I know this question has been asked before... but I want a "finer tip" on my answer, please.

I just signed up for Xerobank Personal. I understand this is a multiple-hop VPN solution, unlike ShadowVPN's only being one-hop. My question is... what practical difference does one-hop vs. multiple-hop really make?

Aside from the email, bandwidth allotment increase, and the other "tricks" used by Xerobank, is the avg. person better off with Xerobank vs. ShadownVPN?

Thank you for any insights, Steve at al.

Before steve comes in reccomending Xerobank over everything else, It depends on the service, I use a 1-Hop service and its great for me.

{QUOTE-> Before steve comes in reccomending Xerobank over everything else, It depends on the service, I use a 1-Hop service and its great for me. <-QUOTE}


i second that

{QUOTE-> i second that <-QUOTE}

One hop is next to worthless for real anonymity.

{QUOTE-> One hop is next to worthless for real anonymity. <-QUOTE}
so are you saying that shadowvpn is worthless

Ouch, a logic trap...

My thought is... three hops makes it harder to find someone, but is it that much harder than finding someone with only one hop? Perhaps so.

number of hops >1 makes no difference if there isn't multiplexing and other tech between the nodes. Tracing a 1000-hop network is trivial if you are a global adversary. Tor could be a 2-hop system, if only the nodes were trustworthy (not trying to hide the identity of the user from itself, necessitating a middle-man node), and still offer the same anonymity (no multiplexing).

main differences of note, in my opinion:

1. XB network defeats US / UK/ EU data retention and surveillance programs, Shadow offers privacy with a little anonymity since it crowds on XeroBank exits. It does this through hardcore tech. Both provide evil twin / mitm / privacy / ip change.

2. XB offers encrypted anonymous mail, great support, other fun software goodies and services. ShadowVPN doesn't.

3. XB offers premium anonymity traffic for 75GB/month, and unlimited relay (1-hop) traffic, pick your country of presence. Shadow offers 10GB/month of relay, no premium, netherlands only.

bottom line: ShadowVPN has higher privacy than all other 1-hop services. XeroBank has true anonymity, only the other three services i mentioned in the other thread have that. (the ones geazer mentioned are not anonymous).

How much mixing can a low latency network really provide.

I would go with Xerobank over shadowVPN any day if I was after anonymity....which I am =).

SSH -> France -> VPN -> Russia / Secure Single hop VPN. Also my service is 300% Cheeper then Xerobank, Xerobank is Just way overpriced for a normal user and the 3% extra anonimity is useless because if someone really wanted to find you the 3% wouldent matter anyway. I wont pay £100 extra or more a year for 3%. Also Xerobank has a 75GB Network CAP, If i am paying that load of money for a service i dont want to be capped.

The one i use can stack VPN with SSH so its basically the same as Multi-hop, And the one i use also costs only £6 a month and has over 15 different nodes with no traffic CAP or connection speed CAP.

Thank you, Steve T.

If only I had gone to Xerobank's forums, I could have found the answer you gave another there:

See: http://xerobank.com/forum/index.php/topic,407.0.html

>>

ShadowVPN will defeat general spying by hackers, wifi impersonators, and your ISP. XeroBank will defeat general spying by hackers, wifi impersonators, ISP, State, Federal, EU Data Directive, Foreign governments, Crime organizations, and resists traffic analysis by Echelon, many intelligence agencies, and international information gathering groups.

>>

So my next question... what agencies can intercept and comprehend Xerobank data; and, why would anyone opt for the lesser ShadowVPN?

Also, what does the soon-to-be-released cryptorouter bring to the equation?

{QUOTE-> ... <-QUOTE}

TINSTAAFL. With the bandwidth accounting, you aren't limited to a single computer connection. You can have 20 computers using your single XB account. Other services will limit you to 1 connection per computer at a time. You're paying for premium access and very high flexibility + anonymity, not cheapo vps node hops on ssh. Btw, XB just picked up a 10Gbps uplink in USA. Should be implemented shortly. Strangely you've arrived at a 3%+ anonymity difference? How are you measuring that? I imagine you really mean x versus zero :D

As I said, the number of hops or tunnels inside tunnels make no difference whatsoever to your anonymity. Thats a common fallacy, a myth. I should add it to the list.

You don't need the france thing at all, it isn't making you more secure, unless of course that VPN isn't using encryption. You could drop that and save yourself even more money since your concern is only privacy.

{QUOTE-> So my next question... what agencies can intercept and comprehend Xerobank data; and, why would anyone opt for the lesser ShadowVPN? <-QUOTE}

a) intercept: anyone monitoring the exit node uplinks. b) comprehend: probably not anyone, unless the NSA was devoting a few datacenters into trying to do live correlation (good luck, guys.) c) most people don't know the difference between privacy and anonymity. they also don't know how either of them are achieved. there are many services in the marketplace that are set to confuse and bamboozle the user by making claims of anonymity, backed up by large bit-sizes of encryption or mentions of nodes or proxy chains or tunnels in tunnels. Just look above. It's all very confusing to the user, and mostly a bunch of bs. For others, it's an issue of price, they want less goods for less cost. well anonymity isn't cheap to implement or upkeep, and be suspicious of anyone offering it cheaply. Privacy is cheap, infact it is free if you use https.

{QUOTE->
Also, what does the soon-to-be-released cryptorouter bring to the equation?
<-QUOTE}

leak-proofing, zero-config, plug and play anonymity. internet in, anonymous crypto out, no software to run. you can't mess it up, and it also prevents known and unknown side-channel attacks against anonymity of many sorts.

3% was 1% x Node/Hop. Truly Anonymity is not really even gained with VPN, you could just have a program installed on your computer that knows what sites your going too and what your typing anyway, and if its tailor made for your computer and does not show up in task manager then 99% of windows users are screwed.

Also was using France as an example of a node, I could have always done Node -> VPN -> Node -> SSH but most people wouldn't have understand Node or the fact they are separate.

That is what xB Machine is for.

{QUOTE-> That is what xB Machine is for. <-QUOTE}

The normal user won't use xB Machine, Its will just cause problems for them.

{QUOTE-> ... and resists traffic analysis by Echelon, many intelligence agencies... <-QUOTE}

'Resists' ??? Please explain how it 'resists' ? Where did you get this info ?

One question for Steve:
You keep showing how strong and difficult to reconstruct is the data traffic on XB network, being multi-hop, multiplexed, and everything else.
But what about the data being processed in the servers of the first hop. How is such data protected? At some point, I guess, this data will be elaborated in unencrypted form... what if one of these machines is compromised? What do you do to protect such machines?

On the legal point of view, XB is Panama based, ok, but some (most?) of its servers are in the US, and the others in Netherlands and Canada. What would happen if Canada had a warrant against Xerobank, and asked Xerobank to provide the data being processed in their servers? Wouldn't this mean having all traffic using Canada as first node be exposed? How would XB defend against such a situation?

{QUOTE-> But what about the data being processed in the servers of the first hop. How is such data protected? At some point, I guess, this data will be elaborated in unencrypted form... what if one of these machines is compromised? What do you do to protect such machines? <-QUOTE}

XeroBank currently receives of 16 million hacking attempts per month against our network. While you read this sentence, 10 attacks have occurred. All XeroBank machines are heavily protected in both security and encryption. The security operates with many properties such as system-of-least-permissions, filesystem/partition encryption, internal & external firewalling at the adapter, virtualized operations inside of encrypted containers, no active content, stealth services, separation of OS from operating data, internal honeypots with intrusion detection, failsecure (NOT failsafe), key exchange logon only, multi-admin/secret-sharing anonymous auditing/access, memory/PID/process protection, panic/stress reporting, very heavy defense in depth.

{QUOTE->
On the legal point of view, XB is Panama based, ok, but some (most?) of its servers are in the US, and the others in Netherlands and Canada. What would happen if Canada had a warrant against Xerobank, and asked Xerobank to provide the data being processed in their servers? Wouldn't this mean having all traffic using Canada as first node be exposed? How would XB defend against such a situation? <-QUOTE}

Xero Networks AG does not recognize warrants from jurisdictions that are not Panama. They would be dismissed as lacking jurisdiction. If a warrant is delivered to the datacenter, or the datacenter is raided, the server will not function, may digitally self-destruct depending on tampering, and will render no user data or traffic due to encrypted systems. In Germany, when our datacenter was raided (06?) by police in swat gear, machine guns, and black helicopters, the prosecution and investigators got nothing but a mouthfull of encryption and internal humiliation. They acted rudely, and reaped the fruit of it. XB cannot be taken by force.

My God Steve. Why would they raid Xerobank like that? Just because it is an anonymity service?

And 16,000 hacking attempts per month? WTF? Why? What am I missing here? Is that typical in this kind of business. Sheese!

Can't really say. Obviously they were looking for something (But didn't find it of course). And you're missing some zeros on those hacking attempt figures. I'm sure the number is up now.

{QUOTE-> My God Steve. Why would they raid Xerobank like that? Just because it is an anonymity service?

And 16,000 hacking attempts per month? WTF? Why? What am I missing here? Is that typical in this kind of business. Sheese! <-QUOTE}

The number of hacking attempts per month against Xerobank is probably typical, just because it's a high priority target for hackers.

I remember seeing similar numbers for NASA and other US government agencies. Most if it is probably hackers trying to "prove themselves". They're putting their skills against that of their target, and trying to prove that they're better. Most government agencies and other high profile targets probably have a similar number of hacking attempts per month.

Imagine the bragging rights a hacker would have if they hacked into Xerobank's computers. Same thing with NASA, FBI, NSA etc...

{QUOTE-> Can't really say. Obviously they were looking for something (But didn't find it of course). And you're missing some zeros on those hacking attempt figures. I'm sure the number is up now. <-QUOTE}

Wow Steve I guess I had no idea how involved having a business like this would be. I could not imagine what it must have been like for those who were there when the data center was raided. Helicopters and guns? Sheese!:doubt:

{QUOTE-> The number of hacking attempts per month against Xerobank is probably typical, just because it's a high priority target for hackers.

I remember seeing similar numbers for NASA and other US government agencies. Most if it is probably hackers trying to "prove themselves". They're putting their skills against that of their target, and trying to prove that they're better. Most government agencies and other high profile targets probably have a similar number of hacking attempts per month.

Imagine the bragging rights a hacker would have if they hacked into Xerobank's computers. Same thing with NASA, FBI, NSA etc... <-QUOTE}

Okay. I can understand the challenge of it. That's understandable. But I guess I had absolutely *NO* idea that there were so many hackers out there. I'm really shocked to hear all of this. Thanks for the explanation.

{QUOTE-> But I guess I had absolutely *NO* idea that there were so many hackers out there. <-QUOTE}
While there are definitely a lot of hackers out there, it's not as many as you'd think going by the figures provided. It's not 16 million hackers attacking once each, it'd be a significantly smaller number of hackers launching multiple attacks.

The comment from Steve indicating they would have received 10 attempts in the time taken to read a sentence can easily refer to one person launching several attacks in a very small timeframe.

There are tools out there that will automatically scan every IP in a given range for potentially exploitable services. Those same tools will then attempt to exploit these services and deliver a payload. This shotgun approach means that most of the servers will register a large number of alerts in a short period of time in their audit logs but a few servers will be compromised, which is all the would-be hacker needs.

I am not just speaking of "scanners". I mean real live people on the other end as well, attempting very sophisticated attacks with unpublished exploits.

{QUOTE-> The number of hacking attempts per month against Xerobank is probably typical, just because it's a high priority target for hackers.

I remember seeing similar numbers for NASA and other US government agencies. Most if it is probably hackers trying to "prove themselves". They're putting their skills against that of their target, and trying to prove that they're better. Most government agencies and other high profile targets probably have a similar number of hacking attempts per month.

Imagine the bragging rights a hacker would have if they hacked into Xerobank's computers. Same thing with NASA, FBI, NSA etc... <-QUOTE}

You really believe all of Steve's hype about Xerobank? It's a tiny outfit run by one person - Steve Topletz. He has someone who helps him but the owner of XB is Steve Topletz. Period. That's why he's never answered the simple question about who owns the company. He's always been too embarrassed to admit that he's it!

Bragging rights for breaking into Xerobank's computers? Seriously? There are privacy providers out there that are several hundred times the size of Xerobank. XB is probably not even in the top 100. Try Googling - privacy vpn - and see where you find Xerobank on the list. Comparing hacking Xerobank with NASA, the FBI, NSA - that's ridiculous. If one could hack into Xerobank - nobody would care. That's how small they are!

Go on you say? Not to mention, they're expensive and overpriced, make claims for themselves that aren't true, makes up BS about Tor that doesn't make a bit of sense, misleads Wilders members about "their" data center being raided with SWAT and black helicopters, they have to make excuses when logging shows that XB and Shadow are basically one and the same. I could go on and on and on and on and on. But, they do have a nice web site! That $35 a month has to go to something and it does - good web designers. But many of those outfits with simple web pages but ten to fifteen dollars a month for OpenVPN based services? They're as good - or better - than Steve's bragware.

Xerobank, ShadowVPN, Cryptohippie, Metropipe, all the other "related" outfits sharing the same server farm in Germany are mostly scam, talk and hype.

That's my two cents, or less, as I post once for every several hundred from Steve who's either busy promoting XB's next "breakthrough" or slamming other commercial providers and even Tor!

Must keep some balance here.

I'm afraid the facts just aren't on your side, yet again. In a search you will find XeroBank on page 1 of google results for anonymous browsing, internet privacy software, and anonymous browser; and you will find us in the next few pages for internet privacy, identity protection, and anonymous internet, depending on where you search from. We don't do any advertising or much in the way of PR, it's really a word of mouth service. Considering that fact, I would say you are drastically misinformed considering the substantial google rankings we have. We're just too busy doing service/software development, and I'm sure all the crap services appreciate that... but they won't appreciate it on august 1st when they get busted. :D ask me why it is august 1st for the date. You'll love my answer.

{QUOTE-> ...ask me why it is august 1st for the date. You'll love my answer. <-QUOTE}

In honor of a great man in your family, Otto Toeplitz - and the Toeplitz Matrix. His birthday is August 1st. Your surname was anglicized after WWII. Close?

The answer is that it is a secret. Like many things, I'm under contract not to disclose the information. Told you that you would love my answer. But look at it this way, at least you have a solid date.

Genady, I often get the feeling you are troll working for some sleazy service like privacy.li, but there is the possibility that you may not be, so let me ask you some things since you are appropriately positioned: what product or service would you like to see from XeroBank? What would enhance your feeling of trust or security? What do you like about XeroBank, what do you like about other services? What do you dislike about XeroBank (beside your thirst for internal knowledge), what do you dislike about other services? What would you change? And thank you for the compliment on the website, I'll let the designers know.

Steve

Mr. Prishnikov;

You have tendered your remarks as your $.02 worth.
And I'd gladly return your change: $.02

While I support your right to your views, I reserve the right to judge them as they are: FUD:

Fear, Uncertainty, Doubt.

Your pattern is the same. You appear suddenly, out of the blue, launch vicious, personalized attacks against Xerobank, and then disappear. This time will be no different.

The last time you did that was your fanboi support, a few months back, of some fictitious character who "claimed" to have been burned by Metropipe. When pressed for details and a further explanation regarding the incident, there was none. Nothing but stone cold silence. The silence was deafening.
Attack, and vanish. Until the next time..

You accomplished what you set out to do: Fly in, drop bombs and disappear. Whatever credibility you may have enjoyed, sadly has disappeared.

Your logic, old, tired. Xerobank=Metropipe=Cryptohippie. Nothing new.

Your tone caustic and harsh.

And increasingly more desperate.

{QUOTE-> I'm afraid the facts just aren't on your side, yet again. In a search you will find XeroBank on page 1 of google results for anonymous browsing, internet privacy software, and anonymous browser; and you will find us in the next few pages for internet privacy, identity protection, and anonymous internet, depending on where you search from. We don't do any advertising or much in the way of PR, it's really a word of mouth service. Considering that fact, I would say you are drastically misinformed considering the substantial google rankings we have. We're just too busy doing service/software development, and I'm sure all the crap services appreciate that... but they won't appreciate it on august 1st when they get busted. :D ask me why it is august 1st for the date. You'll love my answer. <-QUOTE}

Doh! Well don't leave us good Xerobank subscribers hanging! What happens on 1 Aug. 2009, Steve? That's when Windows 7 betas expire, right? (snickers)

{QUOTE-> Xero Networks AG does not recognize warrants from jurisdictions that are not Panama. They would be dismissed as lacking jurisdiction. If a warrant is delivered to the datacenter, or the datacenter is raided, the server will not function, may digitally self-destruct depending on tampering, and will render no user data or traffic due to encrypted systems. In Germany, when our datacenter was raided (06?) by police in swat gear, machine guns, and black helicopters, the prosecution and investigators got nothing but a mouthfull of encryption and internal humiliation. They acted rudely, and reaped the fruit of it. XB cannot be taken by force. <-QUOTE}

Well, I don't have elements to discuss the logical security of your servers, but what about the physical security? Why would german swat need to use helicopters and machine guns to get physical access to your servers? They are placed in datacenters owned by XB? Defended by armed personnel ready to die in a fire fight with the swat? This is not believable.
I guess it would be more likely that a couple of cops shew up at the datacenter where your servers are host, show a warrant and gain physical access to it.

Was it a joke the swat thing? :)

Data Centers are like banks, except with stronger protection. They are physically guarded, and are practically never reported about when there is an attack on one, state sponsored or criminal. There was a datacenter in NY that was robbed twice in one year. They used precision explosives to blow holes in the wall and steal millions of dollars worth of hardware. Just recently in Dallas there was an FBI raid of a datacenter where they took all the hardware from the datacenter. The state brings riot gear, tear gas, and automatic weapons to peaceful protests in the USA. The protestors have no weapons. Datacenters are often physically protected with armed guards, sunk pillars, spike strips, etc., and some are even built into mountains or deactivated nuclear bunkers.

So was the swat team ref. a joke, Steve? And what of 1 Aug.?

No joke. August 1st is the date we release DeAnonymizer.

Ah, yes. You had mentioned that before.

Well, I will keep to Xerobank. I have enjoyed my first 2 weeks. I hope you can prove many other providers piffle and codswallop.

{QUOTE-> You really believe all of Steve's hype about Xerobank? It's a tiny outfit run by one person - Steve Topletz. He has someone who helps him but the owner of XB is Steve Topletz. Period. That's why he's never answered the simple question about who owns the company. He's always been too embarrassed to admit that he's it!

Bragging rights for breaking into Xerobank's computers? Seriously? There are privacy providers out there that are several hundred times the size of Xerobank. XB is probably not even in the top 100. Try Googling - privacy vpn - and see where you find Xerobank on the list. Comparing hacking Xerobank with NASA, the FBI, NSA - that's ridiculous. If one could hack into Xerobank - nobody would care. That's how small they are!

