[tor-talk] PrivateCore Demonstrates Industry’s First PRISM-Proof Tor Server in Public Cloud

Pokokohua pokokohua at gmail.com
Sun Oct 27 22:09:46 UTC 2013

Saw this ad/news item on another list

PrivateCore Demonstrates Industry’s First PRISM-Proof Tor Server in Public Cloud

PrivateCore, the private computing company, today demonstrated the
first cloud Tor server protected from NSA PRISM-like programs by fully
encrypted memory. The company deployed a Tor server protected by
PrivateCore vCage software to a dedicated server hosted by
infrastructure-as-a-service provider SoftLayer. Tor directs Internet
traffic through a free, worldwide volunteer network consisting of more
than three thousand relays to maintain the anonymity of a user’s
location or usage.

This PrivateCore Tor deployment provides undeniable evidence that
organizations can achieve private computation in the public cloud.
Without vCage full memory encryption, Tor servers operating in hosted
provider environments expose secret key material in memory, where it
can be accessed through NSA PRISM-type programs. Using PrivateCore
vCage, no trace of Tor server code or data is maintained in memory or
on disk, eliminating the possible exposure of secret key material
through memory forensics.

As demonstrated by the NSA PRISM program, information owned by an
organization can be handed to authorities without their knowledge by
cloud service providers who control the cloud servers. While
organizations need to respond to lawful requests for information such
as the NSA PRISM program, PrivateCore vCage enables them to remain in
control of servers in the cloud and prevent access without their prior

Click to Tweet: . at PrivateCore vCage memory #encryption software
enables #PRISM proof Tor server http://bit.ly/1gCCkMP

“PrivateCore vCage is a very important step forward for cloud security
that uses a brilliant design created by experts who really know what
they are doing,” said Felix “FX” Lindner, Head of Recurity Labs a
leading security consultancy based in Germany.

Service providers and enterprises face growing risks of physical
access to sensitive data through the proliferation of outsourced IT
infrastructures in untrusted environments including the cloud,
co-location facilities and remote sites. Sensitive data-in-use is
subject to compromise due to lawful requests, such as the recently
disclosed NSA PRISM program, as well as illegal compromise. For
example, state actors can target server memory which typically
contains sensitive information such as digital certificates,
encryption keys, intellectual property and personally identifiable
information. While sensitive data may be protected by encryption while
at rest or in transit, it is unprotected and “in the clear” while in
use. PrivateCore’s unique vCage software encrypts data-in-use without
requiring application or hardware modifications.

“The NSA PRISM program has raised concerns around the world among
organizations considering deploying sensitive data in the public
cloud. This proof of concept shows that data in the public cloud can
remain under the control of the owner under any circumstance,” said
Oded Horovitz, CEO of PrivateCore. “Protecting data-in-use has been a
challenge in security sensitive industries for years, but hardware
advances such as larger processor caches have enabled PrivateCore to
develop an innovative platform that shrinks the hypervisor into the
CPU to secure data even in memory.”

More information about the tor-talk mailing list