top | item 8573092

(no title)

knyt | 11 years ago

Don't think that'd add anything. The people investigating you would presumably look at your network traffic and see all of the non-anonymized TLS packets traveling between your VPS and the real server. And they shouldn't need to bring the VPS down to get an image of its disk (or its RAM).

discuss

yc1010|11 years ago

Of course tho' I doubt it be enough for evidence in court especially if everything is bought with fake aliases.

And the saving memory contents (could hold config files on tmpfs for example) seems to be a difficult process, from wikipedia "Holding unpowered RAM below −60 °C helps preserve residual data by an order of magnitude, improving the chances of successful recovery. However, it can be impractical to do this during a field examination."

It would be interesting to get perspective from any forensic experts.

The key imho is to put as many hoops in attackers path.

knyt|11 years ago

They could just write the memory to disk. https://www.suse.com/documentation/sles11/book_kvm/data/sec_...

psykovsky|11 years ago

It doesn't need to be like that. You can have a frontend server with a public .onion domain that just pulls everything from a different remote and private .onion domain. Yes, the latency will suck.