Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


RamHost node HDDs seized by German police
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

RamHost node HDDs seized by German police

liviuliviu Member
edited February 2013 in General

We (as a company) were hosting one of our websites on a ramhost node in Germany (vz60 to be more precise)
never had any problems with it in the past year or so, but today was that Murphy's law day when we emailed one of our partners and linked to a file on the site in some important mail exchange, and we were waiting for his reply. Then we received an alert from our monitoring system that the website is down. We said ok, it will be back in a few minutes. A few hours passed and the machine was still offline. We checked Ramhost's status page and that node was the only one offline. One hour ago or so Ramhost published an announcement that the node's hard-drives were seized by the German authorities.

Notice available here: http://paste.ee/r/KCzXn

Well, ok - we said. We have backups, no worries. We are reasonable customers and don't just host things since yesterday, but what really catched my attention was the following phrase:

"Unfortunately, any backups we had of this server were also stored on drives mounted in this server - those
were seized by the German Police along with the primary hard drives."

And THAT'S the thing to worry about! Whoever provides hosting services along with backups should not host the backups on the same machine. Call it common sense rule/good practice or however you want.

Sure - some hosting companies can simply say in the TOS/service agreement/description that they do not provide backups.
But anyway, if you are a hosting company and you store your backups on the same machine, you're doing it wrong. It's kind of better if you don't do it at all - ironically but it sounds better.

I take this opportunity given the unfavorable circumstances to raise some awareness for both hosting providers and customers: "No backups" is better than "stupid backups" - and it would be interesting for the community to know how other providers are doing the backups.

«1345678

Comments

  • Ouch

  • Wow..

  • @liviu said: I take this opportunity given the unfavorable circumstances to raise some awareness for both hosting providers and customers: "No backups" is better than "stupid backups" - and it would be interesting for the community to know how other providers are doing the backups.

    Yes, as I have said in another thread - offsite backups is the only way to go for a low cost. Sure if you had the money you can have different tiers of backups and backups of backups.

    Anyhow, hope they get it resolved.

  • Sounds like a good time.

    So gestapo comes and just takes one computer?

    Someone know what was being hosted on that network? :)

    I'll be sure not to buy a VPS or server in Germany in the future.

  • Someone should tell that host:

    You should buy a BuyVM for backup space. :)

  • earlearl Member
    edited February 2013

    How is that legal they just confiscate a whole hard drive!! it's not like the offending individual owns the whole drive!

  • @earl said: How is that legal they just confiscate a whole hard drive!!

    Not sure if being sarcastic or not...

  • @gsrdgrdghd said: Not sure if being sarcastic or not...

    Why would I be sarcastic I mean there is other people's data on there!!

  • Well, what are the SS agents, nazis, I mean police going to do? Seize a platter?

    What's the recent trend in Germany been for basis of these confiscations? Piracy? Free speech? Hate speech?

  • I have always seen host backups as a potential way to restore a system quickly case of failure, rather than any sort of data-protection mechanism. Its a best effort thing, take it for any more than that, well . . . this can happen.

    Good thing you had the common sense to store your own backups. Lots of dumb-asses did not, I'm quite sure.

  • InfinityInfinity Member, Host Rep
    edited February 2013

    @pubcrawler said: So gestapo comes and just takes one computer?

    lol, that cracked me up..

    On a serious note it is sad, but I presume it was clearly mentioned it is the users responsibility to keep backups themselves as many companies say. I guess they could've taken offshore backups but what's done can't be reversed now..

  • @pubcrawler said: Well, what are the SS agents, nazis, I mean police going to do? Seize a platter?

    I'm sure they can ask to shut down the offending website but to shut down the whole server with other peoples data seems a bit much

  • MaouniqueMaounique Host Rep, Veteran
    edited February 2013

    @pubcrawler said: I'll be sure not to buy a VPS or server in Germany in the future.

    Also in US, they would just pull all the computers in the DC, probably, same as Austria...
    So, another victory against CP/terrorism/drugs I suppose...
    Nothing is certain as long as those fools are allowed to pervert the law and do "collateral damage" and never pay for it, no matter if they found anything after the search or not.
    Policemen AND judges that authorized it should be severely punished if they couldnt get a conviction out of this due to lack of evidence or inadmissibility in court.

  • @earl said: Why would I be sarcastic I mean there is other people's data on there!!

    So? How should the police know whose data to copy? This is the standard practice all over the world and completly reasonable given that there is a proper criminal investigation behind it. If anything at all i'd consider it nice of the police that they didn't seize the whole server, only the harddrives.

