[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-relays] Exit relay seized by police
On Tue, Nov 10, 2015 at 12:40:19AM +0000, Tim Sammut wrote:
> I meant is it possible for a relay operator to detect if a snapshot of a
> running VM or VPS has been taken? Asked slightly differently, if I have
> a relay running as a VPS or VM, can I somehow detect if my provider took
> a snapshot of the relay without informing me?
Probably not. With most VM solutions, storage is pretty well abstracted
from the virtual guests. I know that with Xen and OpenVZ, the typical
way storage is provided (loopbacks) gives no way for the guest to see
what the hypervisor is doing to the data. Furthermore, if the data is on
a SAN, there's even more ways that the data can be snooped at without
informing the guest of such activities.
> Following from that, are uninterrupted snapshots of running VMs possible
> in all hypervisors or should we be using the provider's hypervisor
> technology choice to inform how we decide which providers to use?
Storage tech is mostly independent of virtualization tech. I don't think
it really matters what hypervisor is used. Ultimately, the hypervisor
must be trusted regardless of what storage is in use, so I don't think
it really matters, either. If you're really worried about security, run
your Tor node on hardware you control.
--Sean
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays