1 |
On 8/28/20 3:54 PM, Poison BL. wrote: |
2 |
> On Mon, Aug 17, 2020 at 12:51 AM Caveman Al Toraboran |
3 |
> <toraboracaveman@××××××××××.com> wrote: |
4 |
>> |
5 |
>> hi. context: |
6 |
>> |
7 |
>> 1. tinfoil hat is on. |
8 |
>> 2. i feel disrespected when someone does things to |
9 |
>> my stuff without getting my approval. |
10 |
>> 3. vps admin is not trusty and their sys admin may |
11 |
>> read my emails, and laugh at me! |
12 |
>> 4. whole thing is not worth much money. so not |
13 |
>> welling to pay more than the price of a cheap |
14 |
>> vps. moving to dedicated hardware for me is |
15 |
>> not worth it. my goal is to make it annoying |
16 |
>> enough that cheap-vps's admins find it a bad |
17 |
>> idea for them to allocate their time to mingle |
18 |
>> with my stuff. |
19 |
>> |
20 |
>> thoughts on how to maximally satisfy these |
21 |
>> requirements? |
22 |
>> |
23 |
>> rgrds, |
24 |
>> cm. |
25 |
>> |
26 |
> |
27 |
> I'm rather late to the game with this, but at the end of the day, mail |
28 |
> coming *into* a mail server isn't typically encrypted (and even that |
29 |
> is only the body, the headers can still reveal a great deal, and are |
30 |
> necessary for the server to work with it). A packet dump at the switch |
31 |
> will turn over every piece of mail you receive along the way. Email's |
32 |
> not designed for end to end security by default. Secondly, any hosting |
33 |
> on hardware you don't control is impossible to fully secure, if the |
34 |
> services on that end have to operate on the data at all. You can |
35 |
> encrypt the drive, encrypt the mail stores themselves, etc, but all of |
36 |
> those things will result in the encryption key being loaded into ram |
37 |
> while the VPS is running, and dumping ram from the hypervisor layer |
38 |
> destroys every illusion of security you had. Dedicated hardware in a |
39 |
> locked cabinet is as close as you get to preventing physical attacks |
40 |
> when you're hosting in someone else's DC, and that's not nearly in the |
41 |
> same market segment, price-wise, as a cheap VPS. At best, if you have |
42 |
> sensitive email that you're sending or receiving, work with the other |
43 |
> end of the communication and then encrypt the contents properly. Even |
44 |
> better, go with a larger scale, paid, solution in which your email |
45 |
> isn't even remotely worth the effort to tamper with for the hosting |
46 |
> company's employees, and hope the contractual obligations are |
47 |
> sufficient to protect you. If you have any sort of controlled data |
48 |
> going in and out of your email, step up to a plan that adheres to the |
49 |
> regulatory frameworks you're required to adhere to and make very sure |
50 |
> the contracts for it obligate the vendor to secure things properly on |
51 |
> their end (aws, azure/o365/etc mostly all have offerings for, at |
52 |
> least, US Gov level requirements). |
53 |
> |
54 |
|
55 |
Hmmmmm. How about paying for codes the US F. Feds do not have, like Real |
56 |
Random. Supposedly, they are legally pissing of the F. Feds. Do your own |
57 |
evaluation. A US corp in good standing the F. Feds do not want anyone to |
58 |
know. About. Why? For the F. Feds to challenge what they do, they have |
59 |
to PUBLICLY disclose their p. p. |
60 |
|
61 |
https://www.realrandom.co/wp/ |
62 |
|
63 |
yes it's commercial. But for Gentoo, I'd push for a deep discount. They |
64 |
have totally awesome technology, and I know a sales guy there. Any |
65 |
solution, should have open source codes, and options for non-publish |
66 |
commercial codes. Are there back doors? Dunno. Ask. Make your own |
67 |
decision. But rumors are the F. Feds are pissed at these guys, cause |
68 |
they have real technology solutions right now. Not bullshit-AI jibberish. |
69 |
|
70 |
|
71 |
Sure, by executive order Trump could single action them out of |
72 |
existence, but rumor has it, he has already decided NO, on that pathway. |
73 |
My postulate is US Citizens, in good legal standing, with NO felony |
74 |
convictions, have superior rights to privacy, than the F. Feds. It's |
75 |
constitutionally bake in by our for fathers. We just need to stand up |
76 |
and demand this. F. these scumbag lawyers, judges and corrupt (sold out) |
77 |
politicians. |
78 |
|
79 |
The rest of the work is on their own. But, if we organize and stand up, |
80 |
we can put this 'demon' back into the darkness (abyss). I have no fear |
81 |
of the F. Feds. Others would be wise to self examine, before joining up |
82 |
with such an effort. |
83 |
|
84 |
|
85 |
|
86 |
James Horton, pe |