[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Help with getting a good automated sign up script for an email service on TOR

Hash: SHA1


I'll gladly disclose the systems - I want to be be as transparent as
possible, as I feel that was one of the major faults of tormail was
the lack of transparency which led to it's downfall, as we saw when we
realized that it was brought down as it was all completely hosted on
one sole source, Freedom Hosting.

That will be the fail safe - this project isn't solely hosted.  The
plan is once the proof of concept, by that once I make sure that my
code works and the team works and and users are pleased with the
service and people are happy with the transparency, and we're
providing a valuable service to ensure the ability for others to have
freedom of expression, freely, especially from areas where it's
restricted, without fear of reprisal or fear of someone providing
their information to a governmental source, which hopefully there will
be enough volunteers to ensure that these services are adequately

At this point though the backup location isn't ready for for complete
configuration - I only have the certificates for the VPN between the
two sites configured and I'm still working on the the failsafe code
basically, honestly, it's not security through obscurity, it's just
the need to complete the actual code to ensure that physical site A is
taken offline, then physical site B will come online with the same
hash hostname.

So basically, the final design will be as follows, mtas will deliver
be configured to deliver to both all of the data servers (we will
start off with at least two sites), but only one data server will be
the primary data server at a time.  That primary data server will
mount the other ones remotely via a vpn connection and have the db
constantly written to the secondaries.  If the primary goes doe down,
one of the secondaries will take over.  If for some reason, the
hostname is considered "compromised" (such as a primary server being
seized by a governmental organization and replaced), the hostname of
the next secondary will start being used.  Such a change will be
propagated via Social Media and other means.  But any way, the nice
ascii graph.

Internet---------MTAs---------Primary Data Server---------tor users
                  |                  |
                  |                  |
                  |                  |
                  |                  |
                  |                  |
                tor users

There's some already coded solutions that I'm looking into that I just
want to make sure work with tor hidden services.  There's also some
solutions that people smarter than me on this list probably know about
that hopefully may share with me.

The way the service is set up will be documented.  The other team
member and I will be actively documenting everything and ensuring that
we have everything documented and again, as transparent as possible.
For this little project I hope plenty of people volunteer, plenty of
people participate in a open provide feedback and ideas because you
know what, I might have ideas, I might have solutions, but I'm sure
someone might have something better.

Thanks for your feedback!

- --Rock

On 9/19/2013 9:41 AM, Nils Kunze wrote:
> Please correct me if I'm wrong, but you not wanting to disclose
> details about those "other fail safe systems" publicly sounds a lot
> like security through obscurity which certainly is not a good
> idea.
> Nils
> 2013/9/18 Rock <conrad@xxxxxxxxxxxxxx>
> Mick,
> I have researched the ownership and governmental cooperation of
> each company I have chosen and there's also a specific reason why
> I've chosen some companies.  The MTAs are not as worrysome as the
> data servers are, but the data servers will have drive level
> encryption, partition level encryption, and file level encryption -
> so yes, the NSA can beat three levels of encryption, but they can't
> beat an emergency track low level format (if we have that much
> warning.)
> There's other fail safe systems that I would rather not disclose 
> publicly that protect the data from the prying eyes of government, 
> that I personally know will be effective in preventing any 
> Intelligence Community organization from obtaining anything from
> the data servers.  If you want to discuss certain aspects of this
> please email me off the list.
> --Rock
> On 9/18/2013 8:19 AM, mick wrote:
>>>> On Tue, 17 Sep 2013 20:34:36 -0400 Conrad Rockenhaus 
>>>> <conrad@xxxxxxxxxxxxxx> allegedly wrote:
>>>>> The development servers are in separate jurisdictions
>>>>> throughout the world. For the initial proof of concept, I
>>>>> have two MTAs and two Data Servers, with one spare server.
>>>>> Each one is in a separate jurisdiction to make it more
>>>>> difficult to tap.
>>>> Forgive me if I am teaching grandmother, and I am sure that
>>>> you have this covered, but the location of the servers is not
>>>> the only, or necessarily most important, point to consider.
>>>> The crucial point is the legal juridisction within which the
>>>> server/DC/network owners reside.
>>>> For example I could pick servers in the Netherlands, Germany
>>>> and HongKong and find that all were provided by a US
>>>> company.
>>>> Mick
>>>> ---------------------------------------------------------------------
Mick Morgan gpg fingerprint: FC23 3338 F664 5E66 876B  72C0 0A1F
>>>> E60B 5BAD D312 http://baldric.net
>>>> ---------------------------------------------------------------------
- --
>> tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To
>> unsusbscribe or change other settings go to 
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Version: GnuPG v2.0.21 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to