# how to secure a hosted server



## PMc (Feb 23, 2021)

It is commonly said, that, if somebody has physical access to a machine, there is no way to hinder them from doing whatever they want. 
Now we have lots of offerings for hosted servers. Some are KVM aka VPS, some are actual metal. All are located and run at some place where the admin will not even have access to - but others do.

So, how do we make this somehow safe?


----------



## eternal_noob (Feb 23, 2021)

If it has a CPU, it has a backdoor. There is no such thing as a secure server.




__





						CPU backdoors
					





					danluu.com


----------



## PMc (Feb 23, 2021)

freebsd_noob said:


> There is no such thing as a secure server.


Well, that's a bit too general for my expectations. Also thats why I pronounced it "_*somehow*_ safe".



freebsd_noob said:


> __
> 
> 
> 
> ...


Oh, that's cool. Thats about how to hack a foundry. (Don't remember having asked for that.)


----------



## eternal_noob (Feb 23, 2021)

Sorry for being offtopic. I just think that trying to secure a server is a hopeless task.


----------



## richardtoohey2 (Feb 23, 2021)

Choose a DC with limited physical access, 24x7 security, cameras etc.  Get your servers racked in locked racks and control who has the keys.  Have cameras 24x7 recording your rack(s).  Choose bare metal over any shared solution.  Or set up your own DC and control physical access.


----------



## zirias@ (Feb 23, 2021)

The only thing I could think of is full disk encryption, cause this is your typical measure to defend against attackers with physical access. But this has drawbacks: you can't store the key there (for obvious reasons), so any booting of the system means a manual task and your hoster must provide you with e.g. a serial console, so you can type in your passphrase to boot. That of course means your hoster could steal your passphrase sniffing on that serial console.

All in all, it probably boils down to: you have to trust someone enough to operate YOUR server, otherwise you have to keep it on your own grounds.


----------



## PMc (Feb 23, 2021)

Thanks, both of you. 



richardtoohey2 said:


> Choose a DC with limited physical access, 24x7 security, cameras etc.  Get your servers racked in locked racks and control who has the keys.  Have cameras 24x7 recording your rack(s).  Choose bare metal over any shared solution.  Or set up your own DC and control physical access.


Okay, thats probably the way when we can attach a price-tag to the data that could be stolen. Because then we can make up a business-case and figure how much we can pay for these approaches. 

I'm now triggering on that "24x7 security": so there will be some guys sitting there and observing 24x7, and there are some other guys who are observed, and, well, I know neither of both parties, even less which of them I might trust more. And there is another thing: if the government tells the first guys (those that do observe) to switch off and hand over the server, then I doubt they would fight, and one might be better off if the other guys (those that are observed) had stolen it beforehand.

Now for the practical part:



Zirias said:


> The only thing I could think of is full disk encryption, cause this is your typical measure to defend against attackers with physical access. But this has drawbacks: you can't store the key there (for obvious reasons), so any booting of the system means a manual task and your hoster must provide you with e.g. a serial console, so you can type in your passphrase to boot. That of course means your hoster could steal your passphrase sniffing on that serial console.
> 
> All in all, it probably boils down to: you have to trust someone enough to operate YOUR server, otherwise you have to keep it on your own grounds.


That's basically the clue I got from various sources:
we would like to have the disk encrypted, but we can obviousely not store the key on the machine (as then anybody could just grab the machine and restart it), and we can also not enter the key from remote (because it could be logged in transit). So this is catch-22, and there is no solution.

The bottomline would be, there is just no security with hosted server.


----------



## richardtoohey2 (Feb 24, 2021)

The bottom line - there is just no security - full stop.

Firmware, drivers, the Bloomberg-alleged secret chips, BMCs and other remote management, CPU micro-code bugs, software bugs, key loggers, software back doors, your ISPs backdoors, all the clever attacks that are allegedly possible (e.g. listening to your key strokes, doing things with your speaker that you cannot hear but transmit information).  And that's before you start installing any programs.

And that's excluding governments, bribeable humans, phishing, etc.

It's about onions and lions.  The onion is the layer-upon-layer of defences you put in place that will deter the casual attack.  The lions is the old thing about you don't need to run faster than the lion - you just need to run faster than the other people - the lion will slow down to eat them.  Make your set-up the least attractive and most difficult to get into and _hopefully_ the attacker will get bored and find an easier target.  But if you are *the* target - they *will* get in.


----------



## drhowarddrfine (Feb 24, 2021)

There's an article from 2016 that states there have been only five server room heists in the previous 10 years. And those were at very large data centers of very large companies. If you choose any decent data center, I doubt you'll have any worry, as if anyone cares about your data versus Bank of America's data.

As far as the government walking in and demanding such things, the same applies. I'm betting the government doesn't care about it either. Reality check for all of us, probably.


----------



## wolffnx (Feb 24, 2021)

PMc said:


> It is commonly said, that, if somebody has physical access to a machine, there is no way to hinder them from doing whatever they want.
> Now we have lots of offerings for hosted servers. Some are KVM aka VPS, some are actual metal. All are located and run at some place where the admin will not even have access to - but others do.
> 
> So, how do we make this somehow safe?


firts off all cameras recording 24/7 with the dvr put it in a safe place,
encrypted data (you have to do decrypt everythime that machine uptime)
put the key in a pendrive,plugin when machine  is up and take it off when the maquine if off
even is their stole your harddrive
the wont do anything


----------



## SirDice (Feb 24, 2021)

PMc said:


> I'm now triggering on that "24x7 security": so there will be some guys sitting there and observing 24x7, and there are some other guys who are observed, and, well, I know neither of both parties, even less which of them I might trust more.


Most of the datacenters I've been too had reasonably strict access controls. For a datacenter I go to regularly for a client I have to be 'announced' in advance by my client to be there at a certain date and time. I'm registered with the datacenter, identification, fingerprints and all. Did that once and I have to verify my fingerprint every time I visit. Doors to each room have fingerprint locks. Racks themselves have combination locks (I know the code for the client's racks). There are cameras EVERYWHERE, there's at least a guard at the front desk that will let you in (after processing) and there's usually a few datacenter guys running around (usually only during office hours).


----------



## PMc (Feb 24, 2021)

drhowarddrfine said:


> There's an article from 2016 that states there have been only five server room heists in the previous 10 years. And those were at very large data centers of very large companies. If you choose any decent data center, I doubt you'll have any worry, as if anyone cares about your data versus Bank of America's data.
> 
> As far as the government walking in and demanding such things, the same applies. I'm betting the government doesn't care about it either. Reality check for all of us, probably.


You may still think that way, I don't. 
There is no problem with criminal ops, as they apply to a business-case: there must be something of value to obtain, otherwise they will not bother to engage at all.

Government is different. Government has practically unlimited ressources, and government fears and fights one thing: truth.
Just look what happens to Julian Assange.


----------



## PMc (Feb 24, 2021)

SirDice said:


> Most of the datacenters I've been too had reasonably strict access controls. For a datacenter I go to regularly for a client I have to be 'announced' in advance by my client to be there at a certain date and time. I'm registered with the datacenter, identification, fingerprints and all.


That's when things started to go bad. I loved the old time when datacenter was basically the only room where smoking was allowed and ample beer supply was in the floor.


----------



## SirDice (Feb 24, 2021)

PMc said:


> I loved the old time when datacenter was basically the only room where smoking was allowed and ample beer supply was in the floor.


I remember a story about a server room at one of my old jobs (at least 25 years ago). On some day a manager came in during the night shift and found the mainframe operators smoking weed in the server room. Needless to say they were fired the next day. The Netherlands may be a progressive country with regards to drug usage but you weren't even allowed to smoke in the server room (in the offices this wasn't a problem, this was long before the smoking bans), let alone light up a funky one.


----------



## PMc (Feb 24, 2021)

SirDice said:


> I remember a story about a server room at one of my old jobs (at least 25 years ago). On some day a manager came in during the night shift and found the mainframe operators smoking weed in the server room. Needless to say they were fired the next day.


Oh bad luck. Well, we were consultants, so we were treated as guests, and some people are more equal than other people, so we went to the server room with the server room responsible for a smoke - and the point was, in the other rooms the girls would complain about smoking, but the machine room hat 1) proper air conditioner and 2) normally no girls.  Was some 20 years ago.
(And it didn't harm the shop, they're still stock exchange traded and looking rather well.)


----------



## drhowarddrfine (Feb 24, 2021)

PMc said:


> there must be something of value to obtain, otherwise they will not bother to engage at all.


That's exactly my point. Most of the time, one does not have anything of value to anyone else, or at least they would have difficulty finding a use for it.


----------



## Deleted member 30996 (Feb 24, 2021)

PMc said:


> Government is different. Government has practically unlimited ressources, and government fears and fights one thing: truth.
> Just look what happens to Julian Assange.



The Govt. fears the person that holds that truth and tries to keep it from coming out by shutting up and shutting down that person. 

It doesn't always work out that way and there's always that one chance in a million it blows up in their face and makes matters worse for them. 

That's what they used to call The Booby Prize. It was the Booby who picked the one in a million that blew up in his face.

And that is the Lesson I spoke of. I turned out to be the Booby Prize in this instance.


----------



## ralphbsz (Feb 25, 2021)

PMc said:


> That's when things started to go bad. I loved the old time when datacenter was basically the only room where smoking was allowed and ample beer supply was in the floor.


In the 1970s, colleagues at Stanford used to store cocaine in the "electronics room" (today we would call that the server room). Another person tried to use the large particle accelerator to induce mutations in dope seeds, to make then more potent. Literally put MJ seeds into a particle beam in the vacuum chamber. He was caught by federal law enforcement, and served several years in jail.


----------



## ralphbsz (Feb 25, 2021)

PMc said:


> So, how do we make this somehow safe?


