[tor-talk] WSJ- Google- Sonic Mr. Applebaum
Jeroen Massar
jeroen at unfix.org
Mon Oct 10 21:20:05 UTC 2011
On 2011-10-10 22:27 , Eugen Leitl wrote:
> On Mon, Oct 10, 2011 at 07:07:35PM +0200, Jeroen Massar wrote:
>> On 2011-10-10 18:42 , Andre Risling wrote:
>>> Here's how Google is a compliant slave.
>>>
>>> You still use Gmail?!
>>
>> Does not matter what service you use, they all fail under the pressure
>
> Use your own servers at the co-lo. Use TPM and tamper-proof systems.
Does not matter, given enough power/money/force your adversary can walk
into that colo and use vampire taps to replug (both power and network)
your box without you noticing anything and monitor the rest from there on.
As for TPM, who build that piece of hardware and are you sure that a
copy of your keys are not kept elsewhere?
> I used to store crypto secrets on USB smartcards, and have
> streaming video in the rack, all on UPS. Nowadays, it's even easier.
>
> No point to make it too easy. Mallory should earn his keep.
At one point or another they just apply rubberhose crypto thus don't
make it too difficult.
Greets,
Jeroen
More information about the tor-talk
mailing list