  • @pubcrawler no idea what the neighbors were hosting on different containers, we only had a legit company presentation page. Regarding the backup space - we use our own local servers for most of them. Our site is already back online, just waiting for the DNS update to propagate

  • rchurchrchurch Member
    edited February 2013

    @earl Legal is what the law says they can do, not what is just or reasonable. At best the law should be changed to require them to duplicate the data on to a different set of disks, and return either the original or the duplicate to the provider.

    Cheap OVH servers have their advantages, unless the whole rack or cabinet is required to assist the police with their enquiries.

  • edited February 2013

    @gsrdgrdghd said: So? How should the police know whose data to copy? This is the standard practice all over the world and completly reasonable given that there is a proper criminal investigation behind it. If anything at all i'd consider it nice of the police that they didn't seize the whole server, only the harddrives.

    Sense.

    Also point 18 in Ramhost ToS:

    18) Backups: Clients are responsible for producing their own backups. We maintain a real-time data backup via the use of RAID mirroring to help prevent data loss due to hardware issues, however there is always a risk of dataloss inherent with any storage medium. We will not be held responsible for data loss.

    They did tell you they kept no backups.

  • joepie91joepie91 Member, Patron Provider

    @pubcrawler said: Well, what are the SS agents, nazis, I mean police going to do? Seize a platter?

    Whatever happened to forensic backups?

  • @gsrdgrdghd said: So? How should the police know whose data to copy?

    I'm not sure.. but when this kinda thing happens with like piratebay then yeah I can see that as they own the whole server but ramhost is just selling VPS?

  • @Maounique Is this a possibility in Italy?

  • earlearl Member
    edited February 2013

    @joepie91 said: Whatever happened to forensic backups?

    Yeah there is one way shut down the offending website and take the backup harddrive for evidence instead of just pulling the plug on everyone..

  • InfinityInfinity Member, Host Rep
    edited February 2013

    @ShardHost said: Ramnode

    @liviu said: Ramhost

    :)

    But it probably does have a similar clause in Ramhost's TOS.

  • TheHackBoxTheHackBox Member
    edited February 2013

    Interesting... sucks to be ramhost right now.

  • I agree @joepie91.

    Now we need to all have a discussion like big responsible adults about how best to encrypt your data on remote server.

    What sucks horrendously is the gestapo in addition to seizing the misdoers data now have legitimate folks information, security keys, databases, etc. That's not acceptable at all.

  • @Infinity said: But it probably does have a similar clause in Ramhost's TOS.

    Fixed!

  • MaouniqueMaounique Host Rep, Veteran

    @ShardHost said: How should the police know whose data to copy?

    Ask the host ?
    There are 2 possible situations here:
    1. they believed the host was involved and telling them would compromise the operation as they could delete the evidence.
    2. They thought the host was not involved.

    If we take 2, then ask them nicely to take a copy of the VM with all data and pass it to them. Yanking a drive will probably make it hard to recover the data as they will have to look to get the right drive, then find the VM in question's data, then copy it themselves. Hardly a good way, the host will know exactly what to copy given the IP, get it on a stick, voila... What if the data is on an encrypted container ? Taking the machine off is the best way to lose the key in the memory if present.
    If we take 1, then they should get all their nodes to discover even more "wrongdoing", chances are in such a big "pool", something will be discovered so the raid will appear as justified.
    Either way, another sloppy operation, complicating not only the life of the host but their own.

  • @pubcrawler said: Now we need to all have a discussion like big responsible adults about how best to encrypt your data on remote server.

    It might be possible if people weren't making ignorant comments about German people.

  • earlearl Member
    edited February 2013

    @Maounique said: Policemen AND judges that authorized it should be severely punished if they couldnt get a conviction out of this due to lack of evidence or inadmissibility in court.

    Yes they should do this.. someone should be held responsible with consequences so they're not too quick on pulling the trigger..

  • RAM Host is @ramnet and they have a brand called TinyVZ.

    They've posted on here before. Show up in the user best provider ranking results.

    Feel bad for them having to deal with this.

    I am betting it is torrent related. Seems they did allow torrents.

  • MaouniqueMaounique Host Rep, Veteran
    edited February 2013

    @emilv said: @Maounique Is this a possibility in Italy?

    With proper judge authorization, yes. And judges, like everywhere, when they hear CP, terrorism, drugs, dont need any evidence. It will probably be obtained as a result of the raid and if not, well, we'll catch them the next raid, there must be something illegal there and given a large enough pool of servers, there will be... The host cant do anything even if they were trying to do the police work as the law requires.
    This should stop.

Sign In or Register to comment.