1 |
On Mon, Aug 17, 2020 at 12:51 AM Caveman Al Toraboran |
2 |
<toraboracaveman@××××××××××.com> wrote: |
3 |
> |
4 |
> hi. context: |
5 |
> |
6 |
> 1. tinfoil hat is on. |
7 |
> 2. i feel disrespected when someone does things to |
8 |
> my stuff without getting my approval. |
9 |
> 3. vps admin is not trusty and their sys admin may |
10 |
> read my emails, and laugh at me! |
11 |
> 4. whole thing is not worth much money. so not |
12 |
> welling to pay more than the price of a cheap |
13 |
> vps. moving to dedicated hardware for me is |
14 |
> not worth it. my goal is to make it annoying |
15 |
> enough that cheap-vps's admins find it a bad |
16 |
> idea for them to allocate their time to mingle |
17 |
> with my stuff. |
18 |
> |
19 |
> thoughts on how to maximally satisfy these |
20 |
> requirements? |
21 |
> |
22 |
> rgrds, |
23 |
> cm. |
24 |
> |
25 |
|
26 |
I'm rather late to the game with this, but at the end of the day, mail |
27 |
coming *into* a mail server isn't typically encrypted (and even that |
28 |
is only the body, the headers can still reveal a great deal, and are |
29 |
necessary for the server to work with it). A packet dump at the switch |
30 |
will turn over every piece of mail you receive along the way. Email's |
31 |
not designed for end to end security by default. Secondly, any hosting |
32 |
on hardware you don't control is impossible to fully secure, if the |
33 |
services on that end have to operate on the data at all. You can |
34 |
encrypt the drive, encrypt the mail stores themselves, etc, but all of |
35 |
those things will result in the encryption key being loaded into ram |
36 |
while the VPS is running, and dumping ram from the hypervisor layer |
37 |
destroys every illusion of security you had. Dedicated hardware in a |
38 |
locked cabinet is as close as you get to preventing physical attacks |
39 |
when you're hosting in someone else's DC, and that's not nearly in the |
40 |
same market segment, price-wise, as a cheap VPS. At best, if you have |
41 |
sensitive email that you're sending or receiving, work with the other |
42 |
end of the communication and then encrypt the contents properly. Even |
43 |
better, go with a larger scale, paid, solution in which your email |
44 |
isn't even remotely worth the effort to tamper with for the hosting |
45 |
company's employees, and hope the contractual obligations are |
46 |
sufficient to protect you. If you have any sort of controlled data |
47 |
going in and out of your email, step up to a plan that adheres to the |
48 |
regulatory frameworks you're required to adhere to and make very sure |
49 |
the contracts for it obligate the vendor to secure things properly on |
50 |
their end (aws, azure/o365/etc mostly all have offerings for, at |
51 |
least, US Gov level requirements). |
52 |
|
53 |
-- |
54 |
Poison [BLX] |
55 |
Joshua M. Murphy |