New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Privacy Aware Providers
poorturkishguy
Member
in Requests
Hi, sorry for my English.
I practically live in a dictatorship.
We’re a small opposition group. We want to set up a forum.
We’re not doing anything technically illegal.
But in dictatorship, laws are practically different. When he says, “you’re illegal,” we become illegal.
So we have to be as careful as possible.
Which countries, which providers can offer us this confidentiality?
A small shared hosting will be enough to start.
If necessary, we can get the vps or dedi later in the process.
PayPal, g2pay, stripe and a lot more payment options in my country banned.
Digital coins can use alternatives such as method of payment.
Thx.
Comments
Switzerland providers are a kinda safe bet. Not only is Switzerland a very privacy friendly country but also its' authorities are not easily intimidated shall a request for your personal information be forwarded.
If you piss off wrong people, it doesn't matter where though.
U are gonna get probed in the arse regardless.
Therefore you need to piss off the right people.
you can pay with stripe and g2pay in turkey
If you really fear the government, you'll need to operate very carefully.
First of all, don't do anything related to your forum without a layer of anonymisation, preferably Tor. Ideally, you operate the forum from a PC or laptop running a anonymity-focused operating system like Tails or Whonix (within or outside of Qubes OS). You're current operating system could already be compromised and is a potential operational security threat.
Second, might your group members be at risk by using the forum? If so, they'd need to protect themselves too. Ideally, they'd use an anonymity-focused system too, but this could be tough, especially for non-techy people.
In my opinion, you can either buy a server or shared hosting from a Swiss or Icelandic provider (both countries are known for not easily giving away information to non-domestic authorities) which accepts Bitcoin (or any other anonymous currency) and doesn't require a valid post adress or any form of verification, or from a onion-only provider which doesn't expose your website to the clearnet.
If you're group members are at risk when using your forum, I recommend buying shared hosting or a VPS from an onion provider (do some research on the provider because there are plenty of scams on the darknet). Users will only be able to access the site using Tor and therefore are forced to protect themselves using the Tor browser, which is really easy to install and use.
Accessing a server through Tor is a lot slower than through the clearnet and the domain name will be 16 non-mnemonic characters long (like avhdcnreshhrsswx.onion), but, as you said, you need to be as careful as possible, and this is probably the most ideal way to do so without teaching everyone an OPSec 101 course.
If only you're at risk, it should be enough to buy a server or shared hosting from a Swiss or Icelandic provider. You can find a pretty good list of those providers here. Pick one who accepts a cryptocurrency and neither requires a valid adress nor any kind of verification, and buy your server anonymously, at the very least through Tor.
I also recommend you to read more about operational security to be able to properly protect yourself. And don't use a VPN, there are detailed explanations why. One, very oversimplified reason: You need to fully trust your VPN provider, and trusting an unknown, non-verifiable entity isn't a great idea when you're freedom is at risk.
A kitten has been murdered.
The government funded TOR.
Nothing you can do will help.
The reason and the potential solution are not technical but political. Translation: There is only one type of dangerous opposition group a dictatorial regime really hunts and persecutes: the ones that are controlled, financed, and supported by certain countries. Those groups do get all the necessary technical means and tools needed and usually need not worry about being caught and prosecuted. All others, like you, are meaningless but have one advantage: typically the government doesn't care much about them. So just get pretty much any VPS outside of your country and keep it reasonably secure and you should be fine. Actually chances are good that the dictatorial regime simply considers you as useful for purposes of democracy simulation; of course officially they dislike you.
Btw, aren't you the guy who occasionally comes up here with some kind of "we have to live in fear and need advice" story?
If you're up against the U.S. government, TOR won't be a safe solution. But if you're up against a government without any participation in U.S. involved espionage programs and your government doesn't have a tight diplomatic relationship with the U.S., TOR is probably one of the safest solutions available. And Turkey definitly doesn't have a tight diplomatic relationship with the U.S., nor with any country part of U.S. involved espionage programs.
TOR still has inherent weaknesses but since turkey isn't in the EU (yet) it's probably better than plain text.
Better use services from Icelandic / Swiss providers..even exoscale is good if you ask me
If you decide to get a VPS instead of shared, check out serverastra.com in Hungary.
Turkey is more EU than most EU countries.
Mogherini checked and can confirm this:
What we need is Lowendnation.
We offer private servers located in Switzerland (dedicated and VPS) and accept Bitcoin.
