My storage provider maintains a warrant canary:
My storage provider maintains a warrant canary:
A technical footnote - I use duplicity for encrypted backups on my (personal) rsync.net filesystem:
There's been some rumbling about Tahoe-LAFS integration, which is mildly interesting...
I've had personal and business accounts at rsync.net going back over 5 years.
It's simple, it's straightforward, and it works out of the box with everything I use.
Oh, and there's this:
It's not the cheapest offering, but my employers' account @ 2TB is around 28 cents/GB, per month.
I especially like:
"No form of data or meta-data concerning the behavior of our customers or the contents of their filesystems, or
even the customer data that we hold in our records for billing, will ever be divulged to any law enforcement
officer or agency without order served directly by a US court having jurisdiction. "
"No consumer or personal information about our customers of any kind will be divulged to any party for any reason."
I would like to do business with ISPs that have Warrant Canaries:
Like my offsite backup provider maintains:
However, in absence of this (I realize this is rare) your ISP should at the very least have a stated policy as to how they respond to warrants and "requests".
Turning off an entire block of IP space because some joker calls you on the phone is absolutely terrible. If you continue to do business with "serverloft" you deserve whatever you get.
I don't think FSOSA (free speech or stone age) had this (somewhat middle ground) scenario in mind, but it rhymes quite a bit.
Basically, you can't quash speech unless people can't access laptops and wireless cards. Period. You either go back to the stone age or accept arbitrary, free speech.
But in this case you don't even need to resort to some grassroots, duct-taped together community mesh network - you just need to get one or two abstractions away from the proper "Internet" and you're already there. Which is really great news, actually.
Sonos is the answer. The problem with all of the lower priced squeezebox-style systems is that they save money on components by not having the decoding hardware inside of them. That is the reason that even with a stock-standard samba share, you STILL need to install their "server software" on the system you store your music on.
In reality the "server software" is actually doing some or all of the transcoding of the music format because the units themselves don't have the horsepower to do it.
The sonos systems, OTOH, have the necessary horsepower, so you can just point them at your A/UX based fileserver (or whatever else you want to point them at) and say "just work".
I've had a 5-zone sonos system for 4+ years now and could not be happier.
I guess they are technically not an ISP - they are my online/offsite backup provider
But they have maintained a "warrant canary" for years:
I don't know how effective it would really be if push really came to shove, although it's difficult to imagine a court upholding a LEA coercing them to make public false statements
"the information technologies that are the mainstay of modern society can become its weapons, as well"
is very similar to what is being said in the "Free Speech or Stone Age" meme that has sprung up:
"Once again, the standardization and interoperability of these protocols
that so readily enables anonymous free speech are the same qualities that
make them so valuable to commerce. You cannot restrict access to this
functionality and continue to take part in modern commerce."
(I recommend the entire article that is linked from the blog synopsis...)
I shopped around for a few months for my offsite, online backups, and most providers were adjuncts of larger ISPs, and the backups were generally stored on larger, general purpose servers.
Usually this was in conjunction with all sorts of extra "services" tied to the backup. But the bottom line was, I was storing files on a server that was running imap and pop and PHP and all manner of other services and ports open, etc.
That's a mistake. The backup provider I use now (rsync.net) has three services running (I nmap my target regularly):
- ftp (I don't use it)
No php, no app servers, no mail servers, etc., and when I asked them, they confirmed that their ftpd is just plain old FreeBSD built-in.
Oh, and I encrypt the backups with duplicity, which is absolutely fantastic.
Prior to that bounty, duplicity had not been updated or worked on for a few years, and thanks to the claimant of that bounty, Ken Loafman, there is not only a new, stable version, but a responsive community working on the project.
I use it every day, and now consider it indispensible.
Ocean: A body of water occupying about two-thirds of a world made for man -- who has no gills. -- Ambrose Bierce