Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Avoid OpenVZ "snooping" - Page 2
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Avoid OpenVZ "snooping"

2

Comments

  • Whatever technology you use to prevent anyone from accessing your data, if there's physical access to your resources, you can say goodbye to your data's privacy.

    Rule #0: you must trust your system administrator ultimately, or keep no servers at all.

    Commenting original statement: yes, OpenVZ gives most easy access to VMs (containers) data/RAM. Switching to KVM and further to dedicated improves security. Just decide what adversary shouldn't access your data, to select proper option.

    Thanked by 1VPSSimon
  • The truth is your entire upstream has access to your traffic flowing through them... it takes nothing special for them to peak at your traffic.

  • @smooch1502 said:

    Indeed. Actually it makes more sense in a way. It's the same as meeting someone in secret in a really crowded pub or cafe than in a remote area. If you're hiding something, it might be better to hide it in the open.

    I'd envision a solution where the data is split into multiple random pieces and distributed to a series of servers across something akin to tor nodes, assembled later with a key at your home pc.

  • perennateperennate Member, Host Rep
    edited August 2013

    I'd envision a solution where the data is split into multiple random pieces and distributed to a series of servers across something akin to tor nodes, assembled later with a key at your home pc.

    Erasure coding + AES? You can do that with Tahoe-LAFS, or a dozen other similar systems.

  • Master_BoMaster_Bo Member
    edited August 2013

    @joelgm said:
    I'd envision a solution where the data is split into multiple random pieces and distributed to a series of servers across something akin to tor nodes, assembled later with a key at your home pc.

    It can be stored even in single piece in multiple copies, if it gets decrypted at a single (home) computer.

    Any means of storage/transfer via encrypted media, provided there's no automated en/decryption, will do nicely.

  • He isn't on about protecting personal data. He is saying "How can i send email spam an provider not ever know or be able to prove content of emails so cant prove spam"

    Notice how the question orginally clearly referred to exim

  • @VPSSimon said:
    He isn't on about protecting personal data. He is saying "How can i send email spam an provider not ever know or be able to prove content of emails so cant prove spam"

    Notice how the question orginally clearly referred to exim

    No, I am not going to send spam. Also, how would encryption will prevent this if you, as provider, can sniff the net? Or am I supposed to send encrypted spam mails so only the 10% arrive? Exim is an email MTA, it is secure, fast and easy, and widely used in all kind of services, so please do not accuse me of doing such a thing. If you can only use exim to spam is your fault, not mine.

    I am looking for solutions to encrypt my INCOMMING email mainly. I am thinking for a solution cheaper as possible (thats why using VPS's) to provide privacy, nothing else.

    Why if you are developing a pharmaceutical patent worth in millions and needs to email your workmates about this? What about if you are implementing a payment system that needs reliable bitcoin wallets woth in thousand dollars? What if you need to save the financial, medical or other nature information of your clients? I am trying to find the safest and cheapest solution, it is all about this, not sending spam.

    Finally, I found out that there's no way to do this unless you trust in someone: datacenter, admin or something else, no matter how safe your system is, or how many thousand bits length encryption keys you use.

  • @lesti said:
    I am worried about having an email server on some OpenVZ VPS. It is too easy to get your files checked and readed by the server admin.

    My VPS uses exim4 as MTA, also it uses TLS/SSL to protect against MITM attack, however this all is futile when your service provider can access your private keys files, that are stored in the VPS.

    Also, encrypt a disk partition with LUKS won't help, because the server admin could always search of dump throw the RAM memory of the server looking for the point where the information is about the get encrypted, and catch it before that happens.

    So, in a general approach, how coul you protect your information on a virtualized platform?

    P.S.: please avoid comments like "do you have something to hide?", "why do you want to do this?", "is your information so important?", etc.

    Just get a vps from a mature and trustworthy host. When you lease servers from people, you agree to their terms, and I would assume they have the right to check the server you rent from them for any violations. Most hosts normally write in their tos "we dont police our servers unless we suspect illegal activity".

    Trying to prevent a host from checking your server for tos violations may be considered a violation of their tos, which could lead to termination.

    Alternatively, you could get a budget PC from eBay for like $50 to host your own vps off your home internet connection. Just check with your isp since providers like charter/comcast forbid hosting servers from a residential account

  • @lesti said:
    I am worried about having an email server on some OpenVZ VPS. It is too easy to get your files checked and readed by the server admin.

