-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Nils,
I'll gladly disclose the systems - I want to be be as transparent as
possible, as I feel that was one of the major faults of tormail was
the lack of transparency which led to it's downfall, as we saw when we
realized that it was brought down as it was all completely hosted on
one sole source, Freedom Hosting.
That will be the fail safe - this project isn't solely hosted. The
plan is once the proof of concept, by that once I make sure that my
code works and the team works and and users are pleased with the
service and people are happy with the transparency, and we're
providing a valuable service to ensure the ability for others to have
freedom of expression, freely, especially from areas where it's
restricted, without fear of reprisal or fear of someone providing
their information to a governmental source, which hopefully there will
be enough volunteers to ensure that these services are adequately
provided.
At this point though the backup location isn't ready for for complete
configuration - I only have the certificates for the VPN between the
two sites configured and I'm still working on the the failsafe code
basically, honestly, it's not security through obscurity, it's just
the need to complete the actual code to ensure that physical site A is
taken offline, then physical site B will come online with the same
hash hostname.
So basically, the final design will be as follows, mtas will deliver
be configured to deliver to both all of the data servers (we will
start off with at least two sites), but only one data server will be
the primary data server at a time. That primary data server will
mount the other ones remotely via a vpn connection and have the db
constantly written to the secondaries. If the primary goes doe down,
one of the secondaries will take over. If for some reason, the
hostname is considered "compromised" (such as a primary server being
seized by a governmental organization and replaced), the hostname of
the next secondary will start being used. Such a change will be
propagated via Social Media and other means. But any way, the nice
ascii graph.
Internet---------MTAs---------Primary Data Server---------tor users
| |
| |
| |
| |
| |
Secondaries--(OpenVPN)
|
|
|
|
tor users
There's some already coded solutions that I'm looking into that I just
want to make sure work with tor hidden services. There's also some
solutions that people smarter than me on this list probably know about
that hopefully may share with me.
The way the service is set up will be documented. The other team
member and I will be actively documenting everything and ensuring that
we have everything documented and again, as transparent as possible.
For this little project I hope plenty of people volunteer, plenty of
people participate in a open provide feedback and ideas because you
know what, I might have ideas, I might have solutions, but I'm sure
someone might have something better.
Thanks for your feedback!
- --Rock
On 9/19/2013 9:41 AM, Nils Kunze wrote:
> Please correct me if I'm wrong, but you not wanting to disclose
> details about those "other fail safe systems" publicly sounds a lot
> like security through obscurity which certainly is not a good
> idea.
>
> Nils
>
>
> 2013/9/18 Rock <con...@rockenhaus.com>
>
> Mick,
>
> I have researched the ownership and governmental cooperation of
> each company I have chosen and there's also a specific reason why
> I've chosen some companies. The MTAs are not as worrysome as the
> data servers are, but the data servers will have drive level
> encryption, partition level encryption, and file level encryption -
> so yes, the NSA can beat three levels of encryption, but they can't
> beat an emergency track low level format (if we have that much
> warning.)
>
> There's other fail safe systems that I would rather not disclose
> publicly that protect the data from the prying eyes of government,
> that I personally know will be effective in preventing any
> Intelligence Community organization from obtaining anything from
> the data servers. If you want to discuss certain aspects of this
> please email me off the list.
>
> --Rock
>
> On 9/18/2013 8:19 AM, mick wrote:
>>>> On Tue, 17 Sep 2013 20:34:36 -0400 Conrad Rockenhaus
>>>> <con...@rockenhaus.com> allegedly wrote:
>>>>
>>>>>
>>>>> The development servers are in separate jurisdictions
>>>>> throughout the world. For the initial proof of concept, I
>>>>> have two MTAs and two Data Servers, with one spare server.
>>>>> Each one is in a separate jurisdiction to make it more
>>>>> difficult to tap.
>>>>
>>>> Forgive me if I am teaching grandmother, and I am sure that
>>>> you have this covered, but the location of the servers is not
>>>> the only, or necessarily most important, point to consider.
>>>> The crucial point is the legal juridisction within which the
>>>> server/DC/network owners reside.
>>>>
>>>> For example I could pick servers in the Netherlands, Germany
>>>> and HongKong and find that all were provided by a US
>>>> company.
>>>>
>>>> Mick
>>>>
>>>> ---------------------------------------------------------------------
>>>>
>>>>
>>>>
Mick Morgan gpg fingerprint: FC23 3338 F664 5E66 876B 72C0 0A1F
>>>> E60B 5BAD D312 http://baldric.net
>>>>
>>>> ---------------------------------------------------------------------
>>>>
>>
>>>>
- --
>> tor-talk mailing list - tor-talk@lists.torproject.org To
>> unsusbscribe or change other settings go to
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.21 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBAgAGBQJSOyGLAAoJEOfLWO5paP3NmMYP/2CRKKWWIB6TsEcX8IlH4QF7
jZZAksQpmea8FiEXWFg23O5xm+I/iVawn2Ey3Bw3k3L63cjDrwX7hlcKRcyWA5EF
RGvZ39jIgRaHS/+OjCbFaoVSkjZd6hr7R3gooAY0s6ByZGYt6IGoSXgPemM8zxiO
kYlfcfcFiBoDdlnlSasttr9dC3Ksp3Hx8q7E15CV2bOpOCWUlIqR1S8QZDshxd0a
gUegfg7xX+eS60m1/8CX0+wp5E+44RTPmZ5OkZZT4biFQ7uIXAIhN875GWZ09ATz
WeaFMYAiZDsEqbMtWqQt2zy4uw1JrGvzix2sohJg6hdoGj5lNau2lzgSjMhxZsU9
syyRnAsZijOt7weUOlA4hIrANYXaSsqc26FgweDyYDpEwJRGUwsu70qaJqHL95eW
5evbd0VvQj8RiHEagJEwsAg8AdJLwFAO4OlQwDzXjHUypAuoIv0iJfNIU5E7VnHQ
Z/fznP6OsxDxCHvNJR43qW4xoHvlHic51Aw05stng6NQE2DBqhg8HEFi+xFLOEcf
/ZJcRwDvDIV77/5MW237OmYAO8vxAlD/5fgj18Y9ODziNUUVvRxweKn76EzNNBeN
a0jgc7KkEzxHG2kYRXYVlg4qg6pfJtv0XWidS07fjM/N93JDT/BCtiBfRHFP9/Gd
xxwJVmsQXE78AJWnMEBQ
=Ljxv
-----END PGP SIGNATURE-----
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
