Big Brother and Kill Switches

It’s being fiercely opposed and is a far way from reality anyway, but every now and then my tinfoil hat quotient is elevated.

I haven’t bought anything, don’t plan to do so too immanently, and won’t talk publicly about it if I do, but I’d just like to put a few things out there:

  • Good-enough 1U servers are a dime a dozen on eBay. If you need virtualization support, gobs of RAM, or really good disks, the prices are a bit higher, but if dual 3GHz Xeons, 2GB RAM, and a pair of 36GB SCSI disks (mirrored for redundancy) work for you, you have a wealth of options for under $200.
  • is famous for hosting The Pirate Bay and Wikileaks, two sites that a lot of powerful people would like to go away. Their colo plans for 1U start at $80/month. (Dedicated servers start at $123, though there’s also a $200/month setup fee.) They offer tunnel services for much lower prices, but if you’re building a tinfoil-hat encrypted international tunnel, you’d probably do well to not trust anyone.
  • OpenVPN is free, easy enough to use, and supported (in userspace) on all major platforms. (ssh tunneling would work, but it’s kind of a hassle if you want to tunnel everything through it.)
  • Disk encryption is nothing new. I think, ideally, you’d set the box up so that it could be booted unattended, but the ‘privileged’ data (e.g., /home, anything chrooted, and any logging you did) would require that someone log in and provide a passphrase to mount the secure partitions. (Important: don’t log connections to an unencrypted partition if you can help it.)
  • Squid is a nice proxy if there will be more than a couple concurrent users.
  • Tor exit node. Plausible reliability. Tor seems to provide it natively, but iptables can throttle bandwidth too.

I get about 120ms pings to PRQ. Not wonderful, but not so shabby given the distance.

Leave a Reply

Your email address will not be published. Required fields are marked *