    My VPS uses exim4 as MTA, also it uses TLS/SSL to protect against MITM attack, however this all is futile when your service provider can access your private keys files, that are stored in the VPS.

    Also, encrypt a disk partition with LUKS won't help, because the server admin could always search of dump throw the RAM memory of the server looking for the point where the information is about the get encrypted, and catch it before that happens.

    So, in a general approach, how coul you protect your information on a virtualized platform?

    P.S.: please avoid comments like "do you have something to hide?", "why do you want to do this?", "is your information so important?", etc.

    oh, thought of one more, its kind of shady and would be very inconvenient to use, but if you are paranoid about privacy then go with Cyber Bunker

    To quote their website....

    "Mind Your Own Business: CyberBunker does not poke around on your servers. Customers are allowed to host any content they like, except child porn and anything related to terrorism. Everything else is fine. CyberBunker has adopted a policy not to mind our clients business. Our famous "Mind Your Own Business" policy."

  • jarjar Patron Provider, Top Host, Veteran
    edited August 2013

    Home server, protect with shotgun. Your only points of failure becomes:

    1. Upstream.

    2. The receiver.

    3. Bullet supply.

  • I am sorry but the people here are not catching the concept: I don't want to rely on trustworthy or maturity, I do not want to have a security design based on that.

    What if someone puts a gun on the head of the VPS admin? Will he be mature and trustworthy enough to die for your 15$/year VPS (or even for your 3000 $/month server)?

  • spekkspekk Member
    edited August 2013

    now that was funny, I think you are looking in the wrong place for admins dying while protecting a VPS, it's the low end market here.

    if you want security there is a guy in the Netherlands, hosting in an ex-military bunker:

    http://cyberbunker.com/

    about hosting the server, it does not matter if you host it at home, because when Delta Force will break in, they will capture the server before you have a chance to get out of bed, so it is best to host it in a vault or something at home I mean, with an exploding mechanism, or well build your own bunker, I know some guys had a device with sulphuric acid put in above the HDD, and a panic button.

    about the disk, luks is best I think, but it has it's flaws, the datacenter can image the disk but if it's encrypted well that leaves only the RAM, but anyway, they can install a special device on the motherboard to grab all the I/O etc

    what you can actually do is take a lot of prevention measures, but 100% safe does not exist, because of the way it all works.

    @lesti said:
    I am sorry but the people here are not catching the concept: I don't want to rely on trustworthy or maturity, I do not want to have a security design based on that.

    What if someone puts a gun on the head of the VPS admin? Will he be mature and trustworthy enough to die for your 15$/year VPS (or even for your 3000 $/month server)?

  • MrXMrX Member

    Sounds like you need to build yourself your very own datacenter.

  • BrianHarrisonBrianHarrison Member, Patron Provider

    @Jack said:

    Exactly. There are ways for the box owner to inspect the VM of any box under any virtualization technology. It is certainly very easy to do so with OpenVZ, but the only way you'll have a reasonable assurance of privacy/security is with a dedicated server.

  • VPSSimonVPSSimon Member
    edited August 2013

    @lesti said:
    Finally, I found out that there's no way to do this unless you trust in someone: datacenter, admin or something else, no matter how safe your system is, or how many thousand bits length encryption keys you use.

    Personally if its such important data, You ant low end boxing it. Simple as. Incoming or outgoing mail is still going to be plain text unless itsent sent to you in encrypted form which only your mail server can decipher.

    This is why datacenters are bulletproofed an bomb proofed alot of time, As data security is up there, So owning a dedi on a locked rack you rent would be safest option, However you seem to want NSA style security for nothing you can explain would warrant such a thing, You just sound uber paranoid an you want to send email spam without being found out, Which is impossible.

    And if you wanted to send clean emails With uber security, Client would be receiving email On your own server as you would be sending it to Otherwise when it hops providers its being snooped on. Rather than it going locally.

    And if your deving something thats worth billions, Do what the rest do, the logical thing, Dev it offline an keep offline copys. if its patented doesnt matter if its leaked at all as its under patent. Err common sense.

    your providing hypertheticals that do not apply to you at all, Rather than just saying straight reasons.

