|WikiProject Micronations||(Rated Start-class)|
It should be noted that this article appears to have been written by someone with the same Wikipedia user name as one of the people named in the article.
One might speculate on how long HavenCo could resist an attack from a nation state or its police force, or how robust its communications to the Net are against attack.
One might also speculate what form a sting operation by a nation state against prospective data haven users would take.
Feel free to speculate on such things and add them to the article!
(I am CTO of HavenCo, but I think the HavenCo article is relatively unbiased; no one else posted anything yet, though)
Our policy has always been "we can destroy stuff before it is captured, and will do so". We have sufficient security/military/etc. to protect equipment from our own staff, and from invasion. We certainly can't defend against destruction. Our communications are relatively robust (terminating in many countries), but even someone like AboveNet could be flooded off the net for a few weeks with enough effort. Our security is sufficient to delay capture long enough to destroy things (which in most cases just means shutting off power; disks are encrypted, and boot codes require positive cooperation and can be destroyed with a single switch)
We also do tamper-resistant hardware for our more security-conscious customers -- even I can't compromise it. Even if the hardware fell into "enemy" hands for months, it would be in my opinion impossible to recover data. As for being a sting -- sure. Crypto AG is a better example. We deal with this issue by not requiring *any* information from customers; leave a bag of cash in a locker at an airport, anonymous-remail me the code, I'll pick it up, and then put a server online, using factory-standard tamper-resistance, which can be remotely verified. We *could* be a sting, but we work to make sure stuff is provably secure even from ourselves, so even if I worked for the CIA or MI6, customers could trust our security due to faith in mathematics and physics. I'd have *more* trust in HavenCo if it were MI6/CIA, as then you'd know for sure it was being operated professionally. Most of our customers are casinos and backups anyway, and don't really care about security from intelligence agencies.
I'll include some comments on this (including links to Crypto AG and a brief article on it) if you don't.
So, you are saying that you have direct undersea fibre connectivity to many countries?
Please explain 'factory-standard tamper-resistance'.
Wireless, satellite, etc. to many countries, yes. Fiber is planned but expensive to go to many countries. Also we handle layer-3 (IP) in more countries than layer-2, using encrypted tunnels.
We have metal-enclosed coprocessors (486, crypto coprocessor, storage) inside sealed PCI cards which zeroize themselves if they detect any attempt at tampering. People run security-critical parts of their application on those, random other stuff outside. So even if you break into the machine, all the critical data is on this card (which is really a separate computer), which runs a special-purpose OS, has been audited, etc.
Costs range from ~$8 (iButton) to ~$50k (Compaq Atalla); IBM 4758-002 is in my opinion the best. There was recently found a vulnerability with one of the libraries, but it's not one we use. The hardware itself is very secure.
You mean Michael Bond and Richard Clayton's attack at http://www.cl.cam.ac.uk/~rnc1/descrack/ ?
Looking at the IBM documentation on the 4758, it is clear that the hardware's security hinges on the user trusting IBM (for example, only they should know the root certificate for the 4758). But if you are a sting operation, IBM will surely have cooperated with those parties? And this same would be true of any US or UK sourced security hardware, such as the iButton or the Compaq.
Yes, that research.
You can do "cut and choose" verification on the hardware, and you can run your own software inside a module. IBM doesn't have the ability to *change* the machines once they're released, only to certify fraudulent ones, so you can buy a thousand, open 999 to verify there is no backdoor, load your software into one, and then ship it, knowing it hasn't been tampered with.
Also there are non-US/UK manufacturers of such devices, and the technology to make such a device is not *that* impossible. Plus, you could do secret-sharing across multiple manufacturers, if you cared, at multiple sites.
But most people have no reason to be so paranoid. The people involved with HavenCo have some pre-HavenCo notoriety beforehand, but I suppose you could claim I was recruited by <agency> when I was 10 years old and raised to run a sting operation :)
Surely that's the point. If I am not paranoid, I don't need an offshore data haven. I just trust secure processor hardware and mathematics in a number of Tier-1 secure colos in various jurisdictions. That gives me as much resilience and security as could normally be desired. If I want to go beyond this, I need to have my own physically secure premises and hire my own guard force.
If someone is paranoid enough to need a data haven, then they are presumably either
- mentally ill or
- doing something that makes them reasonably expect to be subject to such attacks.