Go on you say? Not to mention, they're expensive and overpriced, make claims for themselves that aren't true, makes up BS about Tor that doesn't make a bit of sense, misleads Wilders members about "their" data center being raided with SWAT and black helicopters, they have to make excuses when logging shows that XB and Shadow are basically one and the same. I could go on and on and on and on and on. But, they do have a nice web site! That $35 a month has to go to something and it does - good web designers. But many of those outfits with simple web pages but ten to fifteen dollars a month for OpenVPN based services? They're as good - or better - than Steve's bragware.

Xerobank, ShadowVPN, Cryptohippie, Metropipe, all the other "related" outfits sharing the same server farm in Germany are mostly scam, talk and hype.

That's my two cents, or less, as I post once for every several hundred from Steve who's either busy promoting XB's next "breakthrough" or slamming other commercial providers and even Tor!

Must keep some balance here. <-QUOTE}


Wow someone is having a bad day....

From their website:

http://xerobank.com/company/team/

{QUOTE-> No joke. August 1st is the date we release DeAnonymizer. <-QUOTE}


Steve what is DeAnonymizer?

You know how XeroBank has this gold-standard reputation for our anonymity, but you get people like Genady that have no clue why? Well, gold is about as good as tin if you're blind. DeAnonymizer is the first true measuring stick for comparing anonymity services. You can visit using any service you like, and the DeAnonymizer will try to break your anonymity through a variety of attacks. You'll be able to see just how good (or bad) your provider is. Not only will it try, it will probably succeed, and then go on to tell you where it thinks you really are located and your true IP address. As tested, it will defeat Tor, JAP, Jondonym, Ironkey, Anonymizer, Proxify, all web proxies, probably every ssh tunnel, and most VPNs. You'll be able to see just how other providers stack up as users will be able to designate what network they are using, and see live statistics. And yes, it does true DNS leak testing.

{QUOTE-> Mr. Prishnikov;

You have tendered your remarks as your $.02 worth.
And I'd gladly return your change: $.02

While I support your right to your views, I reserve the right to judge them as they are: FUD:

Fear, Uncertainty, Doubt.

Your pattern is the same. You appear suddenly, out of the blue, launch vicious, personalized attacks against Xerobank, and then disappear. This time will be no different.

The last time you did that was your fanboi support, a few months back, of some fictitious character who "claimed" to have been burned by Metropipe. When pressed for details and a further explanation regarding the incident, there was none. Nothing but stone cold silence. The silence was deafening.
Attack, and vanish. Until the next time..

You accomplished what you set out to do: Fly in, drop bombs and disappear. Whatever credibility you may have enjoyed, sadly has disappeared.

Your logic, old, tired. Xerobank=Metropipe=Cryptohippie. Nothing new.

Your tone caustic and harsh.

And increasingly more desperate. <-QUOTE}

Let's see....I've been a member of Wilders since March of 2006 and have over 300 posts. You joined a few months ago as a shill to protect Steve and Kyle and Xerobank.

{QUOTE-> Your pattern is the same. You appear suddenly, out of the blue, launch vicious, personalized attacks against Xerobank, and then disappear. This time will be no different. <-QUOTE}

So, it's a pattern if I don't post once a day or once a week or once a month? I respond to Steve's ridiculous claims when I feel like I want or need to. Much like you do, Ky....Joker's Wild.

Fanboi support? Without doing a search, I have no idea what you're talking about. Maybe I did support somebody who had problems with Metropipe - sounds like you have problems with people who have problems with Xerobank, Metropipe, Cryptohippie.

Steve, The "gold standard" of anonymity services? Really? Most all references I can find on the Internet to XB are posts from this forum and mentions of the free XBBrowser. You are in a serious state of self-delusion about Xerobank. I'll say it again - I don't believe XB is in the top 50 of such services.

As for the "Xerobank Team" - anybody can pay people a few bucks a month to be a whatever title you want to give them. Remember Enron? FULL of people "officially" serving in shell companies who did NOTHING. Some were college buddies who let their names be used. You trust that "team" at the XB website? Really?

