[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor hidden service 'in cloud'



thank you for this info.

then it sounds that piratebay are quite foolish to do this!

--
Jerzy Åogiewa -- jerzyma@xxxxxxxxxx

On Oct 17, 2012, at 12:35 PM, Andrea Shepard wrote:

> Seconded; you can't trust VMs on hardware you don't control for anything
> that needs to stay private - at least not until we get Turing-complete
> emulated processors implemented in homomorphic cryptography.  At minimum you
> need a real machine in a colo, which means you need to figure out how to
> pay for it anonymously [1], and if you want a second line of defense you
> want to harden your server against intrusions too; doing your disk crypto
> in tamper-proof hardware would probably be a good idea [2], as would making
> sure you can trust your BIOS [3].
> 
> [1] prq.se claims they work with anonymous clients on their web site,
> but all the methods of payment they mention are identity leak hazards.
> 
> [2] I don't think the kernel supports this, though :/
> 
> [3] I kinda want to find a server motherboard I can use with coreboot
> and add SSL support on the serial console, and then a challenge-response
> authentication to boot...

_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk