
PrivateCore demonstrates industry's first PRISM-proof Tor server in public cloud - tjaerv
http://www.reuters.com/article/2013/10/23/ca-privatecore-idUSnBw235444a+100+BSW20131023
======
dguido
Press release with no real info. Not sure how a "PRISM-proof Tor server" even
makes sense. People you don't like can still run as many backdoored exit nodes
as they want, and it's up to you to properly use crypto so they can't sniff
your connection. Tor nodes are supposed to be (assumed to be?) untrustworthy.

~~~
conformal
totally agree. they seem to claim that their software gives legit dma and
compromised device protection, which is a big claim.

there is no information about how this tech actually accomplishes this on
their site. i suspect it's "stuff everything in the TPM because you can trust
hw crypto" from normal memory, but this is just a guess. i would expect that
the hw assurance claim is tied to storing id info in the TPM as well.

------
hershel
So basically it's a VM/hypervisor that creates a random key that is stored on
the cache or on cpu registers, and uses it to encrypt memory content. similar
to tresor[1].

Seem like something that can be usefull for android devices, since the main
vulnerability of android devices is the ability if chips(like the modem) that
have closed source firmware , to access the ram.

[1][http://en.wikipedia.org/wiki/TRESOR#Potential_vulnerabilitie...](http://en.wikipedia.org/wiki/TRESOR#Potential_vulnerabilities)

------
eximius
This is ridiculous. Encrypting memory does not make Tor "PRISM-proof". The
claim is that the NSA just grabs the keys from all of the Tor relays, which is
ridiculous and not at all how the NSA has been publicized to do their
tracking.

------
tedks
This has nothing to do with PRISM, but it's still neat technology.

> Using PrivateCore vCage, no trace of Tor server code or data is maintained
> in memory or on disk, eliminating the possible exposure of secret key
> material through memory forensics.

This isn't at all what the NSA's attacks on Tor are, but uh, good for them, I
suppose.

~~~
willvarfar
PRISM was that the companies being compelled to providing access to the NSA,
wasn't it?

If Amazon or Rackspace got an NSL, would the NSA be able to get an image of
your VPS without you being told?

It seems relevant.

------
ds9
Where's the source?

Open source doesn't automatically guarantee anything, but you can't have real
security without it.

~~~
ris
Agreed. I would not be at all surprised if there were an NSA backdoor or known
weakness in such a product, and you have no real way of finding out due to the
proprietary nature.

------
cryptolect
Does this just boil down to encrypted shared memory on a VPS, on TOR, as-a-
service?

