[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Help with getting a good automated sign up script for an email service on TOR
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Nils,
I meant to include this with the really long email I sent you and the
list - I would like to register the domain name today so I can bring
it live - but I can't for the life of me think of an domain name that
fits. Do you or anyone on this list have any ideas that may fit:
- -An email service that connects MTAs from the Internet to an email
anonymizing email service on tor.
- -An email service that supports the the freedom of expression.
- -An email service that will not turn over any data to any governmental
body for any reason whatsoever.
Thanks!
- --Rock
On 9/19/2013 12:08 PM, Rock wrote:
> Nils,
>
> I'll gladly disclose the systems - I want to be be as transparent
> as possible, as I feel that was one of the major faults of tormail
> was the lack of transparency which led to it's downfall, as we saw
> when we realized that it was brought down as it was all completely
> hosted on one sole source, Freedom Hosting.
>
> That will be the fail safe - this project isn't solely hosted. The
> plan is once the proof of concept, by that once I make sure that my
> code works and the team works and and users are pleased with the
> service and people are happy with the transparency, and we're
> providing a valuable service to ensure the ability for others to
> have freedom of expression, freely, especially from areas where
> it's restricted, without fear of reprisal or fear of someone
> providing their information to a governmental source, which
> hopefully there will be enough volunteers to ensure that these
> services are adequately provided.
>
> At this point though the backup location isn't ready for for
> complete configuration - I only have the certificates for the VPN
> between the two sites configured and I'm still working on the the
> failsafe code basically, honestly, it's not security through
> obscurity, it's just the need to complete the actual code to
> ensure that physical site A is taken offline, then physical site B
> will come online with the same hash hostname.
>
> So basically, the final design will be as follows, mtas will
> deliver be configured to deliver to both all of the data servers
> (we will start off with at least two sites), but only one data
> server will be the primary data server at a time. That primary
> data server will mount the other ones remotely via a vpn
> connection and have the db constantly written to the secondaries.
> If the primary goes doe down, one of the secondaries will take
> over. If for some reason, the hostname is considered "compromised"
> (such as a primary server being seized by a governmental
> organization and replaced), the hostname of the next secondary will
> start being used. Such a change will be propagated via Social
> Media and other means. But any way, the nice ascii graph.
>
> Internet---------MTAs---------Primary Data Server---------tor users
> | | | | | | | |
> | | Secondaries--(OpenVPN) | | | | tor users
>
> There's some already coded solutions that I'm looking into that I
> just want to make sure work with tor hidden services. There's
> also some solutions that people smarter than me on this list
> probably know about that hopefully may share with me.
>
> The way the service is set up will be documented. The other team
> member and I will be actively documenting everything and ensuring
> that we have everything documented and again, as transparent as
> possible. For this little project I hope plenty of people
> volunteer, plenty of people participate in a open provide feedback
> and ideas because you know what, I might have ideas, I might have
> solutions, but I'm sure someone might have something better.
>
> Thanks for your feedback!
>
> --Rock
>
> On 9/19/2013 9:41 AM, Nils Kunze wrote:
>> Please correct me if I'm wrong, but you not wanting to disclose
>> details about those "other fail safe systems" publicly sounds a
>> lot like security through obscurity which certainly is not a good
>> idea.
>
>> Nils
>
>
>> 2013/9/18 Rock <conrad@xxxxxxxxxxxxxx>
>
>> Mick,
>
>> I have researched the ownership and governmental cooperation of
>> each company I have chosen and there's also a specific reason why
>> I've chosen some companies. The MTAs are not as worrysome as the
>> data servers are, but the data servers will have drive level
>> encryption, partition level encryption, and file level
>> encryption - so yes, the NSA can beat three levels of encryption,
>> but they can't beat an emergency track low level format (if we
>> have that much warning.)
>
>> There's other fail safe systems that I would rather not disclose
>> publicly that protect the data from the prying eyes of
>> government, that I personally know will be effective in
>> preventing any Intelligence Community organization from
>> obtaining anything from the data servers. If you want to discuss
>> certain aspects of this please email me off the list.
>
>> --Rock
>
>> On 9/18/2013 8:19 AM, mick wrote:
>>>>> On Tue, 17 Sep 2013 20:34:36 -0400 Conrad Rockenhaus
>>>>> <conrad@xxxxxxxxxxxxxx> allegedly wrote:
>>>>>
>>>>>>
>>>>>> The development servers are in separate jurisdictions
>>>>>> throughout the world. For the initial proof of concept, I
>>>>>> have two MTAs and two Data Servers, with one spare
>>>>>> server. Each one is in a separate jurisdiction to make
>>>>>> it more difficult to tap.
>>>>>
>>>>> Forgive me if I am teaching grandmother, and I am sure that
>>>>> you have this covered, but the location of the servers is
>>>>> not the only, or necessarily most important, point to
>>>>> consider. The crucial point is the legal juridisction
>>>>> within which the server/DC/network owners reside.
>>>>>
>>>>> For example I could pick servers in the Netherlands,
>>>>> Germany and HongKong and find that all were provided by a
>>>>> US company.
>>>>>
>>>>> Mick
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>>
>>>>>
>>>>>
>
>>>>>
>>>>>
Mick Morgan gpg fingerprint: FC23 3338 F664 5E66 876B 72C0 0A1F
>>>>> E60B 5BAD D312 http://baldric.net
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>>
>>>
>>>>>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.21 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBAgAGBQJSOy0AAAoJEOfLWO5paP3NA/sP/AzJm9S6+mlTPq+e7uQ7JclT
I66mNWZhLIXc3eIHAT2c0svSmmPVMpnZgjyVxQc3DoCbWrq4NNUVCLoNFIPKIDNy
luGXVUNe91psISdvgsm5s8+a44KRSta3lhm5VB/FW0npsWNEokdB1wXMgn1eKXxK
aQHnleAjLcfQOJb4WKRQS7ClIoTj0omiszDCZ+JeUuqByNiWAsUWUw+trkcwr8BW
Jvaldrfq24YA1Y2L81Lk4jKJNrb4D/olAWfiu8q1eX/rj4zk1dB1Zv9TJR8lJfs9
JTjTmnDlIhR079fynQHy0tocwXN+aIE3cj2iPuSlePNesQdLB5cdxYMz4vjPAie5
aNruzVHP5meVpagsw3C4X/xLCBznwmN6Y4EFGz2vEGHZ4wGPQtbceM3AqSfhS8IH
YSOg8LpDWac+buScM1tjO8MYQYAE1Ni+O4gdiq+a6kKFI6/Uzs9IxbZU1EaS9WMm
KFBni6W8cfJcVEV+5MOgPefuKPq9Eqai1EwWz4MohjBkNvTSMR5cIgI6L412uWf9
a08grytIXZbOPhEmhx0XjA5jsQGeTkSmtttguFoK96/RdQonbdRO9dV/M2ictvnB
h5cCqp7X4eEM7svE2wmnYw5IW5pYrNL4mMsh4rC+VIEVMMMhpSSV0GAMO0kjv4r9
XR9gCAyo4KbyeVlyz8B+
=gb1g
-----END PGP SIGNATURE-----
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk