> In regards to people asking for europe based servers: i think you are right > that it wont help against PRISM / NSA activity.
> Still, from a legal point of view, it might be something very different, as > different (european) privacy laws apply, which - depending on a customers use > case - might be important. I think it does matter eventually. For example... If you had separate tahoe procs and ports per customer, and the upstream provider was doing netflow, what would the retention be and who could access it? Ditto for getting on a server to get raw traffic data to see if users are up/downloading? And if the government identifies an object that is shared via a proxy or just by sharing introducer access as 'subversive', what direct or indirect (upstream) access can they get to track IPs that have accessed that introducer or the filecap (if on the machine)? The above are some of the risks of running dedicated nodes per customer, which is the first launch plan for Havenco's LAFS service. Long term we think one path that could help is to specify the infrastructure with a tool like chef/puppet and enable good 3rd party auditing from other trusted groups working in the privacy space to be able to do 3rd party warrant canaries. All that said, we'd be happy to help LA find reasonable collo. Or can collo with us to start, though for the LAFS ecosystem to be strongest long term it probably is best to have diverse businesses that might coopetete but are independent. Avi _______________________________________________ tahoe-dev mailing list tahoe-dev@tahoe-lafs.org https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev
