Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Answers From Sealand: CTO Ryan Lackey Responds

timothy posted about 14 years ago | from the drysuits-required dept.

News 151

A few weeks ago, you asked questions of Ryan Lackey, CTO for HavenCo, a company dedicated to providing secure off-shore data hosting from Sealand, a principality off the coast of England. Ryan has lately survived dental emergencies, the loss of a laptop (it dropped into the North Sea -- how many people can say that?) and other stresses, but he's followed through with some interesting answers. He even has some ideas for how you can make a lot of money, and lists the tools you need to start your own data haven. Kudos to Ryan for taking the time to answer so thoroughly.

Why do you need physical security at all?
by Jamie Zawinski (jwz@jwz.org)
/

Lots of people are asking questions about physical security, and how you're going to repel missiles and commandos, but I've got the opposite question: why do you need physical security and a physical location at all? Would not the best way to protect your customers' data be to wrap it in hard crypto and distribute it far and wide across the whole of the net, ensuring that there is not a single point of failure or a single physical installation that can be isolated?

As we've seen again and again recently, the best protection against censorship and other legal attacks is massive redundancy and decentralization.

Ryan Lackey: This actually brings up several issues, which I will address in turn.

  1. Physical location vs. distributed presence

    You seem to be suggesting a distributed data store, a la Eternity, by Ross Anderson. Basically, a federation of servers on the net, possibly hidden servers interfaced to the outside world through remailers (such as Blacknet) or ZKS Freedom. These servers would move data around among themselves, opaque to the outside world, and users would be able to store their data, manually or automatically, on as many servers as possible. There would presumably be some kind of payment system so users could anonymously pay for documents to be stored (as if you run the system for free, it will end up collapsing due to a flood of useless content; if you use a MRU/LRU scheme for your caches, script kiddies will just run scripts to keep their favorite documents in the cache, dropping real content out).

    While this approach is interesting from a theoretical standpoint, there are no production-quality systems ready yet. Additionally, there are fundamental limits to distributed computation -- latency, as you add nodes, or threat of compromise, if you have very few nodes.

    We're going to be incorporating some distributed cache technology which should provide our datacenters with some of the benefits of freenet/eternity type systems. Our system will, however, have a small number of very secure nodes, such as our facilities on Sealand, in which customers can conduct trusted transactions -- the intermediate results are guaranteed confidentiality and integrity in processing.

    The distributed data serving systems are also not practical for any transaction oriented site, especially low-latency transaction oriented sites, at least without a small number of trusted nodes to do the processing. Due to security constraints, this means tamper-resistant hardware, and since this hardware is expensive, it needs to be purchased in limited quantity, and protected from theft/attack, meaning you want to put it in a small number of high security physical environments. Since it becomes a critical link in all of your transactions, you also need high quality bandwidth.

    These distributed hosting systems are certainly interesting, but don't really meet all the neets of our customers. If we borrow 10% of the technology in building a secure distributed cache system, we'll be able to offer 95% of the benefits, as well.

  2. Secret physical location vs. single well-defended point

    If you're going to have a physical location, there's no easy way to distribute to a very large number of physical locations; you have a base cost per site, and your security is incredibly low until you spend a substantial multiple of that. There are definite economies of scale in running larger datacenters.

    Keeping physical locations secret is difficult. Keeping active physical sites, with actual servers connected to the net, secret, while still having decent pingtimes and large pipes, is almost impossible. You would need to go with hidden fiber cables laid through some kind of territory in which you could destroy anyone or anything looking for them, and your physical site would need to have the same density as the surrounding area, as well as no magnetic anomaly, or unusual power consumption, or whatever. Or, you could communicate by non-DFable HF SS radio, but that would severely limit your bitrates. I'd say this is basically hopeless.

  3. How much of our security is HavenCo, vs. Sealand

    A fair bit of the security on Sealand is related to protecting the Principality of Sealand from the kind of takeover which was attempted in 1978, rather than strictly necessary for HavenCo itself. HavenCo's security is primarily due to tamper-resistant hardware and cryptography, not the site security of Sealand.

What will you do WHEN you get shut down?
by joshamania (jgramlich@eatyourspam.hotmail.spam.com)

I haven't seen this question yet, so now I ask. In order to do the proper due dililgence on this matter, I would like to know what you will do when you get shut down? I don't think it likely at all that the UK will not take a serious look at what you are doing and disagree with it. They are not going to allow you to operate within their territorial claim and not be subject to their laws. Period.

Ryan: We are not within the UK's territorial claim. In the event the UK were to illegaly move against us, we would respond as appropriate; lawsuits would be the most likely course of action. It is highly unlikely the UK would intervene with military force, as they are a primarily law-abiding country with a strong tradition of respecting the law, due process, etc.