There are a lot of (silly) black and white answers above. But the real world is not black and white, it's complex and colored.

If you have a server that's "hosted" (in whatever fashion, ranging from a short-lived task on a VM somewhere in an AWS data center, to a wire cage with customer-controlled lock in a data center), then the people who have physical control of the infrastructure can, in extreme cases, get control of that server. By the same logic, if your server is connected to any network, than the people who control that network can in theory also do whatever they want to you. If you look only at extreme cases, nothing is safe.

But by the same logic, nothing is safe at other locations either. If you have your server at your house or your business, a burglar can come and steal it. Sure, you could encrypt the disks, but a smart burglar could come and install a listening device on whatever way you enter the decryption password (keyboard or network cable), come back a month later having sniffed the password, and then steal your computer.

In the real world, you have to do tradeoffs. I would say that having your server in a well-managed data center run by  is on average very safe; probably much safer than having it in a badly managed hosted environment, and probably considerably safer than in typical residential environments.


----------



## zirias@ (Feb 25, 2021)

Just adding to the very good answer above, I want to emphasize: The relevant question is "secure from whom?"

Secure from any 3rd party? Then there are hosters employing very effective security measures you probably couldn't afford when hosting yourself.

Secure from the hoster himself? Just impossible. You pay the hoster for operating your server which includes keeping it (physically) secure, and of course, you have to trust them about it.


----------



## PMc (Feb 25, 2021)

ralphbsz said:


> In the 1970s, colleagues at Stanford used to store cocaine in the "electronics room" (today we would call that the server room). Another person tried to use the large particle accelerator to induce mutations in dope seeds, to make then more potent. Literally put MJ seeds into a particle beam in the vacuum chamber. He was caught by federal law enforcement, and served several years in jail.


So much for freedom of science. But more interesting: did it work?


----------



## PMc (Feb 25, 2021)

Zirias said:


> Secure from any 3rd party? Then there are hosters employing very effective security measures you probably couldn't afford when hosting yourself.
> 
> Secure from the hoster himself? Just impossible. You pay the hoster for operating your server which includes keeping it (physically) secure, and of course, you have to trust them about it.


And that's the problem. Usually we not even have an idea who that hoster might be: you rent a server from some provider, then there are subcontractors who run the compute centers, there are other subcontractors who run a support staff (at changing places around the world), and all this is constantly moved to the lowest bidder.

There might be very tight controls about who is allowed to enter a server room, but there are no controls whatsoever about who might just buy one of those companies.


----------



## zirias@ (Feb 25, 2021)

Still it's a simple thing: If you decide to worry more about trusting a company you'll have a contract with than about how well you can provide security and safety yourself (think physical access control, maybe surveillance, maybe redundancy over more than one location, and of course the cost for doing all this), you have your decision: Do it yourself 

It's really coming down to a cake (have, eat) situation  Why would you consider a hoster? Cause it will save you a lot of money for things like mentioned above. And sure there is a price: trust.


----------



## Argentum (Feb 25, 2021)

PMc said:


> There might be very tight controls about who is allowed to enter a server room, but there are no controls whatsoever about who might just buy one of those companies.


Unless you are in North Korea...


----------



## zirias@ (Feb 25, 2021)

Argentum said:


> Unless you are in North Korea...


Maybe a business opportunity for Kim, THE guy you can trust… *scnr*


----------



## PMc (Feb 25, 2021)

Zirias said:


> It's really coming down to a cake (have, eat) situation  Why would you consider a hoster? Cause it will save you a lot of money for things like mentioned above. And sure there is a price: trust.


In the practical case of myself, which brought me to these consideration, the reason is that a dedicated server from a hoster is cheaper than a fixed IP address from the telco.
Consequentially, that server then stands _somewhere_.  Next point, obviousely any disk has to be encrypted - because at some point it will break, and then no longer be accessible, and, unless we can physically destroy it, we just do not know where it may end up.
Then, to enter the password for the disk, there are two options. A) store the encryption key on the disk itself, and B) enter it on the console. A) is blatant bogus, as there is only one disk. And B) doesn't work because there is no console.

So, at that point I created a new solution that does geli-encrypt the disk, neither doing A) nor B). (the solution is to store the geli-key within the geli-encrypted disk.)

And now I am researching on how the professional best-practise industry-accepted solution for the issue would look like. But, as it seems, there is none.


----------



## ScopeDog (Feb 25, 2021)

To secure stored data, we use our own distributed data system. Stealing one physical server won't let the stealer restore the original data. I wish it were open source but not. If a client that is permitted to access all servers is stolen, then the data are stolen though.


----------



## ralphbsz (Feb 25, 2021)

PMc said:


> And that's the problem. Usually we not even have an idea who that hoster might be: you rent a server from some provider, then there are subcontractors who run the compute centers, there are other subcontractors who run a support staff (at changing places around the world), and all this is constantly moved to the lowest bidder.


No. Using a concrete example: You rent CPU capacity or a virtual FreeBSD machine from Amazon (I'm just using them as an example because they're the world's largest hosting/cloud provider, not because I know anything specific about their internals, nor as an endorsement or recommendation). Your contract is with Amazon, not with a subcontractor. Amazon is responsible to make sure only trustworthy people enter the data center. You don't have a contract with the electrical subcontractor, not the security contractor, not even the local fire department (both Amazon and Google have had fires in cloud data centers, I don't know about Microsoft). If someone gets in, that's Amazon's responsibility, and from that viewpoint, the electrical subcontractor will be background checked just as carefully as Amazon employees are.

I've worked for several of the largest computer companies = cloud providers in the world. I've never been inside a data center that contains customer data, and I don't expect I ever will be. Because my job doesn't require me to, and having me inside is an unnecessary security risk. If I walked up to a data center with my employee badge, they would not let me in (and call my manager).

Clearly, you have no idea how actual hosting/cloud companies are run.



> There might be very tight controls about who is allowed to enter a server room, but there are no controls whatsoever about who might just buy one of those companies.


In the (extremely unlikely case) that some other company buys Amazon, you will have ample warning, and you have time to remove your data if you think the future owner won't be trustworthy. If you are not paying attention to financial transactions involving your suppliers, that's your sloppiness.



PMc said:


> Next point, obviousely any disk has to be encrypted - because at some point it will break, and then no longer be accessible, and, unless we can physically destroy it, we just do not know where it may end up.


Firstly, in real-world data centers of virtualized machines (where the physical disk is under control of the hosting company), the disks are usually hardware encrypted, using SED (self encrypting drives). You typically don't even see that, because the hosting company typically provisions your virtual servers with virtual disks: while those may look like SATA or SCSI disks, they are in reality RAIDed arrays of disk drives, typically encrypted, typically including things like snapshots and remote copies.

Second, data center operators tend to not let any hardware out. Ever. Typically, a large data center will have a shredder, and broken or obsolete hardware (not just disks, but whole computers) are run through the shredder and turned into small flakes of metal and plastic. Sometimes, individual data centers are too small to have their own shredders (those are big and expensive machines), in which case dead hardware is collected on site in containers, then shipped under seal to a centralized shredding facility.

This actually leads to some real-world problems with hardware returns. Say that model X of disk drive from manufacturer XYZ (typ. examples: Seagate, WD) has been failing with unusually high frequency at a customer site, like hosting provider ABC (typ. example Amazon). Seagate/WDs testing lab wants to get one of those disks back, to dismantle it and see what went wrong (been there, done that, got the tunneling microscope pictures of the platters back from one of those vendors). But the hosting provider will never let any disk out. What do we do now? We get XYZ and ABC's engineering teams and lawyers into one room, we write down an accurate contract that describes trust and security, we segregate the failed disks out and mark them properly, we ship them under seal from ABC to XYZ, where only trusted employees take them apart, put the platter under a microscope, and then send the pictures to me with their analysis. Real world hardware vendors and cloud companies put a lot of effort into data safety.



> Then, to enter the password for the disk, there are two options. A) store the encryption key on the disk itself, and B) enter it on the console. A) is blatant bogus, as there is only one disk. And B) doesn't work because there is no console.
> 
> So, at that point I created a new solution that does geli-encrypt the disk, neither doing A) nor B). (the solution is to store the geli-key within the geli-encrypted disk.)


No. The solution is to store the encryption key in a secure key server. By its nature, that key server has to be even more secure than the systems that use its keys. There is a whole industry of disk encryption, key distribution, and key storage. I know whole companies that do nothing but this, and I know several people who earn their daily living (and have for 20 years) doing nothing but storage encryption key distribution.



> And now I am researching on how the professional best-practise industry-accepted solution for the issue would look like. But, as it seems, there is none.


Sorry, there are lots of best practices, there are standards, and this is all commonly done. It is not talked about much, and many details are not made public, out of fear of giving too much information to attackers. If you want secure storage, feel free to go to EMC, IBM, HP, Oracle, Hitachi, Google, Amazon or Microsoft, and contract with them. If you insist in thinking that you are smarter than the thousands of people who have designed these systems, and doing it yourself, you will reinvent the wheel, but this time you will get it triangular. I'm sorry to be harsh, but your paranoia and unreasonable dislike of business isn't going to make your data any more secure, on the contrary.


----------



## Mjölnir (Feb 25, 2021)

PMc said:


> [...] So, at that point I created a new solution that does geli-encrypt the disk, neither doing A) nor B). (the solution is to store the geli-key within the geli-encrypted disk.)  And now I am researching on how the professional best-practise industry-accepted solution for the issue would look like. But, as it seems, there is none.


Did you have a look into gbde(4) & gbde(8)?  Maybe somehow related to this topic is that Solaris has _roles_ in it's RBAC implementation; i.e. the _root_ user is a _role_ (there's no _root_ login anymore), that can be taken by all accounts of the _wheel_ group.  All _root_'s activity is all logged & thus it's always clear who did what; this log is write-append-only, i.e. an admin gone wild can not hide what s/he's doing.  You can even configure a 2 out of 3 quorum for certain delicate tasks.  I experimented with that over a decade ago; it worked fine.  I wish we had that on FreeBSD, too.


----------



## PMc (Feb 25, 2021)

ralphbsz said:


> No. Using a concrete example: You rent CPU capacity or a virtual FreeBSD machine from Amazon (I'm just using them as an example because they're the world's largest hosting/cloud provider, not because I know anything specific about their internals, nor as an endorsement or recommendation). Your contract is with Amazon, not with a subcontractor. Amazon is responsible to make sure only trustworthy people enter the data center. You don't have a contract with the electrical subcontractor, not the security contractor, not even the local fire department (both Amazon and Google have had fires in cloud data centers, I don't know about Microsoft). If someone gets in, that's Amazon's responsibility, and from that viewpoint, the electrical subcontractor will be background checked just as carefully as Amazon employees are.


This is all true but it doesn't help in any way. I did work inside the business, and it was the serious part of the business, banking/healthcare/insurance, big corps, and even there things were not perfect - from the impression I get on lowendtalk, usual hosting business is yet a different beast.

Given Your case, and given something bad happens, what could I do? Sue Amazon? That doesn't help, and anyway they have more money for lawyers. 
I've been thru exactly that subcontractor issue in a different matter; check the "priceless-specials mastercard scandal". So now my birthdate de-facto *IS* on sale in the darknet, and all the stupid babble from Mastercard cannot change that anymore.



ralphbsz said:


> I've worked for several of the largest computer companies = cloud providers in the world. I've never been inside a data center that contains customer data, and I don't expect I ever will be. Because my job doesn't require me to, and having me inside is an unnecessary security risk. If I walked up to a data center with my employee badge, they would not let me in (and call my manager).


I did work as consultant for banks, and I could have had access to *everything*, the machines, the security, and the machines monitoring the security (not fully legal, obviousely, but also not easily detectable if it were done properly).
(Indeed, we were among those people who are not allowed to share the same airplane, and I also got my prep-for-evac on the 9/11 happening six hours *before* the case.)

So yes, there is all those security precautions You describe below, and the managers will be happy with them. But then there is the illuminati, and the rules do not apply to them. And I know that because I once happened to be  among the illuminati.



ralphbsz said:


> Clearly, you have no idea how actual hosting/cloud companies are run.


I just need to read lowendtalk to get some idea. But then alright, tell me who You think runs this one:







ralphbsz said:


> No. The solution is to store the encryption key in a secure key server. By its nature, that key server has to be even more secure than the systems that use its keys.


So this would be the industry-approved best-practise solution, and it doesn't solve the issue, it just moves it onwards to another level.


ralphbsz said:


> Sorry, there are lots of best practices, there are standards, and this is all commonly done. It is not talked about much, and many details are not made public, out of fear of giving too much information to attackers. If you want secure storage, feel free to go to EMC, IBM, HP, Oracle, Hitachi, Google, Amazon or Microsoft, and contract with them. If you insist in thinking that you are smarter than the thousands of people who have designed these systems, and doing it yourself, you will reinvent the wheel, but this time you will get it triangular. I'm sorry to be harsh, but your paranoia and unreasonable dislike of business isn't going to make your data any more secure, on the contrary.


No, I'm perfectly happy with the outcome that there is no practical and straight-forward solution, without additional cost, to protect some server rented ad-hoc from whatever shop somewere on the internet.

I do not have the intention to reinvent the wheel, neither to sell or advertise any solution whatsoever - I just do what appears to be necessary.


----------



## zirias@ (Feb 25, 2021)

There's this german "saying"  , I'll leave the translation to anyone interested …

| Das kannste schon so machen …
| aber dann isses halt kacke.

I think IF you have high security needs for a server and decide to fulfill them yourself, there's a high risk this saying will apply to your solution. But hey, you have been warned, in the end, it's your decision


----------



## PMc (Feb 25, 2021)

Zirias said:


> There's this german "saying"  , I'll leave the translation to anyone interested …
> 
> | Das kannste schon so machen …
> | aber dann isses halt kacke.
> ...


I don't consider this helpful. 
If there were a generally accepted path to go, then we could argue if DIY would make any sense in that light. In this case there is none (buying support from EMC/IBM/etc. is not an acceptable path, even more, I happened to work for/with quite a couple of these companies and know their products).


----------



## zirias@ (Feb 25, 2021)

There IS a generally accepted path, and that is, trust the company you'll do business with. Or, of course, put the other way around: do business with a company you trust. Sure, if you find none, you'll have a problem. But you should face the reality: Doing it yourself will be much worse or much more costly.


----------



## PMc (Feb 25, 2021)

Zirias said:


> There IS a generally accepted path, and that is, trust the company you'll do business with. Or, of course, put the other way around: do business with a company you trust. Sure, if you find none, you'll have a problem. But you should face the reality: Doing it yourself will be much worse or much more costly.


Sorry if I fail to understand, but trusting the hoster and NOT encrypting my disk appears to me in no way less costly or less bad than just encrypting my disk.


----------



## Mjölnir (Feb 25, 2021)

ralphbsz said:


> [...] Your contract is with Amazon, not with a subcontractor. Amazon is responsible to make sure only trustworthy people enter the data center. You don't have a contract with the electrical subcontractor, not the security contractor, not even the local fire department [...]. If someone gets in, that's Amazon's responsibility, and from that viewpoint, the electrical subcontractor will be background checked just as carefully as Amazon employees are. [underlining by me]


Contra.  No, usually not (not necessarily).  The whole story about all this sub-sub-sub-contracting is, as you wrote, to ensure _responsibility (in theory)_.  But _in realitas_, it's about how to get rid of responsibility   while retaining a grip on the profit... To rely on the theoretical chain of responsibility, i.e. that the sub-sub-sub-contractor X will perform a background check on the aide of the electrician who repairs the powerline to your server's rack, is not realistic, and reckless.  Yes, when s/th goes bad, you can sue your contractor, who will sue his contractor, who will sue... etc.pp., but your precious data will be gone or compromized or whatever damage you might have.  I remember that a big IT consulting company was renamed after one of their clients went bancrupt after an IT system "upgrade".  Their new name sounds very _accelerating_.


ralphbsz said:


> No. The solution is to store the encryption key in a secure key server. By its nature, that key server has to be even more secure than the systems that use its keys. There is a whole industry of disk encryption, key distribution, and key storage. I know whole companies that do nothing but this, and I know several people who earn their daily living (and have for 20 years) doing nothing but storage encryption key distribution.


Then _Kerberos_ comes to mind as a well-established & mature, proven solution.  Maybe it could be "misused" for this topic.
Zirias _Redewendung_=idiom & _Sprichwort_=proverb


----------



## zirias@ (Feb 25, 2021)

Mjölnir said:


> *Zirias* _Redewendung_=idiom & _Sprichwort_=proverb


And I consider it neither of them, but, well, that's really off-topic now 



Mjölnir said:


> Yes, when s/th goes bad, you can sue your contractor, who will sue his contractor, who will sue... etc.pp., but your precious data will be gone or compromized or whatever damage you might have.


Well, but exactly this scenario is why anyone involved WILL try to avoid that.

You always have to compare. Your single server at a normal building is exposed to much more risks. For my private stuff, this is fine, I have my own server, a RAID with encrypted disks and somewhat regular backups will do. For a business? You want to have redundancy, physical security, and so on. Doing anything that's necessary here yourself will be extremely expensive.


----------



## rootbert (Feb 25, 2021)

security wise it boils down to: (own hardware manufacturer + datacenter) > (own datacenter) > (hired rack in a datacenter) > (bare metal server at a hoster) > (VM at a hoster) > (container at a hoster) > (shared hosting/webspace/accounts)


----------



## PMc (Feb 25, 2021)

Mjölnir said:


> Did you have a look into gbde(4) & gbde(8)?


I did, but that was back in 2009 - and then it did not look very promising, at least for the things I wanted to do back then.
From what I get out of this thread, geli seems to be the more favored solution.


Mjölnir said:


> Then _Kerberos_ comes to mind as a well-established & mature, proven solution.  Maybe it could be "misused" for this topic.


Do You have Kerberos employed somewhere?
I am using it, it is a bit of a difficult beast. It is best suited where you have a homogenous landscape of machines that are all equally secure. When you start to differentiate intranet/perimeter/etc., it gets rather complicated.


----------



## Mjölnir (Feb 25, 2021)

_Security_ mainly boils down to _trust_; but from what has been unveiled of human nature, the latter is at least a complex topic, to say it politely.  A psychologist told me once the most convincing definition: eventually, _trust is a decision you take_.  It has been shown several times that open source systems are inherently safer than closed source systems.  So why should someone rely on e.g. Dell/EMC or _Big Blue_ or whoever else sells closed-source systems?  Nowadays even open source hardware exists.  Hopefully this laptop I'm using right now is the last closed source machine I own.  I do not even have the ME's password, can you beleive that?  That's very frustating, and _coreboot_ or thelike is not certified for this machine.


----------



## Mjölnir (Feb 26, 2021)

PMc said:


> Do You have Kerberos employed somewhere?  I am using it, it is a bit of a difficult beast.  [...]  When you start to differentiate intranet/perimeter/etc., it gets rather complicated.


Maybe that's the means of existence for the key-handling companies that ralphbsz mentioned above?  I.e. eventually their service is to hide the complexity of Kerberos?  Which is perfectly justified, since it saves their clients some good deal of headaches.


----------



## tingo (Feb 27, 2021)

As for the "how do I enter the encryption key when my (remote) server boots and wants to un-encrypt the disks?" question: you configure your server so you have ssh access into the environment where the key needs to be entered, you ssh in, enter the key and the server continues booting.
No, unfortunately, I don't know how to set up this with FreeBSD.


----------



## PMc (Feb 27, 2021)

tingo said:


> As for the "how do I enter the encryption key when my (remote) server boots and wants to un-encrypt the disks?" question: you configure your server so you have ssh access into the environment where the key needs to be entered, you ssh in, enter the key and the server continues booting.
> No, unfortunately, I don't know how to set up this with FreeBSD.


That's fancy.
When the server boots, that means, for *full disk encryption*, in the loader.conf - so one has to add full network capabilities to the loader code, and full sshd support. No way.
The other thing is IPMI. But I have no idea what this can do, I have never accessed it. (I never bothered to access a console of hosted server - I don't need a console to setup a FreeBSD.) I might assume the IPMI can give access to keyboard+screen - but then it is doubtful how that would work with ssh.

The other option is to NOT do full disk encryption. The system can then boot from unencrypted OS installation, bringup a network and sshd, and then receive the key to decrypt the application filesystem. This is doable. It requires a bit of rearranging the rc.d scripts (depending on what exactly is contained in the unencrypted/encrypted disk part), and brings the problem that somebody might tamper with the unencrypted OS installation and drop in some backdoor there.


----------



## Deleted member 30996 (Feb 27, 2021)

Mjölnir said:


> _Security_ mainly boils down to _trust_; but from what has been unveiled of human nature, the latter is at least a complex topic, to say it politely.  A psychologist told me once the most convincing definition: eventually, _trust is a decision you take_.



Not quite to the tune of the Beverly Hillbillies but close enough to the Ozarks where they lived.

*sing*
Let me tell ya'll a story full of dread
Bout snooty people who let schooling
got in college go to their fat heads

They hired a GED guy to do what they said
they thought dumb as a cob and looked cornfed
They looked down their nose at him and smiling said
Here's a floppy for our AppleII sitting there to be fed
never thought he had a chance of one in his head

He never touched one in his life but dummied up
to let them know that he'd rather blowed his head off
That country boy had more smarts than they thunk
and 3 days later had figured out that box, owned it
their printer and data on all floppy entered in his head

His mental health skills they could never hope surpass
make fools of grads a game long his to make time pass.
He was their Superior in every way but thought a fool
The surprise fun in that game setting fire to their ass
A character flaw he saw, owned, overcame, and got past.

That's what can happen and continues to this day
a fire alarm in St. Louie someone might hear Monday
But it won't be my homie tasked to put out a firestorm
It's time set to blaze and only to help keep him warm
*sing*

If that's hard to process and not understandable, it only seems that way. I've told that story before and the rest dues owed the Red Devils Advocate by people of less than Professional Character and devoid of Ethics required of their position.

I'm well equipped for mine and this not my character flaw to own, it's still the same game but one they played on someone with a type of Quantum Entanglement going for him. Not Spooky action at a Distance. Stupid looking at a distance, and far beyond those in sight can perceive it somehow.

It's a blessing and a curse.


----------



## Mjölnir (Feb 27, 2021)

How do the military, top-level governmental & financial institutions etc. handle this issue?  AFAIK they start @ the bottom with a leased line/dedicated wire (you could rent that from your telco some time ago, when I was in the business world).  And the next layers?  FMLU a dedicated wire is not strictly necessary for security, if you use encryption with end point authentication.  It's benefits are predictable latency & bandwidt & decreased attack surface (noone else can (phone) call that number because there is none (but _Obacht!_: s/o inside the telco _can_ do that)).  I dunno if you can still rent a leased line/dedicated wire (the real physical copper wire or optical fibre threads reserved solely for you).  Maybe nowadays, where it's all routed through ATM, that's not necessary anymore, and maybe not even possible.  I remember we had issues concerning analog switches (inside the telco boxes alongside your pavement) on the route of our leased line.  You can make a contract instead that ensures a certain latency & bandwitdh, fine, that's what you want, because you encrypt your traffic anyway, and (as noted above) shows, there is no true benefit in terms of security when using a leased line.
Sorry for the intrications - I tried, but couldn't do better.

Isn't there some secure encrypted OOB mgmt IPMI/BMC/ILO/whatever available?  I can't believe that.  Beeing oldschool, I remember solutions like
`leased line -> modem -> [TA (multiport terminal adapter; cua0....n) -> box in a rack | box]`
In this oldschool example, the critical point is how to _authenticate_ the box's encryption module.  Does geli(8) offer that?  If not, using geli(8) in a remote setup is phony/fake security.


----------



## ralphbsz (Feb 28, 2021)

Mjölnir said:


> How do the military, top-level governmental & financial institutions etc. handle this issue?


Let's look at typical "spooks", meaning government agencies, typically intelligence, law enforcement, and military.

Networking, traditional answer: There are no communication wires going into the data center. None, zip, zilch. Modern answer: the only communications wires going in and out use dedicated circuits that go to other data centers of the same organization, and use very strong hardware encryption on those circuits. For example, all major cloud/hosting providers (those that have more than one data center) encrypt their dedicated circuits that leave buildings, after they found that certain government agencies were wiretapping their circuits (yes, the NSA was spying on the likes of Amazon, Facebook and Google). The big ones in the industry all own their own cables (yes, the likes of Amazon, Google and Microsoft own their own terrestrial and undersea cables). If the site has to be connected to the public network, this will be done with carefully designed firewalls; the slang term for that is "spanning the air gap" (a bridge that goes across the air gap that separates internal and public networks).

Personal communications, traditional answer: while inside the building, nobody will have a cell phone, radio, or camera. The only laptops that can be brought in and out are those where WiFi can be turned off in hardware (many name-brand laptops have switches for that). All communication is via desk phones, usually some encrypted IP phone (they tend to look like Cisco hardware). Modern answer: Agency-issued cell phones can be brought into certain parts of the building, for example conference rooms, but typically not personally owned ones. Typically, there will be sniffers and jammers to prevent communication from happening. Forget Bluetooth and WiFi. And USB sticks are a complete no-no.

Access: At the gate, there is a set of guards. They have assault weapons. They check your credentials, and only let you in if your are authorized to enter. That includes personnel of the organization itself (so for example NSA employees who have a good reason to be in the data center, and 99.5% do not), and a very small set of employees from contractors. Typical contractors would be SRI, IBM, General Dynamics, Oracle, Lockheed-Martin, EMC. The term "contractor" explicitly does not include things like electricians and plumbers, that's handled by in-house staff. Everyone who has access to the building will have government security clearances, even contractors. The organization has its own emergency response systems (fire, internal law enforcement such as military police, ambulances).

Anecdote: My wife has worked at one of those government labs. Her office neighbor (who was quite elderly and of ill health) walked into her office slowly, and said: "I'm sorry to bother you, but I'm feeling very bad, I think I'm having a heart attack, can you please call an ambulance for me." My wife (who is knowledgeable about heart disease) obviously immediately grabbed the phone, and called the emergency number, telling them that someone is having serious heart problems. About half a minute later, she heard heavy steps in the hallway, and outside saw a military-camouflaged  HumVee, and then a half dozen marines with machine guns got into her office. That's the organizations standard response too any emergency. Fortunately, some of them were trained as EMTs (paramedics). Another minute later, an ambulance showed up with sirens, and brought a stretcher into her office. Another minute later, the on-site staff doctor showed up. Her colleague did fine.

In some government sites, visitors who need to be present but have no security clearance can enter certain buildings, but are escorted. At Livermore for example, in certain buildings they are escorted by an armed security guard who brings a colored red light on a small stand with him, which he carries in the hallway, then places in front of whatever room the uncleared visitor is in. I hear that this is a rare occurrence, as these facilities typical have a "visitor center" near the entrance where non-cleared people can have meetings. Been there, done that. For example, the NSA today has a publicly accessible museum and gift shop (yes, random people without security clearance can buy a coffee mug or sweatshirt that says "National Security Agency", a few friends of mine have those). In the old days, the bigger vendors had their own secure rooms in these facilities. For example in mainframe days, a typical data center would have a little office for IBM personnel, where they could hang out, drink coffee, and store tools and frequently used field service parts.

In some installations (typically military intelligence), all people in the building are armed. Meaning a typical "sys admin" (today's term for that job description is "SRE") will have an assault weapon. For a military site, that makes some sort of sense: their intelligence data processing would be among the places at the highest risk for being attacked. Yes, I've been in (phone- and video-) meetings with people who are all in green uniforms, all armed, and all use assumed names, typical by alphabet in order they go around the table. We all laugh about that, when people get confused: "As my colleague Fred just said ... oops sorry, as my colleague Charlie just said, I got confused because he was Fred in yesterday's meeting ...".

Hardware: Only hardware that has been ordered and vetted can enter the building. I've heard horror stories about field service spare parts being delayed by days (while systems are down), because they need to be shipped to a receiving organization in a non-secure facility (where UPS and FedEx drivers can enter), then checked that they are the real thing, then internally shipped to the data center.

How does technical support work? Typically suppliers of hardware and software have a small set of field service people who are security cleared, and can work on the hardware. There are always protocols to be followed: Do not look at actual user data, do not communicate about the size, design or content of the system with your colleagues, do not take photographs, only take handwritten notes, and all handwritten notes need to be checked by a censorship organization before leaving the building. Typically systems are compartimentalized: The service person from IBM looking at servers obviously is not allowed to get near the Cisco networking hardware, and vice versa. Debugging under these circumstances is ... difficult.

Typically, no hardware ever leaves the building. Typically, sites have shredders, and hardware that is obsolete or broken is run through the shredder, and not sold used or returned to the vendor. If hardware has to leave to be diagnosed off-site (for example a disk platter needs to be put under a scanning tunneling microscope to see why so many read errors happened), special protocols are put in place (like a few engineers at the vendor will be specially security cleared). Some sites insist on all persistent storage devices (disks, flash) also implementing hardware encryption (SED or FIPS-140), although that's not actually very common.

By the way, most of the the large vendors of cloud and hosting services work pretty much the same way, except typically not with soldiers as security guards, and typically using subcontractors for things like plumbing and electrical work. This does not apply to small banks or small medical services though, they don't have the scale to be secure.

And just to be clear: I've never had a security clearance, I've never been in a production data center, but I've worked closely with folks who do this kind of stuff. For example being on the phone with them to help, while they're in a conference room with agency staff and a censorship person.

Final anecdote: In a previous job, we had a meeting (at my company's office) with a senior staff member from one of those agencies. Very smart, friendly, and intelligent person. He was kind enough to give me his business card, and it said something like "Government of Elbonia, Central Security Agency, Dr. Adam Bob, Strategic IT design planning", with the flag of Elbonia in the corner. But it had no address, phone number, e-mail, or fax!


----------



## Mjölnir (Feb 28, 2021)

Great.  Very anecdotal, nice to read, etc.pp.  I like this kind of stories.  Can you also supply a story like that, which explains _how to turn an anecdotal, nice to read story into a concrete answer to any of the concrete questions_ above?
This is of course nonsense, but I let it stand there strikethrough so that it's clear what I wrote...


----------



## Deleted member 30996 (Feb 28, 2021)

ralphbsz has copious credible credentials to back up everything he talks about, exceeding excellence in essential experience and always knows what he's talking about.

I would not think to question his knowledge of or experience in anything he spoke of if it were me. 

But your experiences not mine and my experiences not his. My experiences differ greatly and why our posts related to his are diametrically opposed.

I know from my perspective there is no need to. You are left wondering what comes from his perspective has beans to do with the frijoles you ordered.


----------



## Mjölnir (Feb 28, 2021)

MSG(_intended_) -> SENDER -> MSG(_word-by-word_) ->RCPT -> MSG(_understood_)
Usually:             _intended_ ≆ _understood_ (approximately but not actually equal to)
But sometimes: _intended_ ≇ _understood_ (neither approximately nor actually equal to)

ralphbsz, I'm sorry, I discovered that this is a bad misunderstanding...  I asked for _"other next levels"_, to which you answered in great detail; just to receive my offhand reply...  I was _thinking_ about how  a remote admin can be sure that the path from the receipient s/he's typing the password or keyphrase to (e.g. sshd(8)), to the geli(8) that receives this secret, is secure.
EDIT And how s/he can authenticate that geli(8); an attacker could have exchanged the disk with a fake device.  Since it's remote, the admin can not see that./EDIT
Of course we know I neither wrote that, nor anything near it.  That's clearly my fault, please accept my honest apologies.

Thank you in advance, you're very generous.


----------



## ralphbsz (Feb 28, 2021)

Mjölnir said:


> I was _thinking_ about how  a remote admin can be sure that the path from the receipient s/he's typing the password or keyphrase to (e.g. sshd(8)), to the geli(8) that receives this secret, is secure.


And the answer to this is: This depends on the design of the hosting site. Let's try to solve an easier problem first: small customer hosting just a few machines from a commercial hosting provider, again encrypted file system, at boot the file system needs to be unlocked, but instead of doing that with a passphrase coming from a human outside the data center, we'll use a key server that's inside the data center. To be reasonably certain that the key server and the networking within the data center are secure, we need to be able to trust the people who designed and implemented those. Most likely, we won't be able to audit and verify the design, since they will be kept secret for security reasons. Even when communicating with really large customers (those that spend a billion per year on computing services), hosting/cloud companies will probably not talk about all technical details. So all that's left is trust: you look at the provider, see how many security incidents they have had, look at their general stance and attitude towards details and being careful.

Adding having to enter the passphrase via a networking connection from the outside makes the problem much harder, since now the whole network path from one's home machine (where the passphrase is typed in) to the server has to be considered. Usually, we assume ssh login (and in general SSL-protected TCP/IP connections) to be secure enough, but there are lots of difficult details there, such as authentication of the endpoints. Another issue is exact boot order: what is running on the machine before the file system is unlocked?

Here is what I would do if I wanted to host a (virtual) machine at a hosting provider (which I actually do): read their documentation for how data is stored on their systems, understand how they encrypt internally, and then either use their default configuration, or not use hosted machines at all. If you can't trust the provider enough to create a reasonably secure encrypted storage solution, you can't trust them with other stuff either.


----------



## Jose (Feb 28, 2021)

What I do is keep the storage at home. My virtual servers have no state, they're basically just public IPs that handle incoming connections and send data back to my home machines over an encrypted tunnel. Sure the data in-flight can still be compromised, but this approach minimizes the exposure.

There are severe disadvantages to this scheme, though. Power outages at your home are annoying. A fire or natural disaster would be fatal.

Thanks to the insane third-party doctrine in US law, however, anything you keep stored in a provider's systems for more than three months is accessible without a warrant. I figure having to get an search warrant for a private home is a somewhat higher burden, but I may be naive.


----------



## eternal_noob (Feb 28, 2021)

Jose said:


> I figure having to get an search warrant for a private home is a somewhat higher burden, but I may be naive.


Snowden taught us that intelligence agencies don't need a search warrant. They are above the law.


----------



## Jose (Feb 28, 2021)

freebsd_noob said:


> Snowden taught us that intelligence agencies don't need a search warrant. They are above the law.


I figure there's precious little I can do if an intelligence agency really wants my old emails. What I'm worried about are career-oriented district attorneys looking to make a name for themselves by persecuting whatever the pariah du jour is.

Yes, that's paranoid. It comes from having been an outsider, an "other" most of my life.


----------



## eternal_noob (Feb 28, 2021)

"Just because you're paranoid doesn't mean they aren't after you."
-- Kurt Cobain


----------



## ralphbsz (Feb 28, 2021)

Jose said:


> What I do is keep the storage at home. ...
> 
> There are severe disadvantages to this scheme, though.


And: Do you really believe that you are better at securing your data against snooping than the big hosting providers, who have teams (sometimes of thousands of people) working on nothing but data safety (both engineers and lawyers)?

If that career-oriented DA that you mentioned orders his sheriff investigator to snoop your home WiFi, they're more likely to get some information, compared to your data being stored in a giant warehouse with metal walls that is carefully designed to only have encrypted connections in and out. Or if that DA sends some officers with a warrant to search for "all pictures of ..." at your house, you won't be able to stop them from taking your server, since you don't have either the physical power nor the money for lawyers that's required to stop them. On the other hand, if that DA sends the same officers to a big cloud company, the cops will sit in the lobby, and then will be sent home while the cloud company lawyers fight the subpoena for you. Look sometime at how much effort big hosting companies spend on fighting warrants and subpoenas.

And this is not a hypothetical scenario. I am involved in local political campaigning, and my ISP once received a takedown and discovery order from the lawyers for another candidate that I was campaigning against. They spend a few days looking at that takedown order and didn't hand any data over, they consulted with my attorney, and then they decided to refuse the order. Admittedly, this is not as bad as a criminal warrant, but it reinforces my conviction that I picked the correct ISP, namely one that stands behind its customers.

I think the underlying problem really ends up one of some people having ideological blinders. There are lots of people (some on this forum) who believe that all government and business is always evil. It is out to screw you and nothing else. In their mind, government and big business has no interest in self-preservation, and is only destructive, and un-ethical. If you start making decisions about where to place your IT workload based on that world view, you end up deciding that you need to have full control of your assets. I think that this world view is not only paranoid, it is also psychotic, and simply doesn't match the real world. Other people are free to disagree.


----------



## Mjölnir (Feb 28, 2021)

ralphbsz said:


> And: Do you really believe that you are better at securing your data against snooping than the big hosting providers, who have teams (sometimes of thousands of people) working on nothing but data safety (both engineers and lawyers)?


1. This holds true until you become a competitor to your hoster.  This is not a minor topic, because all the major cloud hosting providers are not just pure IT service providers, but have spread their commercial activities widely over many other markets.  Giggle & M$ have been sentenced quite often by the US & EU for putting unfair hurdles onto their competitors.

2. Concerning the degree of expertise of these network & security teams: please comment on the various well known data leaks, e.g. from FreezeBook leaking user data.  If they can't secure their own systems, why should I trust them they can secure mine?


ralphbsz said:


> think the underlying problem really ends up one of some people having ideological blinders. There are lots of people (some on this forum) who believe that all government and business is always evil.


Yes.  Ask a mathematician: -infinity ≃ +infinity.  Mathematicians & such scientific folk should be the only ones allowed to use _total_ terms like _all, every, always, ever, ..._  Applied to real world contexts, these are _always_ problematic 


ralphbsz said:


> If you start making decisions about where to place your IT workload based on that world view, you end up deciding that you need to have full control of your assets. I think that this world view is not only paranoid, it is also psychotic, and simply doesn't match the real world. Other people are free to disagree.


Yes, in part, like outlined above.  I couldn't think an organisation like WikiLeaks should trust those of whom they could potentionally leak embarrassing information.

Besides all that, because you agreed to me that security mainly boils down to _trust_: where's the open source in the big data center scenarios you outlined above?  Why should I trust s/o who in return does not transparently show me his measures to enforce security?  You wrote these are secret for security reasons.  Well, that's a pretty subtle & funny contradiction.

Security is mainly a fiction; but without transparency & open source it is impossible.