If the former, no amount of security will satisfy them. If the latter, they will need to take precaustions that assume that serious resources will be brought to bear upon them - such as
- having a copy of the IBM 4758 root private key
- bribing, threatening or simply employing third parties in a sting operation
I'm not convinced that it's necessary to explore the demand for a data haven in this particular article; perhaps that would be better suited to an article on data havens in general. If you're right about no one wanting a data haven, Anome, then HavenCo will go under. Time will tell. But I'd like to focus more on HavenCo itself, its relationship to that odd little place called Sealand, and possible attacks and on HavenCo's setup. And avoiding turning the whole thing into an advertisement, of course. :) --Stephen Gilbert
I think this needs merging
With Sealand! Honestly, though the company is notable, I don't think its that important. - Ta bu shi da yu 11:22, 1 Jan 2005 (UTC)
No, it needs un-merging
HavenCo is distinct from Roughs Tower, Rough Sands and Fort Rough. The attempt to merge it all together is most likely being used to give the cachet of legitimacy to Bates's project. We should neither confer this legitimacy, nor endorse it. But we should not denounce it either. We should merely describe the history of it all. Uncle Ed July 8, 2005 18:49 (UTC)
This article is unnecessary duplication
This article is a verbatim copy of the HavenCo section of the Sealand article. There's no need for both of them.
Someone has an axe to grind on the registration issue. There was actually an Anguillan corporation established sometime in 1999 or early 2000, with the UK company in parallel (which was allowed to lapse). The UK company was started on the advice of some even less competent UK attorneys after we had problems doing banking using an Anguillan company.
The Anguillan company was moved to a Cyprus company at some point. The Cyprus company THEN I think failed to pay its registration/etc. fees and was stricken, after I left.
The article as it stands is somewhat misleading on this point.
I don't have documentation readily available; if someone wanted to check the Anguillan companies registrar, that would probably be a better source of info.
(we dropped the Anguillan company because the registration agents we were using were fucking incompetent and expensive; banking in Anguilla also was pretty much useless, as they didn't offer online banking. Cyprus was not really much better though)
-- User:rdl 2006-06-01.
The UK registration was dissolved on 12/04/2005.
This whole registration entry is needs to be cleared up.
Server Location and Cabling
Are the data servers actually located on Sealand? And if so, how is the bandwidth transferred from Sealand? Was a cable laid from the UK? Wireless? Satellite? --Dogbreathcanada 08:27, 2 June 2006 (UTC)
The servers are currently located in London.
Do a traceroute to e.g. www.cracks.am.
There are 3-5 customers currently online. (scan 22.214.171.124/24)
The recent fire at http://news.bbc.co.uk/1/hi/england/5110244.stm which shut down power did not affect the servers. Suspicious, that.
Ryan 15:48, 23 June 2006 (UTC)
Status of HavenCo
I have tried numerious times to get a server at HavenCo. No one has ever responded to my (numerious) e-mails asking about it. I have dug around quite a little bit on the net, and have seen some stuff about things about HavenCo having more or less gone under, not hosting on Sealand anymore, etc. What is the status of HavenCo? I'd like to know both for my Wikipedia use and personally. Also, how does someone get ahold of the people over there? They dont check thier e-mail very often.
The link to the DefCon presentation is broken... what should we do?
Also, someone really needs to follow up and find out what happened to HavenCo... if it's dead, that should be mentioned in the article. -- Skyfaller 23:45, 7 October 2006 (UTC)
- Well, it's "original research" so it can't quite be in the article, but I have a server there and it's still running. It did not go down during the fire. The data center wasn't affected (apparently...). Jebba 00:11, 9 January 2007 (UTC)
I don't think the Stephenson connection is all that coincidental- considering he knows a number of the Cypherpunks personally (see Ian Goldberg) and some of the principals were in the same social groups! brain 23:57, 29 January 2007 (UTC)
HavenCo rumored to be down
According to http://securityandthe.net/2008/11/18/havenco-data-center-offline/ the main HavenCo website has been down for a while. —Preceding unsigned comment added by Mavink (talk • contribs) 21:38, 21 November 2008 (UTC)
The article begins, "HavenCo Limited is a legal data haven..." This is present tense, but I can find nothing that confirms the continued operation of HavenCo beyond 2008. Should this article not be updated to reflect that . If it were to return it is a fact that Chris Harrington and Ryan Lackey are owed significant funds and have capital available to stop any business. It is also relatively simple if you know how to put Sealand back in the sea. Would you want to invest in that? FergusV9S (talk) 04:28, 1 July 2009 (UTC)