The authorities apparently got tired of asking and just went in themselves.
Canada-based Windscribe, a VPN provider, just said that one of its European servers has been allegedly seized by Dutch authorities without a warrant. According to the company’s post on X, law enforcement said that they will return it to the service provider after they “fully analyze it.” It’s unclear why law enforcement impounded just a single rack from Windscribe’s cabinet, but the VPN provider said that it only uses RAM disk servers, meaning anyone who would look through the installed SSDs would only find a stock Ubuntu install on it, so the servers shouldn’t hold any trackable data.
RAM disks alone will not be enough; the law enforcement can literally freeze the DRAM for forensics.
While it is running or seconds after…
Police have had, since the late 90s I think, the “Hotplug” which is a special battery pack / generators that provide a special power plug where you can gently loosen the existing plug, slide the generator’s plug in place over it, then remove the computer from the main supply while keeping it powered on.
Power plug locks only buy you time or prevent casual mayhem; the police can work around those.
Should build the software so the second it loses internet connection, or its IP address changes, it clears the ram.
Cannot move a server without it losing internet, and even if they find a way around it, it’d still force an IP address change.
The DevOps way is to have them die at regular intervals in addition to other triggers and then rebuild on a regular cadence. Iirc correctly Netflix servers have a 12 hour TTL. Windscribe could easily do a 1-2 hour TTL with matching certs and encryption keys.
Seems trivial to code in a beacon dependency and then embed that beacon in the walls or floor so the police would have to dismantle the entire building before being able to find it and take it along for the ride. Or heck a combination of beacons so the police don’t know how many to look for.
Interesting
https://cdsg.com/products/hotplug-field-kit
I’m intrigued how that would work with some styles of plug that disconnect before coming out of the socket like the uk type-G plugs. Unless they’re not touching the socket itself and connecting somewhere else? I have no idea, i’m not an electrician.
It doesn’t matter for server class hardware, they generally have dual PSUs to ensure they stay up if one of the two lines fails. So unplug one side, plug in your backup/mobile supply, the disconnect everything else and then run away with the blade
oh yes that makes a lot of sense for server stuff. I imagine that may be quite useful for general use & maintenance too.
I’m too caught up thinking of consumer stuff.
This probably works in the UK and US. Rest of Europe, not so much unless you gently strip the cable which is pretty dangerous.
It’s not that dangerous. They make strippers that will only take off the outer insulation, and then you can use vampire taps on the wires.
Or you might be able to pop the case and jump the power on the DC side. You could easily do that on an ATX power supply, but servers are a little more complicated, because hotplug PSUs use wafer connectors instead of molex plugs.
As long as they have no logs the only thing you could get from memory is encryption keys, which can be rotated.