----------



## PMc (Mar 1, 2021)

ralphbsz said:


> I think the underlying problem really ends up one of some people having ideological blinders. There are lots of people (some on this forum) who believe that all government and business is always evil. It is out to screw you and nothing else. In their mind, government and big business has no interest in self-preservation, and is only destructive, and un-ethical.


Contra. They absolutely have an interest in self-preservation.
Robert A. Wilson wrote in one of his novels, the borders between the European states are simply the points where two rivaling bands of robbers became too tired to continue fighting.

And this is the point that needs to be understood: there is no difference whatsoever between a government and organized crime. They certainly have an interest in self-preservation, just like the mafia has as well. They are not destructive for it's own end, but they will do any- and everything, and break any law, for their own advantage, if only they can get thru with it. 
And it is entirely up to you if you want to consider such a scheme as evil and un-ethical. (It usually depends on how much one benefits from the gang one is associated with).

So, if you do things that are in the interest of your government, your data is probably safe at the hoster. But if you prefer to talk e.g. about the murders your government has commited -  well, then things might look a bit different.


----------



## Deleted member 30996 (Mar 1, 2021)

ralphbsz said:


> I think the underlying problem really ends up one of some people having ideological blinders. There are lots of people (some on this forum) who believe that all government and business is always evil. It is out to screw you and nothing else. In their mind, government and big business has no interest in self-preservation, and is only destructive, and un-ethical. If you start making decisions about where to place your IT workload based on that world view, you end up deciding that you need to have full control of your assets. I think that this world view is not only paranoid, it is also psychotic, and simply doesn't match the real world. Other people are free to disagree.



I never had anything on my sites that wasn't freely available as information provided or put there for the purpose of free download. I'm in the red for what little paid hosting I've had, don't want anyone to click me, hate ads on free sites because it ruins my markup. Awardspace free sites don't have ads and their paid hosting services kept me happy.

I am not of the mind that all Govt. is evil and what goes on at the Corporate level of big business not of concern unless it concerns me on a personal level adversely. 

However, people hold office and positions in high places. I was surprised at the character, or lack of it, of the people who held position in more than one U.S. Govt Federal Agency. I don't know what employment agency they hire from on a Federal Level but they must all come from the same one and you must not have to be too smart to work for one. My guess is the cutoff line less than 3 numbers in I.Q. 100 I.Q. and it's Federal Agency Employee for you.

The striking difference in how State Agencies Rules and Regs were like the Word from above and something adhered to or suffer the consequences that Sin imposed upon you.

That's what I expected from Federal Agencies and those under them at a local level when moving into public housing 13 years ago. I could not believe how little Federal Regs were given consideration or followed on either level. Shocked might convey my reaction to the less than ethical conduct in some areas of importance.

These people needed rules to follow because they were devoid in the areas of critical thought, logic, ability to follow their own standards of ethics, lousy liars and no thought of consequences to any behavior no matter how long it had gone on or how sloppy the job they had done at it as failures in following their own Regs.

You do always know what you're talking about and your wealth of experience not mine. But my experiences in this area not yours or anything you would expect as Standard Procedure.  I would never assme there was anything you could learn from me, and I'm sorry it has to be this, but I wouldn't make a statement like that if I couldn't back it up with proof in the form of documentation now held on this laptop and pleasure in knowing of things to come that will make the case for me, because without me there would have been no case.

I don't ask that you give credence to any claims made here, just a day or two wait time granted me so things to come can catch up to things happening in the here and now. I can not predict the amount of noise it will make but the damage has already been done. The consequences of their actions toward someone with an area of expertise of addressing Inappropriate Behavior with consequences in pain equal that of there status and that of mine the only concern ever given.


----------



## Jose (Mar 1, 2021)

ralphbsz said:


> And: Do you really believe that you are better at securing your data against snooping than the big hosting providers, who have teams (sometimes of thousands of people) working on nothing but data safety (both engineers and lawyers)?


And who routinely hand over information to governments all over the world, often without any notice to the affected accounts.








						Google reports all-time high of government data requests
					

In Google's latest transparency report, even more governments want to know what people are doing online.




					www.cnet.com
				





ralphbsz said:


> There are lots of people (some on this forum) who believe that all government and business is always evil. It is out to screw you and nothing else. In their mind, government and big business has no interest in self-preservation, and is only destructive, and un-ethical.


This has certainly been my experience. Corporations aren't strictly evil, but they're organized and optimized to make profits. Too bad if people get hurt in the process.








						PG&E Falsified Gas Pipeline Safety Records, Regulators Say
					

The utility has been under fire for its role in the massive gas pipeline explosion in 2010 in San Bruno, Calif.




					www.npr.org
				




Governments, on the other hand, do often behave like criminal gangs, as Pmc says.








						Federal Judge Declares ‘Policing for Profit’ Unconstitutional | News & Commentary | American Civil Liberties Union
					





					www.aclu.org
				




I'm glad the ISPs and governments are so enlightened where you live. That is certainly not the case for me.


----------



## ralphbsz (Mar 1, 2021)

Mjölnir said:


> please comment on the various well known data leaks, e.g. from FreezeBook leaking user data.


First: Facebook is not a cloud or hosting company. They don't sell IT services to others. They leaked internal data. I think in their particular case, it wasn't even them, but they were dumb enough to hand internal data to associates (such as Cambridge Analytica) that on second thought are not trustworthy.

But that being as it may: Are the big companies (even IBM, EMC, Oracle, HP, and then SRI, Northrup-Grumman or Lockheed-Martin) perfect? No. Are they on average much better than someone rolling their own? Yes, leagues better. Look at all the data leaked by small hospitals, credit card processing companies, banks and so on.



> I couldn't think an organisation like WikiLeaks should trust those of whom they could potentionally leak embarrassing information.


Wikileaks is a special case, because their enemy is not regular hackers who steal data for profit, not even law enforcement agencies, but the intelligence agencies of not just one country, but of many. Wikileaks needs just about the best security imaginable; for them, using cloud or hosting companies is clearly not an option. Matter-of-fact, they should probably not use any normal computing infrastructure, since the people involved certainly have their cell phones and laptops bugged.



> where's the open source in the big data center scenarios you outlined above?  Why should I trust s/o who in return does not transparently show me his measures to enforce security?


Have you read the source code of the Linux software stack, in particular the TCP/IP part, in particular SSL and authentication, line by line? Ha ha, nor have I. Do you trust the people who have read it? Ha ha, nor do I. Open source does not guarantee safety. It just changes the way of thinking about software security. As a matter of record, many super-secure organizations use Linux (and other FOSS software). They trust them roughly as much as they trust IBM AIX and Cisco IOS ... which is not much. FOSS has advantages (the many eyes), and disadvantages (less controlled development process, developers are not background checked). It is not a panacea.

Imagine my house were a secure facility. Would I publicly post the blueprint for the fences? Would I post the shift schedule for the security guards? Hell no. Why not? I don't want a potential attacker looking at it, and say "The north side looks very well protected with razor wire, but on the southwest corner, the fence is only 5 feet high, there is tall grass there, and a small ridge we can jump off from, let's get over the fence there". Similarly, I don't want them to say "Oh, every Saturday morning at 3am, Adam's shift ends early, and Bob comes on shift, but we know that Bob is a drunkard and always goes to the bar Friday night (in German one would call it Stammtisch), so let's send someone to the bar to buy a few rounds (ein paar Runden spendieren), and then Saturday morning Bob is guaranteed to fall asleep while guarding the gate". Again, openness does not help security in all cases.



> Security is mainly a fiction; but without transparency & open source it is impossible.


No, in some (many?) cases, secrecy enhances security. Not always, and in some cases secrecy hurts security. And in many cases, secrecy is mistaken for security: security through obscurity typically does not work. Not telling anyone how high exactly my fence is and where it runs is not sufficient; I also need to build a very sturdy and tall fence.


----------



## ralphbsz (Mar 1, 2021)

Jose said:


> And who routinely hand over information to governments all over the world, often without any notice to the affected accounts.


Yes, but if you read the report, you see that (a) they published the number of requests, and (b) they were able to deny 35% of the requests. So it is also true that they routinely refuse to hand over information.



> I'm glad the ISPs and governments are so enlightened where you live. That is certainly not the case for me.


I put some effort in picking the right ISP for my personal e-mail and web hosting. One where I can be quite certain that they are trustworthy, and will stand behind me as much as possible. As I said above, they spend a few hours of their lawyer's time to protect me once; pretty good for a $10/month customer.

My local government ... the less that's said about that the better. Their only saving grace is that they are just too incompetent to be consistently evil. And usually, if they do something really dumb, I can get them straightened out using lawyers, but that's an expensive game.


----------



## Deleted member 30996 (Mar 1, 2021)

ralphbsz said:


> My local government ... the less that's said about that the better. Their only saving grace is that they are just too incompetent to be consistently evil. And usually, if they do something really dumb, I can get them straightened out using lawyers, but that's an expensive game.


Lawyers are what they are used to dealing with and they have a legal branch, too.
I'm far worse than any lawyer. I don't play their game and took it online where their rules are not in play and they lost any advantage they had.

They didn't follow their own rules when they were dealing from under the deck and thought I was beaten too badly to ever play again. That's when I went off the rails and the "train kept a rollin' all night long" and never stopped. Only paused, waiting for a plane to land.

It's a surprise visit for them. One long overdue for me and the wait only made it worse on them than before.

You haven't seen incompetence like this in your life. Or the sheer audacity of thinking this was the best action to take or start to pass the smell test. They are such rotten planners, pathetic liars and not cut out for this type of activity.


----------



## Mjölnir (Mar 1, 2021)

ralphbsz, since you didn't comment on my argument that the major hosting providers are not pure IT service providers, but have much broader commercial concerns that may conflict with those of their clients, can I conclude that you agree to this and that it's a critical point?