Its disappointing that another good thread has turned into a yet another scream fest, with no-one the wiser and no-one the winner. Theres an old internet saying, 'Don't feed the trolls', the more you feed them the bigger and more annoying they get. I miss the good days of this privacy section where it was just about plain facts and new products coming out and people solving privacy issues. Now its turned into somewhat of a troll plain, people pointing fingers getting the higher 'apparent' moral ground and then people awaiting the arrival of the messiah steve, to rip apart any good thread with usually what reads as a marketing pr exercise about xerobank. its really trying and i couldn't care less about this section anymore expect when the one or two good threads that come out.

So heres a great idea, stop feeding the trolls, if you want to feed them, use the 'PM" button instead, two, could steve take a break from flooding every thread with 'xerobank'. Don't get me wrong, your insights are interesting but the constant flogging of xerobank isn't. Its old hack and its marking it hard for new users to post here without getting a balanced view, how about giving it a rest for a month and just posting some good views on products.

If people stop asking Qs about XB and starting threads about it, I'll stop answering their questions about it. Nothing would make me happier than if it was all taking place on the xb forum... except maybe if the SWANSAT project got their funding. Maybe it needs a subforum. Nite.

Steve, really, I am not questioning the security of data centers, I am questioning the fact that the armed guards would fight the swat team... A regular warrant would be enough to let the investigators in.
Please, point to some case of swat entering a data center.

{QUOTE-> Steve, really, I am not questioning the security of data centers, I am questioning the fact that the armed guards would fight the swat team... A regular warrant would be enough to let the investigators in.
Please, point to some case of swat entering a data center. <-QUOTE}

I know data centers running Tor nodes have been raided by SWAT teams before, as have operators of Tor exit nodes. Think of it this way. People that do illegal shit online that goes beyond torrents are usually raided by swat teams, task forces, whatever.

Those door kickers, good at their jobs as they may be, usually don't know jack shat about the internet. So in the rare cases where the IP address that did a no-no is on the Tor network, its gonna be the person running the exit node who gets raided.

Helicopters, SWAT teams, ETC; sounds like major over kill from our educated perspective (WTF are helicopters going to have to do with tracing someone back over Tor?)

but keep in mind 9 / 10 times LE doesn't really understand computers or the internet that well, and you end up with mr. Exit node being hit with the force that was designed for Mr. Pedo (or Mr. Whoever the hell needs black helicopters on him).

{QUOTE-> I know data centers running Tor nodes have been raided by SWAT teams before, as have operators of Tor exit nodes. Think of it this way. People that do illegal shit online that goes beyond torrents are usually raided by swat teams, task forces, whatever.

Those door kickers, good at their jobs as they may be, usually don't know jack shat about the internet. So in the rare cases where the IP address that did a no-no is on the Tor network, its gonna be the person running the exit node who gets raided.

Helicopters, SWAT teams, ETC; sounds like major over kill from our educated perspective (WTF are helicopters going to have to do with tracing someone back over Tor?)

but keep in mind 9 / 10 times LE doesn't really understand computers or the internet that well, and you end up with mr. Exit node being hit with the force that was designed for Mr. Pedo (or Mr. Whoever the hell needs black helicopters on him). <-QUOTE}

Data center and individuals running exit nodes are not the same thing. While somebody running a tor exit node might be confused with the criminal the swat was sent for, this cannot happen with a data center. In data center there are thousands of machines, belonging to many different companies/privates. Such data center are physically well protected, and armed guards take care of security. Such armed guards will not fight back the swat team. They won't even fight back a legal warrant... which actually they couldn't fight back.

Xerobank's machines are in datacenters in which you and I could have a machine as well. So for sure they are well protected buildings, but we are not talking about military grade protection.

On the other hand, believe me that not all cops are so dumb, and very specialized internet/technology agents are on service in any state in the world. Many more than you can even imagine. And you don't need to look into secret services to find one.

So, I do not believe that any swat team ever tried to get xerobank's servers... and I don't believe that it will ever happen.

Also, steve, what would xerobank if netherland's justice asked to have access to all the machines physically in Netherlands?

{QUOTE-> Steve, really, I am not questioning the security of data centers, I am questioning the fact that the armed guards would fight the swat team... A regular warrant would be enough to let the investigators in.
Please, point to some case of swat entering a data center. <-QUOTE}

The guards aren't there to fight against state troops with warrants.

{QUOTE-> So, I do not believe that any swat team ever tried to get xerobank's servers... <-QUOTE}

Hard to deny reality. I'll dig up info on the raid. I *think* it was in 2007 in Germany, but it may have been in Italy.

{QUOTE-> what would xerobank if netherland's justice asked to have access to all the machines physically in Netherlands? <-QUOTE}

They would get physical access of course. Physical access is not a threat to compromise XeroBank data or clients, so we don't worry about it at all. I wonder why people seem so stuck or to care about physical access. Well I guess nobody else is running heavily encrypted tripwired servers for their service, so that could be a valid question.

{QUOTE-> Hard to deny reality. I'll dig up info on the raid. I *think* it was in 2007 in Germany, but it may have been in Italy.



They would get physical access of course. Physical access is not a threat to compromise XeroBank data or clients, so we don't worry about it at all. I wonder why people seem so stuck or to care about physical access. Well I guess nobody else is running heavily encrypted tripwired servers for their service, so that could be a valid question. <-QUOTE}

I'm looking foeward to get this info about the raid.

Well, physical security is fundamental, and I am sure you have often heard experts saying that there is no security without physical security. It can get extremely hard to protect a machine that is in the hands of your adversary; but I have no doubt you know well about this.

An lot of things in this thread: http://www.wilderssecurity.com/archive/index.php/t-72654.html are even true today, years later.
Every anon service provider will claim that their connection is safe.
You just have to TRUST that provider that is really so.
And that he will not keep log files. There is no way to be sure...
Are the servers really on a safe location? and cannot be hacked ?!?
Of course Xerobank might be safe as the owner claims why not?
But on the other hand, is he who you think he is?
For the average user it will always be a guess.
For the record i don't know if Xerobank is safe..
There is now way to be sure!
There is no guarantee,
like 'if anyone else will get/tamper info regarding the traffic over our network, we will pay you 1 million Dollars or so'.
www.surfola.com claimed to be safe as well (see the link above)...
I hope Xerobank will be safe and not be run be a agency or group of hackers .

Another thing is that i would like to ask Wilders mods to keep an eye on this Privacy software section,so it will not to get into a advertisement for 1 anon product company because this company is presented here all the time and others are not, or open a section for this company and remove the current section name.

It all comes down to trust. You do your research and look at the backgrounds of the people involved and make a decision one way or another. Steve's activism in this area came ahead of Xerobank. For me, that's very important.

Police come in roit gear and helicoptors (if nessicary) because of tactical reasons not because they can. They have no idea what they are up against, it only takes on person to make a situation go completely wrong and for things to go bad for everyone not just the police in general.

on the whole subject of physical security for data centres. they are there to protect against theives and corporate security rather than shoot out with authorities. Armed guards would be a last resort for most data centres unless they are hosting big clients with data that costs them vavlable time and money or in countries where police aren't so reliable. Also people build data centres in places like abandoned nuclear bunkers for good reasons, they are secure, were built with electronics in mind so they are dry and well good ventilaton and are generally EMP shielded, not cos some government agency is going to nuke them.

Most data centres also have a policy of only letting people whom own servers in, and only well supervised, you're only allowed near your server and no-one elses, and having any items ie removable storage, mobile phones, etc removed from said person. I at least know that to be the policy of data centres around the my area.

{QUOTE-> Police come in roit gear <-QUOTE}Unfortunately that's where this thread has evolved :dry:

We can only hope the next discussion involving privacy program comparisons can be about the programs and less about the developers,"Helicopters, SWAT teams, ETC".

As this thread lost it's usefulness long ago, it's now closed.

Bubba