    An sending email to clients ok, Make sure your all on same box an u control security, Otherwise mail server you send to or receive from has to be uber secure.

    Take ur tinfoil hat off an get back on the medication. Cos if you have anything worth millions WHY The fuck would you put it on a VPS in first place, an Not self host it on a dedi .

  • RadiRadi Host Rep, Veteran
    edited August 2013

    To the OP:
    Do you think your provider will just stay read your VPS?

    I mean, that providers don't have time finding people's secrets. Just provision you the order, the rest is up to you. If you abuse, then provider may be required to take a look, but else no.

  • asterisk14asterisk14 Member
    edited August 2013

    Once you communicate through a third party, then you have no real security. For example when you phone someone on you mobile or landline, the NSA or GCHQ will be able to pick it out of the air. In the old days, they used to tap the wires, now they can just listen to it and you will never know.

    If you are this concerned, then use low tech, postal mail, not easily intercepted e-mail.

  • aglodekaglodek Member
    edited August 2013

    @lesti said: I am looking for solutions to encrypt my INCOMMING email mainly. I am thinking for a solution cheaper as possible (thats why using VPS's) to provide privacy, nothing else.

    >

    Why if you are developing a pharmaceutical patent worth in millions and needs to email your workmates about this? What about if you are implementing a payment system that needs reliable bitcoin wallets woth in thousand dollars? What if you need to save the financial, medical or other nature information of your clients? I am trying to find the safest and cheapest solution, it is all about this, not sending spam.

    My 3 cents' worth:

    (1) Best way to uber-secure your communications is to do away with email entirely and use a web based messaging system accessed over SSL, using public CA keys, not a self signed cert.

    (2) Second layer of security - the one protecting you from your provider(s) snooping - would be to introduce client side encryption of content generating a one-time key/token then sent by the sender only to the intended recipient(s) (i.e. reader(s) of the given message), using a different telecommunications medium like SMS.

  • @lesti said:
    I am sorry but the people here are not catching the concept: I don't want to rely on trustworthy or maturity, I do not want to have a security design based on that.

    What if someone puts a gun on the head of the VPS admin? Will he be mature and trustworthy enough to die for your 15$/year VPS (or even for your 3000 $/month server)?

    Definitely not. However, if my VPS is ever passed to Optimists In Black this way, they will be severely disappointed to see all the data of any value encrypted beyond recognition.

  • smansman Member
    edited August 2013

    @FtpIt_Radi said:
    To the OP:
    Do you think your provider will just stay read your VPS?

    I mean, that providers don't have time finding people's secrets. Just provision you the order, the rest is up to you. If you abuse, then provider may be required to take a look, but else no.

    Glad someone said it. As if the only reason we do this is to watch what people are doing on hundreds or thousands of virtual servers. 99.99999999% of the time the last thing on the providers mind is wonder wtf you are doing. We have much better things to do and frankly don't want have to look at what you are doing. Even when you ask us to.

    The ONLY and I really do mean THE ONLY TIME I want to look at someones virtual server without being asked is when they are interfering with other servers. Causing excessive load. Things like that. And when I do I generally don't look at what you are doing...just what is causing the problem. Most of the time it's a stuck process pinning the CPU at 100% which I don't even have to go into the server to see on OpenVZ. In that case I'll just reboot the virtual server and see if that takes care of it.

    If not so obvious I will go straight to the message log which generally isn't going to tell me what you are doing but might give a clue what is causing the load problem. Even if I wanted to I don't have time to snoop around and see what you are doing.

  • dnwkdnwk Member

    How about rent a secure cage in a DC? can you lock the cage without giving DC Staff your key?

  • dnwkdnwk Member

    Another way of securing your email: PGP every email

  • @dnwk said:
    Another way of securing your email: PGP every email

    Yeah, but good luck explaining and setting that up at all your email correspondents' end, too.

  • @sman said:
    The ONLY and I really do mean THE ONLY TIME I want to look at someones virtual server without being asked is when they are interfering with other servers. Causing excessive load. Things like that.......

    Like most of the respondents here, you are missing @lesti's point. The way I read this, he is not worried about you (the provider) snooping on your own initiative. His perfectly valid concern is a third party targeting him and persuading the provider, one way or another, to snoop.