[slightly OT in case anyone wants to research on this] On that item to carefully choose a service provider, see this thread concerning e-mail+ (cloud space).  The two mentioned companies reside here in Berlin, Germany; Posteo claims to not even have a DB of their customers' names & adresses.


PMc said:


> Contra. They absolutely have an interest in self-preservation.


You're actually agreeing to what ralphbsz wrote.  With all respect - you're jumping in on keywords like a bull on a red flag...


PMc said:


> And this is the point that needs to be understood: there is no difference whatsoever between a government and organized crime.


This may be true for some (at least @their top), but certainly not for all.  Step aside for a moment & carefully review some comments of e.g. Jose.  Governments are complex organisations; since they're run by humans, it's clear human misbehaviour results in bad actions of _any_ government.  But that doesn't mean the whole government is a criminal organisation per se.  Even if I try hard, I can't see that e.g. the employees of e.g. the Dept. of Education of a otherwise out-and-out corrupt government are criminals or commit criminal acts frequently.


PMc said:


> They certainly have an interest in self-preservation, just like the mafia has as well. They are not destructive for it's own end, but they will do any- and everything, and break any law, for their own advantage, if only they can get thru with it.
> And it is entirely up to you if you want to consider such a scheme as evil and un-ethical. (It usually depends on how much one benefits from the gang one is associated with).
> 
> So, if you do things that are in the interest of your government, your data is probably safe at the hoster. But if you prefer to talk e.g. about the murders your government has commited -  well, then things might look a bit different.


Sorry, but all this is over-simplified biased _crackerbarrel gossip_ on a much more complex topic (_"Stammtisch-Gerede"_).  Period.


----------



## zirias@ (Mar 1, 2021)

As this discussion seems to go on although there is a definitive conclusion, let me add the following questions:

Why do you trust your baker not to sell you poisoned bread?
Why don't you bake your own bread?

Sure, some will answer "What, I DO bake my own", and that's fine. But maybe you get the point


----------



## Mjölnir (Mar 1, 2021)

Zirias said:


> As this discussion seems to go on although there is a definitive conclusion, [...]


Please sum up this definitive conclusion.  To me it's not at all clear.


----------



## zirias@ (Mar 1, 2021)

Mjölnir said:


> Please sum up this definitive conclusion. To me it's not at all clear.


Well, simple as that: if you decide to host a server at a company, you need to trust this company. There's no way around (see what was discussed, hehe).

edit: to get a BIT more into detail, the most promising "solution" would be (of course) disk encryption, but then your way to provide the key from remote is your attack vector.


----------



## PMc (Mar 1, 2021)

Mjölnir said:


> > You're actually agreeing to what ralphbsz wrote.


Why shouldn't I? Are we high-school cliques where one must not agree to the other clique?



Mjölnir said:


> This may be true for some (at least @their top), but certainly not for all.  Step aside for a moment & carefully review some comments of e.g. Jose.


I don't care if it's "true", only if it's a proper systemic description that suits as a working pragma to predict future happenings.



Mjölnir said:


> Governments are complex organisations;


I've heard that before, it is a short-term for "_you must not say that the emperor is naked_".

"it's all very complex" translates to "do not state any truth". This usually goes alongside with "there are many individuals, and you cannot know that this is true for all of them". 
Both are typical destructive patterns common in socialist arguing, intending not to further knowledge of a matter, but instead to keep anybody from getting a clear view of the situation. 
The purpose of this is that socialist ideology (feudal, national and international factions alike) is essentially totalitarism and demands hegemony on opinion (aka "newspeak").



Mjölnir said:


> since they're run by humans, it's clear human misbehaviour results in bad actions of _any_ government.


I perceive a government as a systemic entity of it's own, with it's own _genius loci_ (aka 'corporate identity') and working principles. Humans will adapt to that. (Nobody ever makes a political career unless they work hard on developing their own corrupt and malevolent abilities.)



Mjölnir said:


> But that doesn't mean the whole government is a criminal organisation per se.


That is not what I said. I said there is no difference - and in fact nobody yet was able to come up with any.



Mjölnir said:


> Even if I try hard, I can't see that e.g. the employees of e.g. the Dept. of Education of a otherwise out-and-out corrupt government are criminals or commit criminal acts frequently.


Try harder. I did my experiments: I grabbed one of those "grassroots political activists" who would always argue about the evil capitalist government and the virtues of communism etc.etc. - and I put that guy into a position where he could execute power over others. And he immediately developed to be the perfect fascist. 
This works exactly as described in Orwell's "Animal Farm", and you can execute it anytime anywhere.


----------



## PMc (Mar 1, 2021)

Zirias said:


> Why do you trust your baker not to sell you poisoned bread?


Because I am not the pope.


----------



## PMc (Mar 1, 2021)

Zirias said:


> edit: to get a BIT more into detail, the most promising "solution" would be (of course) disk encryption, but then your way to provide the key from remote is your attack vector.


Well then, why don't we just _not_ provide the key from remote?


----------



## Jose (Mar 1, 2021)

ralphbsz said:


> My local government ... the less that's said about that the better. Their only saving grace is that they are just too incompetent to be consistently evil. And usually, if they do something really dumb, I can get them straightened out using lawyers, but that's an expensive game.


This is all too true. Often what saves us is that those who are truly evil are also incompetent and stupid. Unfortunately this is not always the case. Reminds of the crack that democracy is the worst form of government ever invented except for all the other forms of government we've tried. There's a hard kernel of truth in that dark humour.


----------



## Mjölnir (Mar 1, 2021)

PMc said:


> Why shouldn't I? Are we high-school cliques where one must not agree to the other clique?


Of course not, but you prefixed _"Contra"_, followed by an agreement...


PMc said:


> "it's all very complex" translates to "do not state any truth". This usually goes alongside with "there are many individuals, and you cannot know that this is true for all of them".
> Both are typical destructive patterns common in socialist arguing, intending not to further knowledge of a matter, but instead to keep anybody from getting a clear view of the situation.
> The purpose of this is that socialist ideology (feudal, national and international factions alike) is essentially totalitarism and demands hegemony on opinion (aka "newspeak").


Not at all.  It's the invitation to consider applying differentiating views whenever a total term appears in one's arguments.  Yes, we can not abandon these terms from our language, but in this special case I'm getting suspicious when someone calls all governments "criminal organisations" per se.  You may want to think about what several governent do in a positive way.  Of course you can then apply "That's to keep their subjects quite", but that's beyond the level where I want to participate in a discussion.

May I kindly ask you to check that this is normal human behaviour: to press all information into one's existant thinking schema / view of how the world is.  If it doesn't fit easily & is contrary to what you believe is true, it _must be_ fake and/or a trap or such.


PMc said:


> I perceive a government as a systemic entity of it's own, with it's own _genius loci_ (aka 'corporate identity') and working principles. Humans will adapt to that.


Yes, agreed.


PMc said:


> (Nobody ever makes a political career unless they work hard on developing their own corrupt and malevolent abilities.)


Maybe.  I don't know each & every politician (not many at all).  Some l feel are integer persons, no matter wether they're in "my" political camp or not.  E.g. that guy in my signature.


PMc said:


> Try harder. I did my experiments: I grabbed one of those "grassroots political activists" who would always argue about the evil capitalist government and the virtues of communism etc.etc. - and I put that guy into a position where he could execute power over others. And he immediately developed to be the perfect fascist.
> This works exactly as described in Orwell's "Animal Farm", and you can execute it anytime anywhere.


That's why democracies have tried to establish _"checks & balances"._  Naturally, power needs controlling instances to prevent that.  I don't say it works flawlessly, but IMHO there're enough examples where it has proven to be a useful setup.


----------



## PMc (Mar 1, 2021)

Mjölnir said:


> Of course not, but you prefixed _"Contra"_, followed by an agreement...


Ups. Maybe I got something wrong (I had 39.2 fever yesterday evening).



Mjölnir said:


> Not at all.  It's the invitation to consider applying differentiating views whenever a total term appears in one's arguments.  Yes, we can not abandon these terms from our language, but in this special case I'm getting suspicious when someone calls all governments "criminal organisations" per se.


Which I didn't. I said there is no fundamental difference to be found in the working principles, only moral statements of which is "good" and "bad".


Mjölnir said:


> You may want to think about what several governent do in a positive way.  Of course you can then apply "That's to keep their subjects quite", but that's beyond the level where I want to participate in a discussion.


Not even that - I just had a hard time finding anything positive governments would do. Finally the only thing seemed to be support for free science - but that has been almost abandoned by now.

Obviousely this depends on the idea of man that one has: if one thinks people need a government to tell them what is good for them, then obviousely the government does lots of such. 
But, my idea of man is different: I believe that basically all humans are to be considered equal. And therefore there cannot be anybody else who better knows what's good for you than you yourself do.
And consequentially there is no right for government to treat the people like cattle.

Next-best example: 
With my online bank account, I now have to pay to read my statement, due to data privacy protection (as required by the government). 
Specifically, after I login to my online bank account, I cannot access my statement unless I get a one-time-transaction-id, and this has to be sent per SMS, and obviousely I have to pay for that.
So, since this is to provide data privacy, and since only I can login to my bank account anyway, this procedure suits to protect my bank statement from being accessed by myself (without additional authentication).

And this is only one of thousands of examples, where 1) the government considers the citizens as morons, 2) the government creates regulations to protect the citizens from their own morondom, and 3) the citizens are made to pay for that protection.
Next example: people are now forced to install smoke-detectors in their sleeping-room, and pay for these. No matter if they want them or not.

Certainly, all this would be fine if we were animals kept in a stable. Because then, obviousely, the farmer would be expected to do everything to protect his investment in the stable and the animals.

So, I am asking You: do You indeed consider yourself a piece of cattle, too stupid to know by yourself what is good for you, and therefore in the need to be kept by a government, being not a human person, but just some production goods owned by the government?



