What kind of privacy does an end-vps user have?

Xei

joereid said: because they can't just look at what processes are running or look through your files. Not without shutting your vm and mounting your disk image. At least I'm pretty sure they have to shut down the vm first...

Ah ok. I thought they can just attach to your VPS through some administration console where they have full root access. I need to read up on KVM and XEN then, cause I do like the fact that it provides more privacy/ensures that they can't access without shutting down and mounting.

Maounique

It can be done without unmounting. Salvatore did this on a KVM who's process was stuck in a D state. He dd-ed the whole disk cloning the VM.

joepie91

@Xei said:
ensures that they can't access without shutting down and mounting.

It doesn't. It just makes it harder for the host node to screw around with it, not impossible.

texteditor

@taronyu said:
They just don't allow torrents... simple as that. It is in their ToS so I think it is appropriate.

COMMONLY QUESTIONED USES

The following are acceptable uses provided they comply with the rest of this AUP:

IRC
Source games
Minecraft servers
VPN
Adult material
Torrents (Only allowed in US locations; must be limited to 20Mbps total)

GoodHosting

@SkylarM said:
That specifically would not cause issues. We are modifying our triggers and policies to better protect legitimate users such as this to prevent false positives as well as a few other tweaks based on feedback.

My rtorrent and libtorrent are both "rnoyou" and "libnoyou" , you wouldn't find these. What do you do now with your fancy top scraper?

SkylarM

@HardCloud said:
My rtorrent and libtorrent are both "rnoyou" and "libnoyou" , you wouldn't find these. What do you do now with your fancy top scraper?

Add both of the names now that you've told me obviously! :P

We have multiple custom scripts for the sake of different detection methods. This is just an example of one of them.

Nick_A

@darkshire said:
i installed rtorrent on my seattle vps

We don't kill torrents on US nodes. Perhaps your host node was given the wrong script. Shoot us a ticket.

Maounique

Just out of curiosity, why are torrents allowed in US where surveillance laws supposedly crack down the hardest on them ?

skybucks100

@Maounique said:
Just out of curiosity, why are torrents allowed in US where surveillance laws supposedly crack down the hardest on them ?

I've wondered this too, maybe their NL doesn't allow it? I can't find anything from HostHatch or serverius.com.

joepie91

skybucks100 said: I've wondered this too, maybe their NL doesn't allow it? I can't find anything from HostHatch or serverius.com.

RamNode NL is in Dataplace, not Serverius. Dataplace might have a policy against it, I don't know.

skybucks100

@joepie91 said:
RamNode NL is in Dataplace, not Serverius. Dataplace might have a policy against it, I don't know.

Oh, you're right, I thought they had some agreement with HostHatch or something along those lines? Maybe i'm just crazy...

Nick_A

Actually it has nothing to do with surveillance. The bandwidth is just abused and people don't often adhere to the limits we require in the AUP

Maounique

But in US they do ?
And, one of the purposes stated for the surveillance is that they try to prevent piracy. So, locally in US would be the hardest to do torrenting with NSA+RIAA+whatever other lobby group at your door the next day. Not to mention the automated settlement offers and all that.
I dont do torrenting was just curious how it all works out.

darkshire

i love how anytime someone talks about torrents; its automatically assumed they must be warez'ing.

Maounique

It is, if the traffic is 10% legit and you have 100 torrenters you can expect them to be at least half illegal. There is no reliable legit way to check.

abravo

Content and the protocol used to carry the content are to different things. Most internet traffic isn't legit according to one or other national jurisdiction. Now what? close internet?

iwaswrongonce

@Maounique said:
Just out of curiosity, why are torrents allowed in US where surveillance laws supposedly crack down the hardest on them ?

The US gets a bad rap because of NSA and DMCA, but unlike the EU, there are no mandatory data retention laws. So while copyright enforcement may be more strict, the idea that one is less surveilled outside the US is ludicrous. At the very least, we are supposed to be entitled to privacy. Outside the US, the NSA doesn't have to pretend to worry about pesky things like civil liberties.

chrisp

I still don't understand one important point here from Crissic's support WebSearchingPro..

Riz:

"He also repeated all the commands I had typed over SSH."

WebSearchingPro:

"We did not browse through your server in this case, the software parses the ps command for us with some regex."

@Riz: Did he repeat all the commands or all the commands, that contained torrent in its name? Just curious.

SkylarM

@chrisp said:
Riz: Did he repeat all the commands or all the commands, that contained torrent in its name? Just curious.

We reviewed a copy of the IRC chatlog, Web referenced the one line that Riz mentioned that had the sftp torrent@ and nothing more.

Maounique

@iwaswrongonce said:
Outside the US, the NSA doesn't have to pretend to worry about pesky things like civil liberties.