    @lesti: assuming they are determined to get you, or your data, rather, THERE IS NO WAY to secure your data in a virtualized environment. Period! No matter whether it is OpenVZ, KVM, Xen or what have you. Colocation (own locked rack or cage) makes things a little more secure, but for a really determined party, unauthorized access to your server is still very much possible. Running your own mini-datacenter in a secured location is your best bet. Outside LEB pricing to be sure, but not all that expensive. Following your overall theme here, however, this last is an invitation to said third party, which you seem to be concerned about, to visit YOU and persuade YOU to snoop, well... yourself. Sooooo, depending on whom you are afraid of here, suggest you give your own physical security some thought first. Once you have that well in hand, just place the server in close proximity and you are all set :)

  • asterisk14asterisk14 Member
    edited August 2013

    @dnwk said:
    Another way of securing your email: PGP every email

    Didn't the NSA get the PGP guy to turn over everything to them or go to jail, like the Lavabit story? Heard that the PGP has a NSA backdoor.

  • dnwkdnwk Member

    @asterisk14 said:
    Didn't the NSA get the PGP guy to turn over everything to them or go to jail, like the Lavabit story? Heard that the PGP has a NSA backdoor.

    PGP is just an algorithm. Get your own private key and public key to encrypt things. It does not need a third party service. So there is nothing to turn over, unless they force you to give them your private key.

  • @dnwk said:
    PGP is just an algorithm. Get your own private key and public key to encrypt things. It does not need a third party service. So there is nothing to turn over, unless they force you to give them your private key.

    PGP it's not an algorithm, it is a program that uses differents algorithms.

    If you are worried about PGP, just use GPG, then you can check if there's any backdoor isnce it's open source.

    Back on topic, I just found out that "security-by-trust" or "security-by-vps's-admin-got-no-time-to-check" it's not a valid scheme, so I'll try to find a client side solution, like AES encrypted private keys that gets decrypted by some javascript function in the browser.

  • anyNodeanyNode Member, Host Rep

    Providers will never just look at into a VPS unless there is abuse going on, if you're that worried maybe you shouldn't go with a VPS provider at all.

  • dnwkdnwk Member

    @lesti said:
    Back on topic, I just found out that "security-by-trust" or "security-by-vps's-admin-got-no-time-to-check" it's not a valid scheme, so I'll try to find a client side solution, like AES encrypted private keys that gets decrypted by some javascript function in the browser.

    I think PGP is open source. Check its wikipedia item

  • emgemg Veteran
    edited August 2013

    @asterisk14 said:
    Didn't the NSA get the PGP guy to turn over everything to them or go to jail, like the Lavabit story? Heard that the PGP has a NSA backdoor.

    There are persistent rumors that PGP has been secretly broken by the government. They surface like Elvis sightings. None of the above is true. I would not say the same about other products that are reputedly secure, but PGP is not one of them.

    However, the user must understand what PGP is and what it does. For example, if PGP is used for email, then the message body is encrypted, but the source, destination, and subject lines are not.

    To: [email protected]

    From: [email protected]

    Subject: Are you ready for the Bank holdup tomorrow on Main St. at 10:30?

    -----BEGIN PGP MESSAGE-----
    Version: 10.3.0.9060

    qANQR1DBwUwD95/Asc+VkTABEACWnjoQAcQugQla0YwxakJH3pn6fCILcbRN1hwJ
    60zD7MwN1YopbZFLQu+RJ7gtvJxlMPWslbUAxVUMSzWpaIbTAZ0NsgCQTDrC2xof
    b8UVOdJXAdiITJNrj1spyBfizeV5lihZztkNTGsI0DvrbfzXX5GLpmnVKxBSEDWs
    uKWbo/hYm806ivojuZkI8y7hzXAYMTdShc76pELSBqnHcBgCToZE0h013Ceu
    =kWj5

    -----END PGP MESSAGE-----

    In another famous example, Nicodemo S. Scarfo (an organized crime figure), used PGP to encrypt his communications. The FBI could not read them, so they got a warrant to install a hidden keyboard sniffer on his computer. Once the FBI had his private key and the passphrase to unlock it, they could read his hidden communications. The FBI never broke PGP, they broke Scarfo's operational security.

Sign In or Register to comment.