Mjölnir said:


> May I kindly ask you to check that this is normal human behaviour: to press all information into one's existant thinking schema / view of how the world is.


Yes, we do training for that. 
It works like that: you decide on a timeframe, say four weeks, and an ideology, say a proselyting christian creationist. Then, for that given timeframe, You try to understand and follow all the arguments of that ideology, and convince everybody that you actually believe in it (for that to succeed you have to indeed believe in it). 
Then, when timeframe is over, you choose another ideology, say, this time, a stalinist. And so on, until you understand how these things happen to work.

This is training like it is done in secret societies, or -to a lesser extent- for psychological warfare.



Mjölnir said:


> Maybe.  I don't know each & every politician (not many at all).  Some l feel are integer persons, no matter wether they're in "my" political camp or not.  E.g. that guy in my signature.


Well, I keep it with Dylan Hunt when he stated _"I trust Tyr to be Tyr"_. 
So, I think there is no absolute quality of being integer or trustworthy - it is all relative, and any person has certain qualities,  and any person's mind will change under certain influences.
But then there is a science of the mind (sadly, only in a rudimentary stage in this current civilisations) that can tell us about these influences.

Furthermore, an absolute quality of integrity is not even needed in anyone, *if* you have developed your own personality. An idol, a perfect leader figure, or such, is only desired by those who did not go the long way to figure out their own qualities and limits and to aquire self-awareness.



Mjölnir said:


> That's why democracies have tried to establish _"checks & balances"._  Naturally, power needs controlling instances to prevent that.  I don't say it works flawlessly, but IMHO there're enough examples where it has proven to be a useful setup.


Yes, checks&balances is the american term. In Germany, where I went to high-school, we were taught that there are three bodies on which democracy is founded, so that the horrors of the nazi-dicatorship should not be possible to repeat. These are the legislation, the administration and the jurisdiction - which are supposed to be independent from each other.

But then, this safety-net has been abandoned for quite a while now, and there is no longer a working separation into three independent bodies. The trick here is to abuse science: formally these three bodies continue to exist, but in practice all three of them have to obey to what is "scientifically true".
The latter can easily be manipulated, because scientists depend on money from the government. Furthermore, lots of so called "social sciences" have been created, and these now demand to produce "truth" that is equally reliable than the findings from hard sciences. Which certainly isn't the case, but can still be used to design governmental decisions.

All this is known for a long time, it was documented already in 1971.


----------



## debguy (Mar 2, 2021)

step 1:  watch modem light.  step 2:  unplug if it lights up.

more and more configuration is needed every day it seems, and the configs are every less likely to be "self conflicting" and overly complex.  dbus is a great example of somethign that "has gone wild" (comes un-configured relatively, needs a big team to configure it).  tcp6 is harder than tcp4 but I won't bother discussing.

you could write a custom app that rules over the PHY before the kernel does, assuming the kernel is secure.  that's about the only way.  even if the kernel wasn't secure it'd work unless your attacker had your compiled address and so on.

your bus is likely not secure (do you have some asian PC board?  or some bus from an HP server system bsd doesn't have drivers for?).  your video hardware is not secure.

"if you mean real security" is what i meant, not including bus and damaged eufi or bios.

why did you want to be secure again?  what is your address?


----------



## debguy (Mar 2, 2021)

"_Security_ mainly boils down to _trust"

well.  people who don't have your trust can control you and also be un-trustworthy.  and still you may have no choice.  that is politics also._


----------



## Mjölnir (Mar 2, 2021)

We're clealy moving OT, so this is my last reply in this direction.  If you want to move on, please open another thread in _Off-Topic_ or PM me.


PMc said:


> Which I didn't. I said there is no fundamental difference to be found in the working principles, only moral statements of which is "good" and "bad".


The difference between "is a criminal organisation" & "like a criminal organisation" is quirky & does not provide any substantial difference in this case.


PMc said:


> Not even that - I just had a hard time finding anything positive governments would do. Finally the only thing seemed to be support for free science - but that has been almost abandoned by now.


 Build & maintain infrastructure for education, traffic & energy, judicature & law enforcement, healthcare, defence, provision & intervention like fire workers & emergency service.  In some countries, add telco to this list.  This list is by far not complete, but this has has evolved to be public will over some centuries.  Even if I try very very hard & really try to take your position seriously, honestly & open minded, I can easily find numerous examples where this added benefits to my life & of others, and I can not see any criminal act in extinguishing a fire or giving 1st aid to a victim of a traffic accident.  I once had to call the police to protect me from my landlord because his sons went into my flat & touched me physically.  They told them "ok guys, there're no witnesses, but now we have an eye on this, so behave well" & I had my peace afterwards.  I don't say there are no criminal policemen, espc. not in, let's say Texas, nevertheless, you got the point.


PMc said:


> Obviousely this depends on the idea of man that one has: if one thinks people need a government to tell them what is good for them, then obviousely the government does lots of such.


See above: it has evolved over time that the people _want_ a government.  If you do not agree to this, you've got a very big problem & should seek psychological assistence.  I do not say this condescending, but I'm serious with this statement.


PMc said:


> But, my idea of man is different: I believe that basically all humans are to be considered equal.


This is complete nonsense.  In contrast, all people are different.  Of course, we share common properties (but to a varying degree).  I do agree to that (in theory) all people are equal before the law.  The fact that this does not hold true _in practice_, does not make your nonsense statement true.  Again, I do not mean this in an elitist fashion.  No matter, let's say how dumb my plumber is, he shall be payed fair & be treated kindly.  And s/he deserves the best FreeBSD s/he can get to run on his/her laptop...


PMc said:


> And therefore there cannot be anybody else who better knows what's good for you than you yourself do.
> And consequentially there is no right for government to treat the people like cattle.


See above.  You can derive any nonsense from a false prerequisite.  Given that the average IQ is only ~104 (!!!) -- that's fairly low -- I'm pretty sure that the average people do _not_ know what's good for them.


PMc said:


> With my online bank account, I now have to pay to read my statement, due to data privacy protection (as required by the government). [...]


It's your free decision to change your bank, e.g. GLS (Germany) or another cooperative bank.  Don't tell me _"but they do not offer a free account, while others do"_.  You get what pay for.  If it's called _free_, usually it's not -- you pay with you data & personal information instead of money.


PMc said:


> And this is only one of thousands of examples, where 1) the government considers the citizens as morons, 2) the government creates regulations to protect the citizens from their own morondom, and 3) the citizens are made to pay for that protection.


See above.  Please try to take my position & follow my arguments.


PMc said:


> Next example: people are now forced to install smoke-detectors in their sleeping-room, and pay for these. No matter if they want them or not.


Yes, please.  I'm not the only one who wants to be alarmed & protected from a fire in his/her neighbours flat.  It is paranoid to see this as _"the government treats me as cattle"_.  And again, have in mind the magic number 104.


PMc said:


> So, I am asking You: do You indeed consider yourself a piece of cattle, too stupid to know by yourself what is good for you, and therefore in the need to be kept by a government, being not a human person, but just some production goods owned by the government?


Suggestive discourse tactics (rethorical question) is considered bas style by the receipient.


PMc said:


> So, I think there is no absolute quality of being integer or trustworthy - it is all relative, and any person has certain qualities,  and any person's mind will change under certain influences.


I appreciate that in principle, you're able to apply differentiating views.


PMc said:


> But then, this safety-net has been abandoned for quite a while now, and there is no longer a working separation into three independent bodies. The trick here is to abuse science: formally these three bodies continue to exist, but in practice all three of them have to obey to what is "scientifically true".


News headline of today: former president of France sentenced to 1 + 2 years probation in captivity due to bribery.  At least this is one example to show we're not living in Armageddon, and France is not a banana republic where a dictator can command the judges to convict his enemies.


PMc said:


> The latter can easily be manipulated, because scientists depend on money from the government.


I agree that this is a very critical & delicate topic.  I'd be glad if stronger measures were in place to protect free & independant science.


PMc said:


> Furthermore, lots of so called "social sciences" have been created, and these now demand to produce "truth" that is equally reliable than the findings from hard sciences. Which certainly isn't the case, but can still be used to design governmental decisions.


Agreed, too.  The so-called social "sciences" should not be called as such, and they should increase their efforts to seek assistance from statisticians & other mathematicians.
Reminder: we're OT see @top.


----------



## Mjölnir (Mar 2, 2021)

Trihexagonal, YMMD.  I already derived from some of your other posts that you are among the brightest minds here; some seem confusing, though, but that might be because we mere mortals can never reach the level of insight that you are blessed with.
Since I can not click 5 times on _Like_, you get them here 5/5: 


Spoiler: @PMc



PMc, please try to convince me that this is not some individuals in the St. Louis HUD voilating their duties, but a systemic offend against Trihexagonal & him "beeing treated as cattle", and that the opportunities he has & took to defend himself are not "checks & balances", but that the DOJ & federal HUD (Washington, DC) chiming in on this case is a false flag operation to "treat him as a moron".  Thx in advance.


----------



## Deleted member 30996 (Mar 3, 2021)

Mjölnir said:


> Trihexagonal, YMMD.  I already derived from some of your other posts that you are among the brightest minds here; some seem confusing, though, but that might be because we mere mortals can never reach the level of insight that you are blessed with.


Sorry to tell you, and not to confuse purposely, but if you read me now as stated you're looking at the Moon reflecting the light of The Sun, it's past Sunset, you never saw it in the sky and can only read posts written by light at High Noon.

What you see now is only the Sun illuminating the Moon. The Moon began waning stage 2-3 years ago and continues waning till it reaches the phase of the New Moon, the sky left dark and all light that remains within totally cloaked in Darkness.


----------

