaadiX is to make the use of free software more accessible. To support this goal, MaadiX includes a control panel with a graphical interface that allows users to manage these tools effortlessly.
With just a single click, users can install many applications and, crucially, keep them updated with the same ease.
Having a well-configured setup without ongoing maintenance can quickly lead to vulnerabilities and security risks. To address this, the control panel, developed by us and installed on each machine that uses maadix, brings together the ability to apply all updates as well as to manage the data.
For instance, when you have an OpenVPN server installed, you need to create users. This can be done directly from the control panel, where you can also send configuration files that clients can easily import. Of course sensitive information like secrets should be shared separately for security.
Another example is backups. MaadiX uses Borg for backups, which are encrypted by default. The control panel enables users to mount and unmount these backups with a simple click, eliminating the need to access the terminal and manually run Borg commands. Additionally, the control panel requires users to save a copy of the decryption keys on another device, adding an extra layer of security in the event of a server compromise.
Through the control panel, users can also configure other parameters, such as enabling 2FA, adjusting the SSH port or setting up key-based SSH authentication, among many other options.In addition, we offer comprehensive documentation that goes into detail about the available options and how to use them, extending the knowledge and utility of each tool.
As privacy concerns grow and more organizations seek alternatives to traditional cloud providers, how do you see MaadiX fitting into this broader shift towards decentralized data control?
I truly believe that today, MaadiX stands as one of the most reliable solutions for organizations and professionals looking for privacy-friendly alternatives. This isn’t only due to the quality of the technical solution itself—our platform has been thoroughly tested and in production for many years, with numerous users already relying on MaadiX. We’ve learned a great deal from real-world use, allowing us to continually improve it.
Equally important, though, is our highly responsive technical support, managed by humans—not bots. For professionals who need fast, accurate solutions to their issues, this human touch can make all the difference.
We don’t develop applications ourselves. Our mission is to make existing applications and solutions accessible to users. Many of the applications currently available on MaadiX were added at the request of our customers and community, and we’re committed to continuing this approach.
Our goal is to build a tool that addresses today’s real-world needs, not just something we at MaadiX happen to like. We’re constantly adapting to the evolving needs of our community, and as a small project, we’re able to respond more quickly to these changes than larger entities. This flexibility allows us to stay aligned with the shifting demands of a privacy-conscious world.
Looking ahead, what are the most exciting developments or features we can expect from MaadiX in the near future, and how do you plan to stay ahead in the rapidly evolving tech landscape?
We have a well-defined roadmap for the coming months, which includes adding tools like Mastodon and PeerTube, enabling organizations to federate their instances with others. We’re also introducing options for Tor hidden services and support for IPv6. Recently, we added Cryptpad, too.
I believe the feedback we receive from the community is what helps us the most in continuing to offer a solution that stays relevant in today’s tech landscape. While we can’t predict everything that will happen in the future, we’re committed to adapting and evolving alongside it.