Oh, let me guess:
The taxes would be unbelievably low, and the citizens would always complain that they don't get the expected first class treatment, and that they should be entitled to free mansions for the 86,38 LET Dollars they pay per year.
The cops would be relatively relaxed, and sometimes be seen smoking pot behind dunkin donuts. It would be the nation with the highest percentage of people with tourette syndrome. Lazy graffiti would be rampant (mostly just "the end is nigh" scrawled with black marker). People would yell at each other all the time as if it was New Jersey. But unlike New Jersey, surprisingly, the nation would have one of the lowest rates of violent crimes in the world.
Chinese tourists would often play a little game with the locals: they walk into a store, buy something, hand over the money, wait 1 second for the clerk to hand over the product, and if he/she takes longer, quickly grab the bills out of the clerks hand, run away and shout "yu slow! yu flaud! yu vely shitty shop!" and be never seen again.
Everyone one knew that he top politicians were corrupt to the bones. But since they mostly stay out of the way, and let the relaxed cops run the country, no one cares too much about that. Who needs IPv6 anyways?
Damn, lunch break ended 25 minutes ago! Now I need to procrestinate even faster!
On topic: 1984hosting.com in iceland might be suitable. They host for example autonome-antifa.org since 2010.
https://autonome-antifa.org/?article199
https://1984hosting.com/about
And as others already said: care about your OpSec! Don't just rely on the host or bitcoins or whois protection or VPN! It's great when it seems you can trust the host 100%. But that doesn't mean you actually should. Never let anyone be able to connect enough dots to trace your real name. Keep things seperate! E.g. don't use the same "anonymous" virtual CC that you used to pay the hoster, for ordering physical goods to your door. Don't use the same e-mail or nickname for harmless legal stuff and then later for the illegal stuff (silkroad anyone?). And so on. Good luck! Be smart!
Ideally, if you want to be
100% safeas safe as possible, follow @rsyncs and @that_guy advice. Additionally, use Cloudflare.However, we are based out of the USA, but will not share any information with any government authority, including our own without a warrant. We won't hand out that information to other governments either, unless they first go through US state department and justice department and we receive a federal order to comply.
We accept multiple cryptocurrencies as payment.
https://www.spryservers.net/legal/privacy
[Edit] I said 100% safe, but I feel I should correct myself. There's no such thing. As safe as possible is what I should've said.
I kept still quite patiently but now that even the "wisdom" of "use CloudF%&' !" is preached, I'll leave a couple of words.
Don't use any x86 or Arm processor that is younger than 10 years; beyond that there is not security but at least a reasonable chance.
Also don't use Windows, any Linux, xBSD, let alone Android, I-whatever. Why? Because NONE of those is even reasonably secure. All of them are riddled with thousands of vulnerabilities and probably some intentional backdoors too. The same goes for basically any major software (servers, clients, no matter the protocol).
A propos protocol: do not use any "secure" messenger either. Some of them (directly or indirectly) come from intelligence agencies anyway, most have questionable crypto (algorithms and/or protocols) and afaik none of them has been written in a language that would allow or even support producing safe software.
Also never communicate from your home or office or other places that can be associated with you. Because, you see, using xDSL or other wires is not anonymous and to make it worse, you have no control over the SLAMs and other provider equipment.
So, at the very minimum, build a Risc-V (or a weird Mips) based "laptop", and use an exotic OS (no GUI, sorry) and some self built reasonably secure com software and tunnel you com through something normal looking (https is a good candidate) and distribute that whole package to your peers. Then use that only over ever changing publicly accessible Wlans, preferably in crowded places.
And yes, to come to that point will require more than 10 (or 5 - 10 if you are very smart and already have some basic knowledge) years to begin with.
Not that it would be really secure but at least it wouldn't be blatantly bloody unsafe.
Think! What makes you believe that you can achieve, and using easily available and cheap hardware and software at that, what government agencies with some brillant experts and billions of $ reliably fail to do?
And please, pretty please, no more "use CloudF&%§#", "use Tor", "use telegram" wisdoms.
Check this site https://www.privacytools.io
Lot's of good stuff. Including hosting/vps.
I agree.
With most points.
Good compilation.
Just use cloudflare
It is hard being at high school in Birmingham eh, everyone wants to know what is in your pencil case... (do kids still have pencil cases?)
Try Moldova.
/s
You should have said Inbetween the cases' clasp, mate.