There should be a way to encrypt things when the server is off and then have a Killswitch for situations like this. Idk if it’d be overkill in this case thougj
Luks is a thing. No reason it can’t be done on the server though things like patching won’t be automated.
Kill switch is well, not as easy. But possible.
That said. The government would just lampoon you in the media as some child porn hoster or whatever they want and taint the jury pool. And probably charge you with obstruction and a host of other things if you didn’t decrypt the server.
There is case law where refusing a description password isn’t covered by the 4th or 5th amendment so they could just Guantanamo your ass as pressure.
TL:DR - there’s no established case law that protects you from withholding the encryption key from government and there’s conflicting rulings in the current US districts. In some places you can be held indefinitely. Unsure what occurs if you can’t remember the key though.
- Step 1: Don’t host in the USA
- Step 2: Don’t host in a USA puppet ally
Probably good advice but not exactly relevant. The person was hosting a server in their house and got raided for unrelated reasons and all their electronics were seized. Had they hosted in a data center or at least had off premises back ups, this wouldn’t have happened.
I thought one of the points of the fediverse was to not be centralized in data centers that are more easily controlled. It’s supposedly supposed to be easy and relatively cheap to spin up your own instance on your own hardware. Just outsourcing to a data center I think goes against what the fediverse promised.
Like anything, it’s a trade off. The fact that you can do whatever you want is the good thing. As long as everyone isn’t in the same datacenter, it’s fine. There’s datacenters all over the planet.
If you’re self hosting, you can mitigate the risks by having some kind of contingency plan though. Just having backups in another location would have made it possible to get back up after the interruption. Now, this instance is probably just screwed.
Data centers aren’t inherently bad and neither is self hosting. But there’s different risks that need to be planned for.
If you’re self hosting, you can mitigate the risks by having some kind of contingency plan
Like a degaussing loop hidden in the door frame?
Just having backups in another location would have made it possible to get back up after the interruption
Oh. Not that kind of contingency plan
Is there anything instance owners can do? Are there things you can do with your server to get better security for your users (and yourself)
The US again continuing to flex its muscles that it truly does own and control half the world, as it so affectionately reminds us daily.
It is absolutely hysterical how bad authoritarianism has engulfed all modern governments. This isn’t remotely a left vs right thing or a US thing, almost all modern governments have become this way.
The person referenced in the article was raided for completely unrelated charges. It just happened they took the server and backups as part of the raid. Had they hosted off-site or kept the backups off-site, the damage would have been minimal. This article brings up a good point, but it’s not the nefariousness that the title implies.
Cops took what wasn’t needed and haven’t returned it (that we know of).
I’d say that’s about as nefarious as it gets.
How do we know it wasn’t needed? What were the charges?
Any time they take all electronics, there’s bound to be something there that wasn’t needed. It’s overly broad.
Yeah, because humans can’t just pick up a drive and instantly read every single thing on it. The cops have no idea how many pieces of storage you have or how you organize your files.
How do you know that it was? Were you involved in this case enough to know something the rest of us dont? Or are you just a bystander playing devil’s advocate?
EDIT: since I apparently cant reply to your comment below, you cant just claim that the hardware was involved in a crime by “just asking questions” then accuse me of “stirring up shit” after calling you out on making unsubstantiated claims. If you make a claim it is YOUR job to defend that claim. Not everyone elses’ job to disprove your assertion.
-
I’m not the person you can’t reply to below.
-
I was literally just asking. If the warrant was in relation to a charge that they were hosting CSAM, then yes the seizure of the server would be appropriate.
-
Were you involved in this case enough to know something the rest of us dont?
I could say the same to you. Trying to research it literally only surfaces what the admins of the instance have said. As far as I could tell, they didn’t publish anything concerning what was in the warrant, or any specifics of what crime was being investigated. The most they’ve said is that it’s related to a protest.
Beyond that, it’s basically just standard procedure to seize all or most computers and drives on a warrant since they can’t possibly know exactly which ones do and don’t contain evidence in advance.
So yeah, I’d would say it’s entirely reasonable to question the person calling it “as nefarious as it gets” for more information
Executing a warrant is as nefarious as it gets?