On 09/25/2012 10:18 PM, Matthew Finkel wrote: > On 09/25/2012 01:42 PM, Flo wrote: >> +1 >> This. >> >> The problem is especially on container-virtualizations like OpenVZ is >> that the admins of the hostnodes must just type something like 'vzctl >> enter 123' and they have a shell in your VPS... >> >> So you should have at least Xen/KVM where you can use encryption > > Yes! Sadly there aren't too many KVM hosts, but providers are slowly > offering more options. Xen has been stable for a longer amount of time, > so there are more options available for that, Linode, et al. > > I personally have KVM boxes from http://buyvm.net/ and > http://arpnetworks.com/, at times they leave something to be desired > with regard to performance, but overall I have no complaints related to > service or uptime. I don't currently use them for Tor related purposes, > but if they're not going to serve as exit nodes, anything else shouldn't > cause a problem (except bandwidth, as was noted). I'm planning to > contact them in the future to determine their stance on Tor and see if I > can move forward with some ideas I have, but that remains to be seen. >
Hey people I was under the impression that everyone having physical access to a running machine can get access to the operating system as well. Encryption makes no difference for a running computer, since cold boot attack may be used to dump the keys from memory. What's more, in a virtualization environment i guess that would be easier. If the above statements are generally correct, then you should trust a VPS provider, as long as you trust the administrator of the host machine *and* everyone else having physical access to it (for example the datacenter). _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