I was not talking about NSA surveilling torrents of latest Iron Spider movie (though they might make an extra buck by taking some contracts), of course they spy on everyone, however it will be hard to sue anyone over national security because they downloaded some movie. I was talking about the laws that allow for third parties (in this case IP rights holders) to use data collected by ISPs in the name of national security.

Who cares there is no law for data retention do you think that yahoo will not keep the data if NSA asks them ? They do "voluntarily":
http://en.wikipedia.org/wiki/Telecommunications_data_retention#United_States

At least in EU there are judicial checks over who sees what.

iwaswrongonce

@Maounique said:
At least in EU there are judicial checks over who sees what.

Ah right, how cute. I forgot, the British, Germans, French, etc haven't all been exposed doing the very same thing from Snowden's leaks. "Checks"...how adorable. They're all working together. It's just like the gambling scene in Casablanca.

But beyond that, what you said makes no sense:

• "it will be hard to sue anyone over national security because they downloaded some movie"
• "I was talking about the laws that allow for third parties (in this case IP rights holders) to use data collected by ISPs in the name of national security."

So it's hard to sue someone over copyrighted material in the name of national security? Or it isn't? Besides the obvious contradiction, there are no laws that allow IP rights holders to collect ISP data in the name of national security.

Nick_A

@Maounique said:
But in US they do ?

The ratio of torrent traffic to "other" traffic in the US versus EU was dramatically skewed toward torrents. If the average US node was doing 20Mbps of torrents constantly (I don't have the actual numbers anymore), the NL node was doing 150Mbps. It was to the point where we were going to have to charge a lot more or offer a lot less. Perhaps the EU network is better able to facilitate torrent traffic, but the heavy usage was nowhere near the same problem in our US locations (even when people break our AUP).

sc754

@Riz said:
Hello,

Not too long ago I was transferring files to backup on another server. I used SFTP put/get.. A few hours after I started transferring; my server was suspended. I received an email with a few of my file names claiming I was "torrenting" and it was not allowed.

Does a company have the right to look through what is on my VPS and what I do?

Thanks,

Openvz is just an advanced chroot, it is not real virtualisation. If you want more security and reduce the risk of a rouge host looking into your stuff then always use KVM / Xen. Preferably encrypt the disk too.

Maounique

@iwaswrongonce said:
So it's hard to sue someone over copyrighted material in the name of national security? Or it isn't? Besides the obvious contradiction, there are no laws that allow IP rights holders to collect ISP data in the name of national security.

Of course not, that is done "voluntarily". It is also not in the name of national security but, since the ISPs are volunteering to send it to NSA anyway, why not make a buck from the trolls too ?

I am not sure what you mean in general, my points are:

1. While there is no law in US yet (in spite of numerous attempts), this means exactly nothing. Not having a law to force ISPs to collect data does not mean they cant, especially since they are true red white and blue and fight for freedom helping NSA catch the terrorists. Since the LAW allows collection of "metadata", it will be collected, only banning such practice will make sure it is not collected, but the constitution can be overruled by the government in matters of national security.
2. While in EU there are retention laws, they cannot be used by third parties, even the government needs judicial supervision in most countries. It is simply forbidden to share the data of your customers with third parties.

In short, in US the law does not force ISPs to collect data (only judges can), but they volunteer or sell it not only to the government, but to third parties also, while in EU there is a law (BTW, does not apply to everyone, only to telecom companies, for example, Prometeus does not have to comply and we do not keep logs of visited IPs and such) to keep records, but those are available to a third party only under judicial supervision, it is forbidden sharing it otherwise.
It is the juducial supervision that makes the difference, a judge should make sure the citizen's rights are protected. That probably does not happen in many cases, but when ound to be breaching this, even governments pay hefty fines and have to drop the cases where data was obtained illegally.

iwaswrongonce

@Maounique said:

Show me where ISPs are selling data to third parties. Show me one instance.

subrosa

@iwaswrongonce said:
Show me where ISPs are selling data to third parties. Show me one instance.

http://seekingalpha.com/article/29449-compete-ceo-isps-sell-clickstreams-for-5-a-month

Cancel, the CEO of Compete Inc. revealed that ISPs happily sell clickstream data -- and that it's a big business. They don't sell your name -- just your clicks -- but the clicks are tied to you as a specific user (User 1, User 2, etc.).

How much are your clicks worth? About 40 cents a month per user (per customer)... and the Compete CEO estimates that there are 10-12 big buyers of this data. In other words, your ISP is probably making about $5 a month ($60 a year) off your clickstreams.

infected

well I wouldn't store my mothers porn on it

HostNun

@subrosa said:

How much are your clicks worth? About 40 cents a month per user (per customer)...

what a nub, he should try hitleap