Hello there, with https://cloud.torproject.org/ actively promoting it, I have been thinking about Tor vs. EC2 for a while.
Since at least Amazon's US datacenters are most certainly under US jurisdiction, it might be possible for LEA to obtain the private keys of EC2 tor nodes. Snapshotting the corresponding EBS volume is trivial (in fact, you can do it yourself from the EC2 console), so unencrypted key files can be easily extracted. You could use some kind of encryption (ecryptfs for your tor home, or even cryptsetup on a second EBS volume) to store your keys, but even then they could possibly be extracted from a dump of the VM's memory (obtained by running xen xm dump-core on the host). Tor people, is there some kind of "automagic family" for EC2 nodes? There's a (current, it seems) list of IP networks available here: https://forums.aws.amazon.com/ann.jspa?annID=1351 Thoughts? Marco _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk