Importance of partition of trust for critical data exchanges

[VPS 1]

 

I doubt AirVPN team can monitor them in any way, the only thing that I hope they do is implementing a full-disk-encryption like LUKS/DM-Crypt, where the bootloader

password is entered via IPKVM. This way you can assure that the data-center can only monitor the netflow connections, but not see/backdoor anything on the server itself.

 

 

I would appreciate if AirVPN could comment on this. If you use VPS/cloud servers, how do you assure that the server provider does not log?

[Staff 9971]

Hello!

 

We don't use VPS or cloud servers for our VPN servers.

 

Kind regards

[VPS 1]

We don't use VPS or cloud servers for our VPN servers.

Does that mean that you use dedicated physical servers instead? How can you ensure - if at all - that the providers that your work with do not log either. A Dutch server provider operating for EarthVPN passed on logs to the police so that one of their users could be identified. This was despite EarthVPN claiming logging would not happen. Apparently this did not include their business partners.

 

Any comment on what zhang888 had to say?

[Staff 9971]

Hello!

 

Yes, only physical servers. Your report is important, what is the Dutch provider? Do you have any additional reference to the case? And of course nobody can be 100% sure that a sufficiently powerful entity wiretaps your machinery, regardless of any kind of service or provider, not even if you run your own datacenter. Encrypting the OS on the server is not a solution, because the adversary can put two boxes on incoming and outgoing connections and correlate any traffic flow simply through timing (similarly to any timing correlation attack in any low latency network).

 

Also see the importance of partition of trust, strictly related to the issue (and capable to defeat the aforementioned adversary, provided that this adversary is not also capable to monitor at the same time the relevant TOR circuit you have established or the external service you have picked - an extremely low probability):

 

https://airvpn.org/topic/54-using-airvpn-over-tor/?do=findComment&comment=1745

 

Kind regards

[VPS 1]

Do you have any additional reference to the case?

This thread covers the case:

www.lowendtalk.com/discussion/11348/problems-with-my-life-situation

 

The replies by EarthVPN are particular insightful.

[Staff 9971]

Hello,

 

thank you, unfortunately that web site requires registration to read the link you provided and currently registrations are closed, but we'll keep an eye on it just in case they re-open registrations.

 

Kind regards

[athelstan 11]

https://webcache.googleusercontent.com/search?q=cache:k4vlZsPvZ5UJ:http://lowendtalk.com/discussion/11348/problems-with-my-life-situation

 

https://webcache.googleusercontent.com/search?q=cache:R7wAG9wC6wsJ:http://lowendtalk.com/discussion/11348/problems-with-my-life-situation/p2

 

[VPS 1]

The relevant responses by EarthVPN start on page 2. The question is how can AirVPN prevent this from happening?

 

EarthVPN Member

June 24 edited June 24

 

Let me clarify some false accusations.We do not keep logs and neither provide 3rd party as there are no logs to provide.

 

As this issue seems to be related within netherlands what we can disclosure is one of our server in netherlands have been seized recently with a court order.There are no logs kept on the servers so it is technically impossible to match a user of his activities.

 

What we can only suspect is the datacenter have IP transfer logs as we were also having DDOS protection.

 

After this circumstance happened we have cancelled our contract with the datacenter.

[Staff 9971]

Hello!

 

Please see the above link on partition of trust. Even if we said (and beware, we're not claiming that) that this can't happen with our system and our providers, you would anyway have to trust us and we would anyway have to trust our provider.

 

With partition of trust, you distribute trust between N parties, so that if N-1 parties betray the trust, your anonymity layer is NOT compromised, effectively solving the trust problem in a drastic and effective way. We faced this problem in 2010, at the birth of AirVPN.

 

Kind regards

[Royee 10]

So you have distributed that trust and used a different server ie the backend server ? 

 

Which is seperate,  also it is even more advised to use AirVPN with tor so the real ip address is never seen ?

[Staff 9971]

@Royee

 

Not exactly, partition of trust and all the discussed topic refer to the trust that you put on us. If you can't afford to trust us, or even if you can trust us but you can't afford to trust the datacenter personnel our servers are in (*), you have the tools to strengthen the anonymity layer.

 

About the backend servers, it's another topic, although you're right that it's actually related, and it is important as well, because in this way we do not keep any account data, including user keys, on any VPN server, and above all we can in this way keep location of the clustered database totally private and unknown to anyone, which is also an additional protection against a wide range of attacks.

 

(*) When we founded AirVPN we thought about how the anonymity layer of a person in need to disseminate information on organized crime, or the anonymity layer of a whistleblower, could be protected even from ourselves, so that those persons were not forced to trust blindly a single entity.

 

Kind regards