Silk Road forums
Discussion => Security => Topic started by: galileosophia on September 23, 2013, 03:03 am
-
Relative to the US and Europe, what are the safest off-shore hosting locations? It's also worthwhile to include stability of the country in the ranking.
Some places I'd like to hear commentary about are:
-- Argentina
-- Panama
-- Sweden
-- Romania
-- Singapore
Lastly, is there a good resource out there showing which countries are allies/enemies and do not have a tradition of extradition and cooperation?
-
Offshore hosting you would want Ukraine or Russia. Iceland depending on what you're doing/hosting as well.
All the fraud forums are hosted out of Ukraine, Azerbaijan, Moldova, basically all CIS countries.
Out of your list I would pick Panama as Singapore is a police state, Argentina too flaky and close to US (they just busted a hacking crew there), Sweden has data retention laws, Romania possibly if it's your only choice.
Go on forums like Xakepy and antichat portal of russian hackers, translate the pages and look for bulletproof hosting
http://forum.antichat.ru/forum148.html
-
Make architecture your friend.
Assuming you are talking .onion then your front door doesn't need to be in the same country as your house.
In fact multiple front doors are a good idea - point them as appropriate to your content. If you lose a front door, you haven't necessarily lost your content.
-
Offshore hosting you would want Ukraine or Russia. Iceland depending on what you're doing/hosting as well.
All the fraud forums are hosted out of Ukraine, Azerbaijan, Moldova, basically all CIS countries.
Out of your list I would pick Panama as Singapore is a police state, Argentina too flaky and close to US (they just busted a hacking crew there), Sweden has data retention laws, Romania possibly if it's your only choice.
Go on forums like Xakepy and antichat portal of russian hackers, translate the pages and look for bulletproof hosting
http://forum.antichat.ru/forum148.html
That's excellent advice and I completely agree. I suppose there's a reason Snowden is in Russia.
I'm definitely going to check out antichat.
How stable are servers in the Ukraine and Russia? Do they give good speeds?
-
Remember to look at all parts - if you use a .com or .net type name with this service, make sure you have registered it somewhere 'safe' as well. But most would advise not using a .com or .net TLD.
See where the DNS servers are, if they are in another jurisdiction, you're vulnerable there. Server location, TLD choice, and trust of staff of server location are key. I would recommend asking about your ability to visit your server with them.
Singapore is a police state indeed.
Panama might have some kind of connection but it won't be cheap
Argentina is similar in many regards
Romania if you can figure out who to pay to get things done might work well. But you'll pay repeatedly.
Sweden would work with whatever agency might be interested in someone doing business in their country.
I like Costa Rica, Honduras, Nicaragua, Thailand, Vietnam, Indonesia, Malaysia, Macau, Brunei, Hong Kong, and Philippines, as a starting group
-
your best bet is so called axis of evil countries which will not cooperate on LE data requests from western govt
russia/ former CIS/ Venezuela/ Honduras/ Cuba/ offshore banking destinations like bahamas, leichenstein, mauritus/ tax heavens
you gotta remeber though that when it comes to drugs they all have to cooperate
-
Romania/ Bulgaria...CIS/ Russia/ China
Switzerland/ Cayman Islands/ Liechtenstein/Luxembourg/Jersey, Guernsey and the Isle of Man
Venezuela/ Argentina/ guatemala/ honduras
Iran/ North Korea/Cuba
any of govt with lax cybersecurity laws, strong client anonymity, less cooperation with western countries
-
I like Costa Rica, Honduras, Nicaragua, Thailand, Vietnam, Indonesia, Malaysia, Macau, Brunei, Hong Kong, and Philippines, as a starting group
Great list. I'm definitely saving that and looking into some more of those countries for hosting. Have you used any/can recommend any from experience?
Do many of those countries offer bullet proof hosting?
-
I've used hosting providers in CR, Thailand, Philippines, Hong Kong, and Malaysia. I have connections in a few of those countries who would happily act as 'remote hands' as long as the space in the rack was paid for, and the server install instructions were not overly complex.
I don't trust anyone selling 'bulletproof hosting', I do trust the people I know on the ground in these places. I've worked with some of them over 10 years, and know that if anyone was interested in the activity coming from the 1u or 2u server I rented space for, I would be notified well in advance of any third party being given access to my server...
I also have a good relationship with a hosting provider operating out of the Bahamas if that's of interest.