New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Whatever technology you use to prevent anyone from accessing your data, if there's physical access to your resources, you can say goodbye to your data's privacy.
Rule #0: you must trust your system administrator ultimately, or keep no servers at all.
Commenting original statement: yes, OpenVZ gives most easy access to VMs (containers) data/RAM. Switching to KVM and further to dedicated improves security. Just decide what adversary shouldn't access your data, to select proper option.
The truth is your entire upstream has access to your traffic flowing through them... it takes nothing special for them to peak at your traffic.
Indeed. Actually it makes more sense in a way. It's the same as meeting someone in secret in a really crowded pub or cafe than in a remote area. If you're hiding something, it might be better to hide it in the open.
I'd envision a solution where the data is split into multiple random pieces and distributed to a series of servers across something akin to tor nodes, assembled later with a key at your home pc.
Erasure coding + AES? You can do that with Tahoe-LAFS, or a dozen other similar systems.
It can be stored even in single piece in multiple copies, if it gets decrypted at a single (home) computer.
Any means of storage/transfer via encrypted media, provided there's no automated en/decryption, will do nicely.
He isn't on about protecting personal data. He is saying "How can i send email spam an provider not ever know or be able to prove content of emails so cant prove spam"
Notice how the question orginally clearly referred to exim
No, I am not going to send spam. Also, how would encryption will prevent this if you, as provider, can sniff the net? Or am I supposed to send encrypted spam mails so only the 10% arrive? Exim is an email MTA, it is secure, fast and easy, and widely used in all kind of services, so please do not accuse me of doing such a thing. If you can only use exim to spam is your fault, not mine.
I am looking for solutions to encrypt my INCOMMING email mainly. I am thinking for a solution cheaper as possible (thats why using VPS's) to provide privacy, nothing else.
Why if you are developing a pharmaceutical patent worth in millions and needs to email your workmates about this? What about if you are implementing a payment system that needs reliable bitcoin wallets woth in thousand dollars? What if you need to save the financial, medical or other nature information of your clients? I am trying to find the safest and cheapest solution, it is all about this, not sending spam.
Finally, I found out that there's no way to do this unless you trust in someone: datacenter, admin or something else, no matter how safe your system is, or how many thousand bits length encryption keys you use.
Just get a vps from a mature and trustworthy host. When you lease servers from people, you agree to their terms, and I would assume they have the right to check the server you rent from them for any violations. Most hosts normally write in their tos "we dont police our servers unless we suspect illegal activity".
Trying to prevent a host from checking your server for tos violations may be considered a violation of their tos, which could lead to termination.
Alternatively, you could get a budget PC from eBay for like $50 to host your own vps off your home internet connection. Just check with your isp since providers like charter/comcast forbid hosting servers from a residential account
oh, thought of one more, its kind of shady and would be very inconvenient to use, but if you are paranoid about privacy then go with Cyber Bunker
To quote their website....
"Mind Your Own Business: CyberBunker does not poke around on your servers. Customers are allowed to host any content they like, except child porn and anything related to terrorism. Everything else is fine. CyberBunker has adopted a policy not to mind our clients business. Our famous "Mind Your Own Business" policy."
Home server, protect with shotgun. Your only points of failure becomes:
1. Upstream.
2. The receiver.
3. Bullet supply.
I am sorry but the people here are not catching the concept: I don't want to rely on trustworthy or maturity, I do not want to have a security design based on that.
What if someone puts a gun on the head of the VPS admin? Will he be mature and trustworthy enough to die for your 15$/year VPS (or even for your 3000 $/month server)?
now that was funny, I think you are looking in the wrong place for admins dying while protecting a VPS, it's the low end market here.
if you want security there is a guy in the Netherlands, hosting in an ex-military bunker:
http://cyberbunker.com/
about hosting the server, it does not matter if you host it at home, because when Delta Force will break in, they will capture the server before you have a chance to get out of bed, so it is best to host it in a vault or something at home I mean, with an exploding mechanism, or well build your own bunker, I know some guys had a device with sulphuric acid put in above the HDD, and a panic button.
about the disk, luks is best I think, but it has it's flaws, the datacenter can image the disk but if it's encrypted well that leaves only the RAM, but anyway, they can install a special device on the motherboard to grab all the I/O etc
what you can actually do is take a lot of prevention measures, but 100% safe does not exist, because of the way it all works.
Sounds like you need to build yourself your very own datacenter.
Exactly. There are ways for the box owner to inspect the VM of any box under any virtualization technology. It is certainly very easy to do so with OpenVZ, but the only way you'll have a reasonable assurance of privacy/security is with a dedicated server.
Personally if its such important data, You ant low end boxing it. Simple as. Incoming or outgoing mail is still going to be plain text unless itsent sent to you in encrypted form which only your mail server can decipher.
This is why datacenters are bulletproofed an bomb proofed alot of time, As data security is up there, So owning a dedi on a locked rack you rent would be safest option, However you seem to want NSA style security for nothing you can explain would warrant such a thing, You just sound uber paranoid an you want to send email spam without being found out, Which is impossible.
And if you wanted to send clean emails With uber security, Client would be receiving email On your own server as you would be sending it to Otherwise when it hops providers its being snooped on. Rather than it going locally.
And if your deving something thats worth billions, Do what the rest do, the logical thing, Dev it offline an keep offline copys. if its patented doesnt matter if its leaked at all as its under patent. Err common sense.
your providing hypertheticals that do not apply to you at all, Rather than just saying straight reasons.
An sending email to clients ok, Make sure your all on same box an u control security, Otherwise mail server you send to or receive from has to be uber secure.
