New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Wrong.
Excellent article. The one thing they didn't mention though. How can you guarantee that in 25 years you'll trust the individuals appointed by the individuals who were appointed by the individuals who were elected by people who live 500+ miles away from you? Can you be sure that said individuals won't decide that you need to go away? Of course not. It's the same reason I ask every Obama voter "Do you trust the next Bush with the power you want to give Obama?"
I prefer mykolab.com, it's swiss based.
@ISidle
http://sealedabstract.com/code/nsa-proof-your-e-mail-in-2-hours/
I'm clearly NOT drunk, the fact is that Russia signed ACTA, which means that they are willing to cooperate with the US Government
@iSdle your kidding? fuck i need my own moon based dedicated.
As I said before:
We're installing the physical server by ourselves over there, a friend of me is originated from Czech and still goes there a lot, he knows the laws there etc.
I did think about the possible consequences that'd be in there, but the good thing is:
Dutch laws prevent me from getting punished by things that other people would do on my servers. I'd fall under the same laws as an ISP would do, and thus I can't be held liable for things that would be done on my server.
What can be done to you could go beyond the legal definition. Come home to find your stuff messed around with in a regular basis.
That's good enough, but as I mentioned above, it could generate great burden to you, and your friend as well. Did you consider getting more anonymous? Offshore company that in a location that won't show shareholders, and DCs that can play along with your anonimty?
@Jeffery
I assume you have not see this then?
Edit: It isn't your own personal e-mail you need to worry about per se, its the Six Degrees of separation and the other people who can affect you by their actions and the fact you communicate with them if they are under surveillance. The fact that they can establish a link between you and them can be used against you.
Cheers!
Uhm, no. Just no. That is 100% wrong. The laws don't protect you at all, your lawyer can only try to protect you by shifting the blame on the respective user, just like your ISP/datacenter can. If you don't have customer details they'll take you as fully liable and you'll get punished for what your anonymous users did. There's a reason companies collect customer details for hosting services...
Oh and, how about using PGP and submitting your keys to the right databases.
You dumb naive fools and your "privacy" hosts... The NSA et all already have your emails before they reach your provider.
Solution: use serious encryption or an uncommon protocol unlike mail - that however only makes it harder for surveillance agencies, not impossible
I cant imagine what a user could possibly do to get me in sued. Its a freakin mail servrr
reconsider the whole thing.
You want to start an OFFSHORE email host, then expect ILLEGAL activity. How couldn't you make that link between those terms?! Are you like fucking 12?
Jees, sad to see the majority of dutchies on here (I'm one myself for the note) being complete idiots
@iSidle You still haven't explained how you plan to protect your users from yourself.
If it's "offshore" and anonymous, then you can expect visits from hackers, carders and other criminals.
These people will use your service and abuse it.
@c0y
Yes, but you can limit the amounts of emails per hour/day if I'm correct, and further I know that these people will be my clients. So what kinds of ILLEGAL activity/hacks could be done that would be able to get ME into shit.
The only thing that I can think of is an email bomber (which you can limit) and spammers (which you can terminate) .
Further @joepie91,
I can turn off server logs and encrypt traffic so even I can't track them down using IP's etc.
How about somone sending child porn to his friends via email? Or something related to terrorism?
And so taking personal liability (or "hoofdelijke aansprakelijkheid" in Dutch) for all your users.
@William can tell you a nice bed time story about this, he ran a Tor exit node and was accused of watching CP while it was clear he ran that exit.
Are you really this fucking dumb and blind of what people are capable of..? I know the law very well, and this is a horrible idea unless you don't mind moving to a country like China where there are too many people to trace you anyway.
People don't need your crap, they're fine with services like Tor mail and PGP encrypted emails.
As title states, this was Market research, I was just checking out the possibility's that are there, so maybe this is a bad idea, well okay, then I wont use it.
Honestly? Yeah, it is a bad idea.
You don't seem to have the technical and operational security experience required to run a service like this one.
Or a single idea of what he is getting him into legally..
The best would be, Antarctica or rent a little platform i ocean.
AntarticaVPS - We're the coolest hosting on the planet!
EDIT: http://arstechnica.com/business/2012/04/coolest-jobs-in-tech-literally-running-a-south-pole-data-center/
"Encrypt traffic"? From where to where? The question was how you would protect your users from yourself - that means removing the need for them to trust you. "Turning off logs" is not a valid answer - it still requires trust.
Another country which came in my mind is Turkey.
VPS are not so expensive and it's outside of the EU. But I must admit that I don't know anything about their laws regarding privacy.
Turkey is an associate member of the EU. They are in progress of accession to the EU (so called candidate country). The chapters on Foreign, Security and Defense Policy are already in-line with the aquis, meaning the Turkish laws are more or less in-line with the EU legislation in that sector. The same is true for the chapter on Intellectual property.
Through a tunnel, from you to our servers.
And instead of burning this down, you could also make Suggestions yourself, how I could improve this.
I'm not looking for a VPS, they usually do not use an kernel like coreboot, or offer Linux Mint. I was especially looking for colocation so we could install our own server in the rack.
I don't want to burst your bubble, but Czech security law allows of confiscation of any equipment with a short order and no notice - As it is EU you also have to consider ALL other EU countries laws as they can produce an order based in their own laws that HAS to be accepted in CZ after evulation.
I have a video of a Europol agent walking into my Czech provider (along with a hoarde of specialists they brought in from Prague) and pulling 2 HDDs on a RAID set of a VPS node - I never got any order for this, and this is fully legal in CZ.
No, this is bound to fail, hard.
Turkey. Fail hard. Security state, Internet censorship implemented, single upstream law (Though there are exceptions with L2 links, Vodafone i.e.)
Russia. Fail hard. Dictatorship, unknown and impossible to predict lawset from 1930-2013 used as required by the the Gov.
Realistically, if you want to pull something like this you HAVE to live in this country, know it's law and HAVE a local lawyer on standby, because you WILL get court orders (and/or raided) - That is entirely out of question.
By business freedom and global security (either by guarantee, colonial power or a superpower) this is a usual job for Hongkong (de-facto and de-jure, even with growing Chinese influence) or other large economies that can deter EU/US pressure as Brasil (de-jure - de-facto rather not) or South Africa also.
It's always a question of userbase, if you have mainly US/EU users and want to piss off them there, host in Iran or Syria (which does still work)
Regardless you always either sacrifice physical and upstream security for judicial security or judicial security for physical and upstream security - You cannot have all of that in one package, and if you do (or someone claims to) you work with a 3 letter organization secretly.
I'm always amazed at the german police - They automatically run IPs against a Tor exit check function and log this, most others in EU do also, i'm not sure why no one here thought about such simple tasks...