When running a hidden service, obviously hidden so no one can find the true source and IP of the web server because lives may be depended on that, I've heard that the best and safest way is to use a dedicated server computer with two operating systems and the server being inside a virtual machine. So if the web server should get cracked, the cracker will be locked inside the virtual machine and cannot do side-channel attacks or any other clever methods to reveal the true source.
Then I read somewhere that theres even a more secure way, and that is by using two dedicated computers. One computer with the web server running, being connected with a LAN cable to the second computer which works as a firewalled router with Tor running on it with the hidden service keys. Again, if a cracker cracks the server machine, he will be physically trapped inside the server and cannot access the second computer nor the internet directly. What are your opinions on this? What should be done and what should be avoided while setting up such systems? Thank you in advance for help! Kind regards, Hikki. *********************************************************************** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/