On 09/25/2012 10:18 PM, Matthew Finkel wrote:
On 09/25/2012 01:42 PM, Flo wrote:
+1
This.
The problem is especially on container-virtualizations like OpenVZ is
that the admins of the hostnodes must just type something like 'vzctl
enter 123' and they have a shell in your VPS...
So you should have at least Xen/KVM where you can use encryption
Yes! Sadly there aren't too many KVM hosts, but providers are slowly
offering more options. Xen has been stable for a longer amount of time,
so there are more options available for that, Linode, et al.
I personally have KVM boxes from http://buyvm.net/ and
http://arpnetworks.com/, at times they leave something to be desired
with regard to performance, but overall I have no complaints related to
service or uptime. I don't currently use them for Tor related purposes,
but if they're not going to serve as exit nodes, anything else shouldn't
cause a problem (except bandwidth, as was noted). I'm planning to
contact them in the future to determine their stance on Tor and see if I
can move forward with some ideas I have, but that remains to be seen.
Hey people
I was under the impression that everyone having physical access to a
running machine can get access to the operating system as well.
Encryption makes no difference for a running computer, since cold boot
attack may be used to dump the keys from memory. What's more, in a
virtualization environment i guess that would be easier.
If the above statements are generally correct, then you should trust a
VPS provider, as long as you trust the administrator of the host machine
*and* everyone else having physical access to it (for example the
datacenter).
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk