any moment now ...
John Case
case at sdf.lonestar.org
Tue Nov 30 22:27:42 PST 2010
Hi Eugen,
On Tue, 30 Nov 2010, Eugen Leitl wrote:
> On Tue, Nov 30, 2010 at 08:57:31PM +0000, John Case wrote:
>
>> Look, if running a Tor node anonymously was difficult, this conversation
>> would be interesting.
>>
>> But unning a Tor node anonymously is trivial, so the cost/benefit
>> analysis is pretty parabolic. No cost, all benefit.
>
> This is interesting to me personally. How would you run
> a Tor node anonymously, without breaking the bank?
>
> Apart from offshore incorporation or finding a host that
> takes cash or anonymous prepaid cards it appears not obvious.
There's a few ways to approach this.
First, there are a LOT of co-location/vps/webhost resellers operating in
the US, and almost no regulation of them as "ISPs". The big famous ones
that do shell hosting and irc and all of that will not work - they are
very vigilant about customer validation because they get so much CC fraud.
But if you can find a joe-blow VPS reseller or datacenter reseller and
call them up like any other vendor, they will bend over backwards to take
your money. They're not going to ask for your drivers license or a credit
check or anything like that. You can just mail them a postal money order
or two and be done with it. Most give you a discount for paying a year in
advance, so that's convenient.
The other way to approach it is much more convenient, but potentially more
risky, and that is to use an assumed name with your own credit card. You
will find that most CC auths are done based on the numbers, and not on
your actual name. Try it - you can set up a working amazon account with
your own CC and a totally bogus name.
Since most (all ?) merchants are required by their banks to dispose of the
CC information, or never hold it in the first place after authorization,
after your transaction they are left with your bogus information (but
correct address) and either a hash or the last four of your CC.
This is worth considering, since we aren't guarding against "being raided
right now", but rather against future data mining ... and if future data
mining traces an IP back to an account that had (possibly) the same
address as you ... it gets a bit hazy there. The hunt is for a name, and
that name is not there.
So that's some food for thought - I have it on good authority that all of
the above works very well ... and we haven't even gotten to prepaid visa
cards, which aren't exactly rocket science to procure and use...
More information about the cypherpunks-legacy
mailing list