[tor-talk] VPS provider

Webmaster webmaster at felononline.info
Tue Sep 25 22:10:12 UTC 2012 

This was something that has bothered me.   I use VmBox for linux   When 
Im running a machine there is a windows that shows me a "preview" of the 
current screen.   Do admins have access to this "preview"     or 
something similar?

I intend to run a linux server console only. (no gui)   so most of my 
work will be done using SSH.  The only viewable page would be under the 
.onion site.       Hopefully as long as the admins dont know the 
.onion.   they cant see whats hosted.     Non-illegal, but may be 
offensive in some countries.


On 09/25/2012 04:00 PM, irregulator at riseup.net wrote:
> On 09/25/2012 10:18 PM, Matthew Finkel wrote:
>> On 09/25/2012 01:42 PM, Flo wrote:
>>> +1
>>> This.
>>>
>>> The problem is especially on container-virtualizations like OpenVZ is
>>> that the admins of the hostnodes must just type something like 'vzctl
>>> enter 123' and they have a shell in your VPS...
>>>
>>> So you should have at least Xen/KVM where you can use encryption
>> Yes! Sadly there aren't too many KVM hosts, but providers are slowly
>> offering more options. Xen has been stable for a longer amount of time,
>> so there are more options available for that, Linode, et al.
>>
>> I personally have KVM boxes from http://buyvm.net/ and
>> http://arpnetworks.com/, at times they leave something to be desired
>> with regard to performance, but overall I have no complaints related to
>> service or uptime. I don't currently use them for Tor related purposes,
>> but if they're not going to serve as exit nodes, anything else shouldn't
>> cause a  problem (except bandwidth, as was noted). I'm planning to
>> contact them in the future to determine their stance on Tor and see if I
>> can move forward with some ideas I have, but that remains to be seen.
>>
> Hey people
>
> I was under the impression that everyone having physical access to a
> running machine can get access to the operating system as well.
> Encryption makes no difference for a running computer, since cold boot
> attack may be used to dump the keys from memory. What's more, in a
> virtualization environment i guess that would be easier.
>
> If the above statements are generally correct, then you should trust a
> VPS provider, as long as you trust the administrator of the host machine
> *and* everyone else having physical access to it (for example the
> datacenter).
>
> _______________________________________________
> tor-talk mailing list
> tor-talk at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
>

More information about the tor-talk mailing list