Take ur tinfoil hat off an get back on the medication. Cos if you have anything worth millions WHY The fuck would you put it on a VPS in first place, an Not self host it on a dedi .
To the OP:
Do you think your provider will just stay read your VPS?
I mean, that providers don't have time finding people's secrets. Just provision you the order, the rest is up to you. If you abuse, then provider may be required to take a look, but else no.
Once you communicate through a third party, then you have no real security. For example when you phone someone on you mobile or landline, the NSA or GCHQ will be able to pick it out of the air. In the old days, they used to tap the wires, now they can just listen to it and you will never know.
If you are this concerned, then use low tech, postal mail, not easily intercepted e-mail.
>
My 3 cents' worth:
(1) Best way to uber-secure your communications is to do away with email entirely and use a web based messaging system accessed over SSL, using public CA keys, not a self signed cert.
(2) Second layer of security - the one protecting you from your provider(s) snooping - would be to introduce client side encryption of content generating a one-time key/token then sent by the sender only to the intended recipient(s) (i.e. reader(s) of the given message), using a different telecommunications medium like SMS.
Definitely not. However, if my VPS is ever passed to Optimists In Black this way, they will be severely disappointed to see all the data of any value encrypted beyond recognition.
Glad someone said it. As if the only reason we do this is to watch what people are doing on hundreds or thousands of virtual servers. 99.99999999% of the time the last thing on the providers mind is wonder wtf you are doing. We have much better things to do and frankly don't want have to look at what you are doing. Even when you ask us to.
The ONLY and I really do mean THE ONLY TIME I want to look at someones virtual server without being asked is when they are interfering with other servers. Causing excessive load. Things like that. And when I do I generally don't look at what you are doing...just what is causing the problem. Most of the time it's a stuck process pinning the CPU at 100% which I don't even have to go into the server to see on OpenVZ. In that case I'll just reboot the virtual server and see if that takes care of it.
If not so obvious I will go straight to the message log which generally isn't going to tell me what you are doing but might give a clue what is causing the load problem. Even if I wanted to I don't have time to snoop around and see what you are doing.
How about rent a secure cage in a DC? can you lock the cage without giving DC Staff your key?
Another way of securing your email: PGP every email
Yeah, but good luck explaining and setting that up at all your email correspondents' end, too.
Like most of the respondents here, you are missing @lesti's point. The way I read this, he is not worried about you (the provider) snooping on your own initiative. His perfectly valid concern is a third party targeting him and persuading the provider, one way or another, to snoop.
@lesti: assuming they are determined to get you, or your data, rather, THERE IS NO WAY to secure your data in a virtualized environment. Period! No matter whether it is OpenVZ, KVM, Xen or what have you. Colocation (own locked rack or cage) makes things a little more secure, but for a really determined party, unauthorized access to your server is still very much possible. Running your own mini-datacenter in a secured location is your best bet. Outside LEB pricing to be sure, but not all that expensive. Following your overall theme here, however, this last is an invitation to said third party, which you seem to be concerned about, to visit YOU and persuade YOU to snoop, well... yourself. Sooooo, depending on whom you are afraid of here, suggest you give your own physical security some thought first. Once you have that well in hand, just place the server in close proximity and you are all set
Didn't the NSA get the PGP guy to turn over everything to them or go to jail, like the Lavabit story? Heard that the PGP has a NSA backdoor.
PGP is just an algorithm. Get your own private key and public key to encrypt things. It does not need a third party service. So there is nothing to turn over, unless they force you to give them your private key.
PGP it's not an algorithm, it is a program that uses differents algorithms.
If you are worried about PGP, just use GPG, then you can check if there's any backdoor isnce it's open source.
Back on topic, I just found out that "security-by-trust" or "security-by-vps's-admin-got-no-time-to-check" it's not a valid scheme, so I'll try to find a client side solution, like AES encrypted private keys that gets decrypted by some javascript function in the browser.
Providers will never just look at into a VPS unless there is abuse going on, if you're that worried maybe you shouldn't go with a VPS provider at all.
I think PGP is open source. Check its wikipedia item
There are persistent rumors that PGP has been secretly broken by the government. They surface like Elvis sightings. None of the above is true. I would not say the same about other products that are reputedly secure, but PGP is not one of them.
However, the user must understand what PGP is and what it does. For example, if PGP is used for email, then the message body is encrypted, but the source, destination, and subject lines are not.
To: [email protected]
From: [email protected]
Subject: Are you ready for the Bank holdup tomorrow on Main St. at 10:30?
-----BEGIN PGP MESSAGE-----
Version: 10.3.0.9060
qANQR1DBwUwD95/Asc+VkTABEACWnjoQAcQugQla0YwxakJH3pn6fCILcbRN1hwJ
60zD7MwN1YopbZFLQu+RJ7gtvJxlMPWslbUAxVUMSzWpaIbTAZ0NsgCQTDrC2xof
b8UVOdJXAdiITJNrj1spyBfizeV5lihZztkNTGsI0DvrbfzXX5GLpmnVKxBSEDWs
uKWbo/hYm806ivojuZkI8y7hzXAYMTdShc76pELSBqnHcBgCToZE0h013Ceu
=kWj5
-----END PGP MESSAGE-----
In another famous example, Nicodemo S. Scarfo (an organized crime figure), used PGP to encrypt his communications. The FBI could not read them, so they got a warrant to install a hidden keyboard sniffer on his computer. Once the FBI had his private key and the passphrase to unlock it, they could read his hidden communications. The FBI never broke PGP, they broke Scarfo's operational security.