New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Hetzner Location Dilemma for privacy
SomeOrdinaryGeek
Member
in Help
Hello dear people at LET
I've heard about Hetzner and their very good prices and I would like to get a VPS from them. Problem is I don't know which Location to choose. Privacy is my biggest criteria but does VPS location actually count when talking about privacy ?
Thank you in advance for reading
Comments
Hello,
Where is your location ? Also, what do you mean about privacy ? Of course, every provider will keep customer privacy
Belgium. And I mean data privacy on the server itself.
Hetzner have wayyy too many servers to go pulling and peeking at every disk.
If there's a proper warrant, they'll pull the disk and hand it over to LEA. They are subject to German jurisdiction in all DCs AFAIK.
Use block-level volume encryption like LUKS if you don't want data leakage by 99% of the usual methods.
Thank you for your advice @vimalware
If your content is fishy, Hetzner is the least subject you need to worry about.
If not, you are not important and they won't bother.
https://www.lowendtalk.com/discussion/153101/hetzner-server-hard-disks-confiscated-amtsgereicht-stuttgart
The server is mostly an email server and VPN. It shouldn't be an issue
It shouldn't.
Just don't expect any host to resist warrants.
Now, this isn't directed at you, but kids, even "DMCA-ignore" hosts won't resist warrants. Keep that in mind.
If it's an email server the network traffic's privacy will matter more than the disk's.
I think the OP don’t get difference between privacy or piracy? As the company is based in EU and all companies follow the GDPR! As for piracy I don’t think it’s legal in EU!
In Germany your data is under jurisdiction of German authorities,
In Finland with Hezner it's under both German and Finnish ones.
Bavaria, where Hetzner is located, basically turns itself into a police state.
Some even call it the Stasi returned.
They basically are now allowed to listen to phone calls, chats and even can do perform online searches with a warrant.
BUT these measures can be used now preventively, before anything happens, not just after something happend. Also, it depends on judge, how easy it is, to get on a warrant, some judges just give them out without checking anything in detail, which is really bad.
People already sue against it, we will see if they take it back.
You should find a lot on google about it.
What you describe is essentially every first world country and what every third world country government aspires to.
Unfortunately this is the world as of ~2010. Germany, Finland, doesn't make much difference. If your worry is the five eyes, you already have more to worry about than which country your server is in.
The fuck no? This new law is deeply involved in people's fundamental rights.
Did I mention, that they can just detain you forever, for basically no reason? since this law passed.
No idea how you can call that "normal", just because French and some other european countries passed such laws, does not mean Germany also need to pass such laws.
UK can detain you indefinitely for refusing to give your password. Every first world country has the capability to snoop on private phone calls as you mentioned in your first post. Bavaria - as with the rest of Europe really - is practically no different -- this intrusion of privacy exists in basically every first world country (and third world countries may be even worse -- and if not, they may aspire to be worse), and the lack of action post snowden shows it will probably continue, unfortunately.
We'll be right back..
Yea, you gave them a reason, I spoke about without any reason.
Yes, we know that they have the capability, I was not speaking about that.
The point was, that how and when it can be USED, not if the capability is there.
This law, just made it LEGAL to use it, without any reason on you.
That was my point, nothing more.
If you encrypt your emails, disable logging, and use secure connections, it will be difficult to spy on you by just looking at your files/traffic.
https://duckduckgo.com/?q=we+kill+people+based+on+metadata
Love Metadata.
Encrypted email storage, no logs, and secure connections also protects the metadata.
No, that's not how it works.
I do not ignore DMCA and routinely trash warrants from Singapore, HK, RU, US.... i do not host in this countries and the actual location enforces only local court orders... so....well...
Also remember Voxility in it's old form, Ecatel, Nforce and Leaseweb before and notably OVH - All EU, all dodged orders not issued in their own country or another EU one or still do so (notably again OVH).
They cannot, DE is still EU after all. Even life in jail is by now not really legal anymore.
Also keep in mind you can be held in Untersuchungshaft for Flight or Manipulation risks - Flight risk is enough to have a second passport, Manipulation if the gov wants to. Generally the length is not directly limited aside of the.. 20 years for life... the only difference is it will be either subtracted from a jail sentence if issued or you get some cash per day spent.
Downloading and especially Streaming is not illegal in many countries yet, mostly only upload - if they care. Germany is in the middle, with streaming de facto legal and downloading de jure illegal. Streaming caches (chunk) data local but as this is not user intended or a full file (mostly) which is "downloading" yes but the law is not really adapted for it (yet?).
A VPN provider is also protected as any ISP by the TMG (Telemediengesetz) and not liable for user traffic. Does not protect from jail until proven if they want to though.
Well, UK also sends it's own citizens to other non-EU countries for prosecution, they are absolutely not in any way an example for general EU law direction, they are the exception in many things.
Define "Metadata" because TLS will prevent the usual meaning when talking about email - namely the actual mail headers. With TLS you get time, source and dest IP/Port and that's... it.
Notably German BND cannot legally dump all traffic inside Germany and they should still have some limitations when working inside Germany, but nowhere near as strict as eg. the US (CIA) has (on paper at least).