[tor-talk] Private mail server (Was: i saw your response on the Tor TTFtalk list)

Andrea Shepard andrea at torproject.org
Mon Nov 19 00:50:27 UTC 2012 

On Sun, Nov 18, 2012 at 04:40:11PM -0800, SiNA Rabbani wrote:
> The law enforcement needs a warrant to enter your home. So yep, at least
> you'll know about it.
> 
> I wonder if getting a warrant to pull a server from co-lo takes the same
> amount of effort and paperwork as getting a warrant to enter someone's home?

Well, there is an advantage to co-lo in that if they raid your home they'll
probably seize anything more technologically sophisticated than an abacus,
whereas with the co-lo you'll just lose that server, at least in that raid.
On the other hand, yeah, I don't know if there's a difference in terms of
the amount of effort for them to get at it.  You could also make it more
of a hassle for them to follow up by putting it in a colo in a different
country than your residence.  What one *really* wants is a way to get colo
anonymously and then harden the server against snooping in case they do seize
it, but that seems fairly tricky to arrange since there's both the payment and
the need to physically deliver the server as potential identity leaks.

I think with colo it would be reasonably possible to be assured of knowing
about it if it's tampered with, though.  You could design something with a
tamper-evident case so you'd know if it were opened or removed from the rack,
you could ssh into it from your home machine and have a high-resolution
probe of whether it's running or not, and so on.  If you're particularly
paranoid and up for a little hardware design, put an audio recorder
or other suitable monitoring device on a PCIe card with a battery or supercap
to charge up from the bus and then keep it running while the machine is shut
down.

-- 
Andrea Shepard
<andrea at torproject.org>
PGP fingerprint: 3611 95A4 0740 ED1B 7EA5  DF7E 4191 13D9 D0CF BDA5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20121118/ad171a14/attachment-0001.pgp>

More information about the tor-talk mailing list