[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Help with getting a good automated sign up script for an email service on TOR

Hash: SHA1


I meant to include this with the really long email I sent you and the
list - I would like to register the domain name today so I can bring
it live - but I can't for the life of me think of an domain name that
fits.  Do you or anyone on this list have any ideas that may fit:

- -An email service that connects MTAs from the Internet to an email
anonymizing email service on tor.
- -An email service that supports the the freedom of expression.
- -An email service that will not turn over any data to any governmental
body for any reason whatsoever.


- --Rock

On 9/19/2013 12:08 PM, Rock wrote:
> Nils,
> I'll gladly disclose the systems - I want to be be as transparent 
> as possible, as I feel that was one of the major faults of tormail 
> was the lack of transparency which led to it's downfall, as we saw 
> when we realized that it was brought down as it was all completely 
> hosted on one sole source, Freedom Hosting.
> That will be the fail safe - this project isn't solely hosted. The
> plan is once the proof of concept, by that once I make sure that my
> code works and the team works and and users are pleased with the
> service and people are happy with the transparency, and we're
> providing a valuable service to ensure the ability for others to
> have freedom of expression, freely, especially from areas where 
> it's restricted, without fear of reprisal or fear of someone 
> providing their information to a governmental source, which 
> hopefully there will be enough volunteers to ensure that these 
> services are adequately provided.
> At this point though the backup location isn't ready for for 
> complete configuration - I only have the certificates for the VPN 
> between the two sites configured and I'm still working on the the 
> failsafe code basically, honestly, it's not security through 
> obscurity, it's just the need to complete the actual code to
> ensure that physical site A is taken offline, then physical site B
> will come online with the same hash hostname.
> So basically, the final design will be as follows, mtas will 
> deliver be configured to deliver to both all of the data servers 
> (we will start off with at least two sites), but only one data 
> server will be the primary data server at a time.  That primary 
> data server will mount the other ones remotely via a vpn
> connection and have the db constantly written to the secondaries.
> If the primary goes doe down, one of the secondaries will take
> over.  If for some reason, the hostname is considered "compromised"
> (such as a primary server being seized by a governmental
> organization and replaced), the hostname of the next secondary will
> start being used.  Such a change will be propagated via Social
> Media and other means.  But any way, the nice ascii graph.
> Internet---------MTAs---------Primary Data Server---------tor users
> |                  | |                  | | | |                  |
> |                  | Secondaries--(OpenVPN) | | | | tor users
> There's some already coded solutions that I'm looking into that I 
> just want to make sure work with tor hidden services.  There's
> also some solutions that people smarter than me on this list
> probably know about that hopefully may share with me.
> The way the service is set up will be documented.  The other team 
> member and I will be actively documenting everything and ensuring 
> that we have everything documented and again, as transparent as 
> possible. For this little project I hope plenty of people 
> volunteer, plenty of people participate in a open provide feedback 
> and ideas because you know what, I might have ideas, I might have 
> solutions, but I'm sure someone might have something better.
> Thanks for your feedback!
> --Rock
> On 9/19/2013 9:41 AM, Nils Kunze wrote:
>> Please correct me if I'm wrong, but you not wanting to disclose 
>> details about those "other fail safe systems" publicly sounds a 
>> lot like security through obscurity which certainly is not a good
>> idea.
>> Nils
>> 2013/9/18 Rock <conrad@xxxxxxxxxxxxxx>
>> Mick,
>> I have researched the ownership and governmental cooperation of 
>> each company I have chosen and there's also a specific reason why
>> I've chosen some companies.  The MTAs are not as worrysome as the
>> data servers are, but the data servers will have drive level 
>> encryption, partition level encryption, and file level
>> encryption - so yes, the NSA can beat three levels of encryption,
>> but they can't beat an emergency track low level format (if we
>> have that much warning.)
>> There's other fail safe systems that I would rather not disclose 
>> publicly that protect the data from the prying eyes of 
>> government, that I personally know will be effective in 
>> preventing any Intelligence Community organization from
>> obtaining anything from the data servers.  If you want to discuss
>> certain aspects of this please email me off the list.
>> --Rock
>> On 9/18/2013 8:19 AM, mick wrote:
>>>>> On Tue, 17 Sep 2013 20:34:36 -0400 Conrad Rockenhaus 
>>>>> <conrad@xxxxxxxxxxxxxx> allegedly wrote:
>>>>>> The development servers are in separate jurisdictions 
>>>>>> throughout the world. For the initial proof of concept, I
>>>>>> have two MTAs and two Data Servers, with one spare 
>>>>>> server. Each one is in a separate jurisdiction to make
>>>>>> it more difficult to tap.
>>>>> Forgive me if I am teaching grandmother, and I am sure that
>>>>> you have this covered, but the location of the servers is
>>>>> not the only, or necessarily most important, point to 
>>>>> consider. The crucial point is the legal juridisction 
>>>>> within which the server/DC/network owners reside.
>>>>> For example I could pick servers in the Netherlands, 
>>>>> Germany and HongKong and find that all were provided by a 
>>>>> US company.
>>>>> Mick
>>>>> ---------------------------------------------------------------------
Mick Morgan gpg fingerprint: FC23 3338 F664 5E66 876B  72C0 0A1F
>>>>> E60B 5BAD D312 http://baldric.net
>>>>> ---------------------------------------------------------------------
Version: GnuPG v2.0.21 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to