[tahoe-dev] Chinese Tahoe-LAFS users found on the Internet

David Triendl david at triendl.name
Wed Sep 1 20:21:04 UTC 2010


Hi,

sorry for posting to such an old thread, but I thought as the person who
currently runs pubgrid.tahoe-lafs.org I might share some insights.

On Wed, Aug 04, 2010 at 10:02:53PM -0700, Zooko O'Whielacronx wrote:
> That server's IP address is 67.23.235.47 . It is operated by David
> "Soultcer" Triendl, a volunteer who contacted the Tahoe-LAFS open
> source software project over the Internet and claimed to be a resident
> of Switzerland and who offered to run some servers and let us use
> them. Nobody that I know of has made any attempt to verify David's
> identity or intentions.
I am actually from Austria, but indeed, nobody has ever asked me for any
identification whatsoever. I could really be a Chinese spy for all you know.
> 
> Also, not to impugn David's system administration skills, but it
> wouldn't be surprising if that server were occasionally vulnerable to
> publicly known remote exploits. Most servers are from time to time.
I consider myself an OK sysadmin, but I believe that if there is enough
incentive for an attacker to get into the system, he will manage to do so.
> 
> David recently confided to me (on unencrypted IRC) that he is engaged
> in an occupation which keeps him away from home for many days at a
> time. If none of the above ideas were sufficient for an adversary to
> gain access to the gateway, then they could probably hire someone to
> visit David's house (or where-ever he keeps that server) and take
> control of it.
The server is a virtual server hosted at Frantech.ca/buyvm.net, so both my VPS
provider and HE.net (datacenter) can see all traffic. Frantech can even see all
data on my server.

tldr: Don't trust me, my admin skills, my server, or my ISP! Run your own node!

Cheers,
David


More information about the tahoe-dev mailing list