[kwlug-disc] Russia seizes VPN servers

Mark Steffen rmarksteffen at gmail.com
Mon Jul 11 22:33:10 EDT 2016


I've got a VPS hosted in the basement of a big black building halfway
between Washington and Baltimore just off the 295, it's apparently a VERY
secure facility.  Throughput is great, though I do get ssh complaining
sometimes, I have to clear some stuff out in ~/.ssh/ for it to stop
complaining and connect. Weird. It was a great price though, and secure. I
keep all of my passwords, and router configs there as an offsite backup as
well as archives of all my email, financial information, and evil plans.

*Mark Steffen*
Office: +1.226.476.1240 | Mobile/SMS: +1.226.600.0464 | Skype:
r.mark.steffen
*"Quality is not an act, it is a habit." - Aristotle*


On Mon, Jul 11, 2016 at 10:13 PM, Chris Irwin <chris at chrisirwin.ca> wrote:

> Not specifically Linux-related, but I thought this might be relevant to
> users here.
>
> Apparently Russia recently passed an anti-encryption law. From what I
> understand, it requires all entities operating within Russia to provide
> the ability for the FSB to decrypt traffic. Obviously, this is very bad
> for those in Russia (and unfortunate for the inevitable "have to keep
> up with the Jonses" arguments that will start elsewhere).
>
> Today, VPN provider "Private Internet Access" sent out the following
> information:
>
> > To Our Beloved Users,   The Russian Government has passed a new law
> > that mandates that every provider must log all Russian internet
> > traffic for up to a year. We believe that due to the enforcement
> > regime surrounding this new law, some of our Russian Servers (RU) were
> > recently seized by Russian Authorities, without notice or any type of
> > due process. We think it’s because we are the most outspoken and only
> > verified no-log VPN provider.
>
> That's quite bad. Luckily, they take security seriously:
>
> > Luckily, since we do not log any traffic or session data, period, no
> > data has been compromised. Our users are, and will always be, private
> > and secure.
> >
> > Upon learning of the above, we immediately discontinued our Russian
> > gateways and will no longer be doing business in the region.
> >
> > To make it clear, the privacy and security of our users is our number
> > one priority. For preventative reasons, we are rotating all of our
> > certificates. Furthermore, we’re updating our client applications with
> > improved security measures to mitigate circumstances like this in the
> > future, on top of what is already in place. In addition, our manual
> > configurations now support the strongest new encryption algorithms
> > including AES-256, SHA-256, and RSA-4096.
>
> I'm worried they only noticed (and reacted quickly) *because* they take
> security seriously. What about other services?
>
> --
> Chris Irwin
>
> email:   chris at chrisirwin.ca
>  xmpp:   chris at chrisirwin.ca
>   web: https://chrisirwin.ca
>
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20160711/99d35476/attachment.htm>


More information about the kwlug-disc mailing list