..

[RodeoX]

We are discussing the feasibility of creating our own hosting location, having our own facilities, not giving another random 3rd party access to the server. I thought you were aware that the hosting company staff were the weak link in this hack. The way to get around that, is to change to a facility operated by an employee of the Bitcointalk. That would involve building our own infrastructure, hiring staff to monitor its physical location, etc. That would also involve owning property to build on.

If we just rent server space from an already established company, we face the same issues. Not having complete trust of the people who have access to the server. So if we are talking about just changing hosts to something that isn't a large operation in a giant datacenter to a shared location with a couple of other people, we still have to worry about the human factor.

This is all quite clear to me.  
It's expensive to set up. It's not like you DL a wordpress style and host it on GoDaddy. Thanks for explaining.

[BitUsher]

The way to get around that, is to change to a facility operated by an employee of the Bitcointalk. That would involve building our own infrastructure, hiring staff to monitor its physical location, etc. That would also involve owning property to build on.

This is an unusual statement to make as I don't think anyone is suggesting bitcointalk get into the expensive datacenter business or 2112 suggestions are 100% bulletproof. Every option has various tradeoffs and inherent costs.

Some other options besides fully managed/un-managed leased dedicated servers -
1) managed colocated servers
2) unmanaged colocated servers
3) leasing a cabinet with your own servers
4) leasing your own cage

I personally think it is a bit unusual that Theymos is paying for multiple managed or un-managed dedicated server leases, especially based upon the inherent security considerations of this forum and costs.  

There are ways to protect colocated servers as well from tampering.
https://www.racksolutions.com/secure-server-unit.html
is one example amongst many. Additionally, every datacenter I have worked in had many security cameras, armed guards, tracking keypasses, ect...

[SaltySpitoon]

The way to get around that, is to change to a facility operated by an employee of the Bitcointalk. That would involve building our own infrastructure, hiring staff to monitor its physical location, etc. That would also involve owning property to build on.

This is an unusual statement to make as I don't think anyone is suggesting bitcointalk get into the expensive datacenter business or 2112 suggestions are 100% bulletproof. Every option has various tradeoffs and inherent costs.

Some other options besides fully managed/un-managed leased dedicated servers -
1) managed colocated servers
2) unmanaged colocated servers
3) leasing a cabinet with your own servers
4) leasing your own cage

I personally think it is a bit unusual that Theymos is paying for multiple managed or un-managed dedicated server leases, especially based upon the inherent security considerations of this forum and costs.  

There are ways to protect colocated servers as well from tampering.
https://www.racksolutions.com/secure-server-unit.html
is one example amongst many.

Oh, I know what you mean now. Heh, too much prior discussion of private built hosting centers on islands had me thinking in extremes.

My bad.

[BitUsher]

Oh, I know what you mean now. Heh, too much prior discussion of private built hosting centers on islands had me thinking in extremes.

My bad.

Its fine, I have often made the mistake of overly complicating solutions unnecessarily before realizing that simplicity is often superior which seems to be what is happening with epochtalk , but that is a whole other conversation.

[2112]

We are discussing the feasibility of creating our own hosting location, having our own facilities, not giving another random 3rd party access to the server. I thought you were aware that the hosting company staff were the weak link in this hack. The way to get around that, is to change to a facility operated by an employee of the Bitcointalk. That would involve building our own infrastructure, hiring staff to monitor its physical location, etc. That would also involve owning property to build on.

If we just rent server space from an already established company, we face the same issues. Not having complete trust of the people who have access to the server. So if we are talking about just changing hosts to something that isn't a large operation in a giant datacenter to a shared location with a couple of other people, we still have to worry about the human factor.

Man, you really have comprehension problems.

I'll repeat: colocation a privately owned server solves nearly all the avenues of "social engineering" attack. By "privately owned" I mean server not leased from the hosting company but a server owned outright or leased independently from the server manufacturer or distributor. The colocation staff will then only have as much access as you decide to provide them, typically limited to pushing buttons, inserting media into tray and connecting cables. The hacking risk is limited to intentional damage or physical theft.

And please quit your "large operation" "giant datacenter" bullshit. Colocation space can be bough in 1U units (1.75 inch height, 19" wide, varying depth around 1meter). Employee time can be bought in quarter-hour increments. The "human factors" are limited to physical theft that is extremely rare and easier caught and prosecuted.

[BitUsher]

Man, you really have comprehension problems.

I'll repeat: colocation a privately owned server solves nearly all the avenues of "social engineering" attack. By "privately owned" I mean server not leased from the hosting company but a server owned outright or leased independently from the server manufacturer or distributor. The colocation staff will then only have as much access as you decide to provide them, typically limited to pushing buttons, inserting media into tray and connecting cables. The hacking risk is limited to intentional damage or physical theft.

And please quit your "large operation" "giant datacenter" bullshit. Colocation space can be bough in 1U units (1.75 inch height, 19" wide, varying depth around 1meter). Employee time can be bought in quarter-hour increments. The "human factors" are limited to physical theft that is extremely rare and easier caught and prosecuted.

I can tell you have worked as a network administrator before, and agree with your comments. Additionally, collocation for a high traffic site like bitcointalk could save thousands of dollars in lease fees a month.

There are some downsides of course. More work setting it up, initial costs of servers, the need to occasionally upgrade the hardware and sell off old servers, ect... all these things can intimidate someone without experience but really isn't difficult and well worth it for high traffic sites that need better security. I am sure there must be one member of staff or moderator with a bit of data center experience?

[Xialla]

Man, you really have comprehension problems.

I'll repeat: colocation a privately owned server solves nearly all the avenues of "social engineering" attack. By "privately owned" I mean server not leased from the hosting company but a server owned outright or leased independently from the server manufacturer or distributor. The colocation staff will then only have as much access as you decide to provide them, typically limited to pushing buttons, inserting media into tray and connecting cables. The hacking risk is limited to intentional damage or physical theft.

And please quit your "large operation" "giant datacenter" bullshit. Colocation space can be bough in 1U units (1.75 inch height, 19" wide, varying depth around 1meter). Employee time can be bought in quarter-hour increments. The "human factors" are limited to physical theft that is extremely rare and easier caught and prosecuted.

^^ THIS + 100. as enterprise admin i can sign it. obviously you know what you are talking about.) regarding damage and theft, also these factors can be highly minimized, I visited couple of T4 high sec. data-centers around the world and except some military invasion or massive terrorist attack, I really can't even imagine simple physical "theft" from some rack. there were so many checks, scanners, cameras everywhere, guards everywhere, nobody alone in room rules..etc..

Regarding HW damage, this is solved by clustering in different buildings or even in different towns/countries..running services on fully redundant HW is not problem at all..

[BitUsher]

Regarding HW damage, this is solved by clustering in different buildings or even in different towns/countries..running services on fully redundant HW is not problem at all..

Yes, we have probably visited the same datacenters and the security is insane and way more involved than the average person expects. Multiple armed guards on each floor, cameras everywhere, lengthy background checks for network administrators , keypasses tracking me and only allowing me access to certain parts of the building, extensive backup power, EMP protection, backup cooling , ect--- layers and layers of security.

 RAID is no replacement for offsite backups or redundancy plans. Additionally, one should plan to have a backup server/s located in a country that doesn't have a history of being a lapdog to the US.