Is there anything instance owners can do? Are there things you can do with your server to get better security for your users (and yourself)
There should be a way to encrypt things when the server is off and then have a Killswitch for situations like this. Idk if it’d be overkill in this case thougj
Luks is a thing. No reason it can’t be done on the server though things like patching won’t be automated.
Kill switch is well, not as easy. But possible.
That said. The government would just lampoon you in the media as some child porn hoster or whatever they want and taint the jury pool. And probably charge you with obstruction and a host of other things if you didn’t decrypt the server.
There is case law where refusing a description password isn’t covered by the 4th or 5th amendment so they could just Guantanamo your ass as pressure.
TL:DR - there’s no established case law that protects you from withholding the encryption key from government and there’s conflicting rulings in the current US districts. In some places you can be held indefinitely. Unsure what occurs if you can’t remember the key though.
Yeah, I want to know what these unrelated charges were for before I get up in arms about a nothing burger. Sound sus as hell.
Get Tor Browser and/or Tails OS. When privacy is important and you need to be anonymous, use only Tor-friendly instances only via Tor (never once log in showing your real IP - if you accidentally do that, you’ll have to re-create another account as a different person).
When an email address is necessary to sign up, get one anonymously (again using Tor Browser), from a privacy-centric company or group, e.g. Tutanota, Disroot. Needless to say never ever use Gmail. https://tosdr.org/en/service/217
Still no guarantee of privacy. Tor exit nodes have been known to have been monitored, and tons of sites seized.
True. Tor, Tails, PGP (GPG), Monero etc. are not magic: you can be still de-anonymized especially if you post your private info by yourself. One thing I’ve been feeling a little uneasy about Tor is, the project is largely funded by the US Government itself, and in the past the US intentionally weakened Netscape browser (*1). While I would like to believe that something similar is not happening to Tor Browser, I’m not an absolute believer of Tor (like you said, there may be bad actors in the Tor network too). I might be feeling somewhat more comfortable if Tor Project were based on Europe, not the US.
Nevertheless, using Tor should be surely safer and more privacy-friendly than just using clearnet. Tor Browser is FLOSS and free as in free beer too. Using it when you’d like to be anonymous is not such a bad idea, especially if your instance is Tor-friendly.
(*1) https://wl.vern.cc/wiki/Crypto Wars?lang=en#PC_era Onion - http://wl.vernccvbvyi5qhfzyqengccj7lkove6bjot2xhh5kajhwvidqafczrad.onion/wiki/Crypto Wars?lang=en#PC_era
Another example of intentional back doors standardized by the US is: https://wl.vern.cc/wiki/Dual_EC_DRBG?lang=en Onion - http://wl.vernccvbvyi5qhfzyqengccj7lkove6bjot2xhh5kajhwvidqafczrad.onion/wiki/Dual_EC_DRBG?lang=en
