Ostel servers are US-based

[juh2]

In chapter 12.1 you recommend using ostel as OSTN provider. Their servers are in the USA, as they say in their FAQ: https://ostel.co/faq

This service should not be recommended.

[yuvadm]

There's no a priori reason why Ostel should not be recommended just because their servers are located in the US.

Do you have any information the would imply otherwise?

[juh2]

Companies in the US can be forced to give direct access to the NSA and they don't even has the right to tell this to their customers. So before you think about encryption, you should use services which are not US-based.

[infinity0]

You are an idiot if you think non-US governments are not doing the same thing.

[infinity0]

although it is right that the handbook should not be recommending encryption systems that are not end-to-end (user-to-user, rather than user-to-service). it's not clear whether ostel adheres to this; feel free to dig around more and present evidence here.

but "it's in the US" is not a logically valid reason for removal.

[juh2]

You can call me an idiot as often as you like. There are different legislations in different countries, but the relevations of Edward Snowden give enough evidence that it is better to avoid US-based services. I would prefer servers in a country which respects privacy by default.

[yuvadm]

@juh2 this isn't about personal preference, it's about end to end privacy as @infinity0 rightly mentioned. Please try to provide more data that proves your point. If data is properly encrypted, there's no reason Ostel's servers are not to be trusted, even if they are compromised.

[ninlilizi]

This isn't as simple as end-end. A service cooperative with western governments will leak who you communicate with and when. This will tie to your physical identity via isp records. Requiring a whole additional layer of abstraction (read complicated configuration and social habbits) to isolate you. Then there is the issue of pattern recognition. Meaning that unless your crypto uses heavy padding. Figuring what your talking about will require only usage over time and statistical analysis.

Yuval Adam notifications@github.com wrote:

@juh2 this isn't about personal preference, it's about end to end privacy as @infinity0 rightly mentioned. Please try to provide more data that proves your point.

---

Reply to this email directly or view it on GitHub: https://github.com/cryptoparty/handbook/issues/65#issuecomment-21932333

Sent from my PAN.

[infinity0]

that is incorrect. metadata is leaked but that's another issue outside of the scope of the original complaint. proper crypto does not leak "pattern recognition".

[ninlilizi]

It does if you stop looking at the data itself. And instead watch the 'shape' of the data stream. Like watching the variance in traffic congestion on a motorway. Which turns the question of a us based provider into one of the explicit behaviour of the type of cryptography proposed. Padding isn't a default or given operation as these things are primarily dead reckoned against latency.

Ximin Luo notifications@github.com wrote:

that is incorrect. metadata is leaked but that's another issue outside of the scope of the original complaint. proper crypto does not leak "pattern recognition".

---

Reply to this email directly or view it on GitHub: https://github.com/cryptoparty/handbook/issues/65#issuecomment-21932775

Sent from my PAN.

[infinity0]

if by "shape" you mean "amount of data" then yes, and that would be the case whether you used crypto or not (and there are non-crypto methods to hide even this). but you still cannot "figur[e] what your talking about", such as the model of the cars, or their passengers, or the goods they carry. properly-implemented crypto is computationally indistinguishable from random data; this is a mathematically-proven truth (assuming P!=NP).

[yuvadm]

:s/P=NP/P!=NP

In any case, this discussion is off-topic and exceeds the scope of this (non-)issue.

[ninlilizi]

I'd normally be inclined to agree with you. But there are enough research papers on the subject to make this a primary concern beyond social graphing. As to why recommending providers operating under any westernised governments unthinkable. And sloppy at best.

Ximin Luo notifications@github.com wrote:

if by "shape" you mean "amount of data" then yes, and that would be the case whether you used crypto or not. there are non-crypto methods to hide this too. but you still cannot see the data (to be able to "figur[e] what your talking about", such as the model of the cars, or their passengers, or the goods they carry. properly-implemented crypto is computationally indistinguishable from random data; this is a mathematically-proven truth (assuming P=NP).

---

Reply to this email directly or view it on GitHub: https://github.com/cryptoparty/handbook/issues/65#issuecomment-21933526

Sent from my PAN.

[infinity0]

Please cite the papers that disagree with what I just said. Being able to use untrusted services is an explicit goal of some cryptosystems, so if what you think is true then we're all screwed and might as well go kill ourselves.

[juh2]

Apart from the legislation in the US I would never recommend a US-based service to any company outside the USA. Servers might be confiscated in many countries. But it is better if you use servers in your own country to lessen the risk of industrial espionage.

[ninlilizi]

No need to be so dramatic. That's just immature. I'm currently on a cross country train. And won't be anywhere with either power or data stable enough for more than email till some time next week. Otherwise I'd be delighted to Google for you. Most of the papers documenting this focused on Skype. So I suggest you start there and branch out into the more esoteric protocols. Otherwise I've got 2008 on the other line and it would like a word about its current state of electronic interception.

Ximin Luo notifications@github.com wrote:

Please cite the papers that disagree with what I just said. Being able to use untrusted services is an explicit goal of some cryptosystems, so if what you think is true then we're all screwed and might as well go kill ourselves.

---

Reply to this email directly or view it on GitHub: https://github.com/cryptoparty/handbook/issues/65#issuecomment-21933939

Sent from my PAN.

[ninlilizi]

Probably a better idea than recommending 1 service in particular. Would be to provide a guide to choosing your own provider. Laying out all the pros cons / considerations that may or may not be released to to your specific usage requirements. The other danger with funneling a number of people towards a specific service like this manual will. Will be handing a low hanging fruit to the spooks as an incentive to go fishing in this specific pond over the others as good place to pick out potential subversives. Sure your correct based on technicalities. But not giving enough thought to the social element which is where the parties at.

Jan Ulrich Hasecke notifications@github.com wrote:

Apart from the legislation in the US I would never recommend a US-based service to any company outside the USA. Servers might be confiscated in many countries. But it is better if you use servers in your own country to lessen the risk of industrial espionage.

---

Reply to this email directly or view it on GitHub: https://github.com/cryptoparty/handbook/issues/65#issuecomment-21934531

Sent from my PAN.

[infinity0]

Being dramatic does not make me wrong. Please, don't brush off my being precise and correct as a "technicality", just because I am not considering "social elements" that you think somehow override correctness. (I am ignoring them for now because it's outside of the scope of this immediate issue.) If you truly want to consider social elements, you ought to talk about them in precise language that can stand up to scrutiny, rather than making vague statements and mis-interpreting papers.

[ninlilizi]

My language is perfectly precise. I can see you twisting my words in ways very different to how they are intended and refuse to take your childish bait.

But the issue still stands. That recommending people route their comss thru America, unless they're one of an unfortunate minority who live there is just bad form.

Ximin Luo notifications@github.com wrote:

Being dramatic does not make me wrong. Please, don't brush off my being precise and correct as a "technicality", just because I am not considering "social elements" that you think somehow override correctness. If you truly want to consider social elements, you would talk about them in precise language that can stand up to scrutiny, rather than making vague statements and mis-interpreting papers.

---

Reply to this email directly or view it on GitHub: https://github.com/cryptoparty/handbook/issues/65#issuecomment-21937172

Sent from my PAN.

[infinity0]

As I tried to explain before, "it's a US-based service" by itself is not much more than a knee-jerk reaction. It may or may not be valid, we need more information. However, if one is going to rely solely on this fact, without even attempting to obtain more data[1], one is simply being prejudiced, especially considering that your own government is likely doing the same thing.

Another thing: me pointing out your factual errors is not childish, but you mistaking this for a personal attack is childish. I'm not trying to "bait" you. If you feel I've "twisted" your words, please explain how I've done this. If they are actually precise, explaining this should be easy for you. If not, it means your words and thoughts are not precise, and you ought to spend some time and effort making them so.

[1] e.g. whether the service uses end-to-end encryption

[ninlilizi]

I think your missing the point. Whence suggesting a better action being to equip the user with the knowledge to select a provider suitable to their unique situation rather than sign posting to a thing that's only suitable for a small piece of the world and hence potential readership.

Ximin Luo notifications@github.com wrote:

As I tried to explain before, "it's a US-based service" by itself is not much more than a knee-jerk reaction. It may or may not be valid, we need more information. However, if one is going to rely solely on this fact, without even attempting to obtain more data[1], one is simply being prejudiced.

Another thing: me pointing out your factual errors is not childish, but you mistaking this for a personal attack is childish. I'm not trying to "bait" you. If you feel I've "twisted" your words, please explain how I've done this. If they are actually precise, explaining this should be easy for you. If not, it means your words and thoughts are not precise, and you ought to spend some time and effort making them so.

[1] e.g. whether the service uses end-to-end encryption

---

Reply to this email directly or view it on GitHub: https://github.com/cryptoparty/handbook/issues/65#issuecomment-21945840

Sent from my PAN.

[ninlilizi]

The principal I'm knee jerking over is not the location per se. But the blind funneling of potential users towards a specific third party. Without any intimate knowledge of how they operate behind closed doors. Or way of knowing if what's good today becomes toxic tomorrow. Also it's pretty easy logic to follow that any choke points that get lit up like this will more readily become seen as vectors of strategic value.

Ximin Luo notifications@github.com wrote:

As I tried to explain before, "it's a US-based service" by itself is not much more than a knee-jerk reaction. It may or may not be valid, we need more information. However, if one is going to rely solely on this fact, without even attempting to obtain more data[1], one is simply being prejudiced.

Another thing: me pointing out your factual errors is not childish, but you mistaking this for a personal attack is childish. I'm not trying to "bait" you. If you feel I've "twisted" your words, please explain how I've done this. If they are actually precise, explaining this should be easy for you. If not, it means your words and thoughts are not precise, and you ought to spend some time and effort making them so.

[1] e.g. whether the service uses end-to-end encryption

---

Reply to this email directly or view it on GitHub: https://github.com/cryptoparty/handbook/issues/65#issuecomment-21945840

Sent from my PAN.