I've read that you have plans for other locations, but the information was very vague (as is this question ;). What do you plan to do when, either the UK invades, the U.S. invades (highly likely from where I sit, there are entirely too many people in this country that think that my business is their business), or some non-governmental organization invades? Why wouldn't some unscrupulous individual bent on corporate espionage and blackmail just hire some mercenaries and come steal your servers?

We intend to have multiple physical locations, with ideally the same level of physical security we have on Sealand, and as much bandwidth as possible, at the earliest possible opportunity. We have identified a set of sites around the world in various stages of development, and can set up more sites relatively rapidly. Certainly major moves by the UK or others against Sealand would accelerate this process dramatically.

It's almost impossible for anyone to steal a functional server, and I'd say it would be much more difficult than that (almost impossible, but nothing is really impossible) to extract useful data from that server. Certainly a well-funded terrorist could shut us down, at least temporarily, but a well-funded terrorist could cripple almost all Europe to U.S. connectivity by cutting a couple of cables, blowing up 4 cable landing stations, or taking out Telehouse in downtown London. Or doing the same kind of DDoS tricks done during the NANOG meeting earlier in 2000.

If one of our sites is taken down temporarily, we'll have sufficient spare capacity in others to allow customers who have wisely stored backups and hot-spares elsewhere to be online almost instantly. Some users will be particularly smart and purchase operational servers in multiple sites, using distributed technology to keep servers in sync, and may notice no outage at all even if multiple HavenCo sites are rendered nonfunctional.

I love the idea, but this is just ridiculous. Unless you've got unlimited capital coming out of your ears, this is not going to happen. Even if the governments leave the physical location alone, they are bound to shut off your land lines. Satellite bandwidth is beyond prohibitively expensive right now and will remain so for many years. Do you plan to launch your own satellite and man your own ground station in some secret location in order to maintain connenctivity?

There are various legal obstacles to shutting off landlines running through a country.

You have apparently not priced satellite bandwidth recently, or have a high-bandwidth, low-value application in mind when you say "beyond prohibitively expensive." For many applications, satellite bandwidth is cheap enough to not matter; for a high-value financial transaction conducted in under 10 KB, it is insignificant how much it costs to move a megabyte of data? Even for relatively bulk data (not illegal mp3 archives, or pr0n, or warez, but original-content Web sites, etc.), satellite bandwidth is affordable today. Additionally, we will have distributed cache technology to avoid sending the same static data over satellite links. And we will obviously try hard to maintain landline connectivity.

Even that wouldn't be enough. Governments would find that and shut it down too...

HavenCo's justification
by The Dodger (dodger@2600.com)

What exactly is HavenCo offering? On the one hand, you refer to yourselves as "the world's most secure managed colocation facility" (setting aside for the moment the fact that HavenCo is not a co-location facility) and on the other, your Web site makes vague references to the fact that Sealand is a sovereign territory.

Ryan: We offer the ability for anyone in the world to come to us, pay for service, and have a host suitable for running ultra-high security e-business, ready in near-realtime, with the highest levels of reliability and performance, in a variety of jurisdictions/locations/replicated sites. We're picking locations based on proximity to users, proximity to major pieces of net infrastructure, and unique advantages of the location (regulatory, image, security, cost, etc.) We provide these hosts with support systems designed for how secure e-businesses need to operate; 24x7, anywhere in the world, and with the highest levels of security and professionalism.

Five years ago, when I first heard of Sealand and its alleged sovereignty, I looked into it as a potential site for a hosting facility. However, I concluded that Sealand's claim to sovereignty wasn't anywhere near strong enough to ensure that it could avoid being subjected to British law (in particular financial law). Given the fact that it exists, in my opinion, because its owners are viewed as relatively harmless eccentrics by the British authorities, and that it is not recognised as a bona fide principality by any other nation (notwithstanding the visit by a German diplomat), I concluded that if a hosting facility were to be established on Sealand from which, subsequently, actions were carried out or services provided, which sufficiently antagonised a bona fide government, steps would be taken to ensure that such actions or services ceased.

In short, whilst the idea of Sealand existing as the world's smallest independent nation is a good read in the newspapers, and makes for terrific brochure blurb for a company like HavenCo, I don't believe it to be a truly tenable position.

We feel the Sealand location is viable as a secure colocation facility regardless of the actions of the British government. In its current sovereign state, it is highly useful, but even if it were at some point in the future considered fully part of the UK, it would continue to be an ultra-high security colocation facility with very high speed links to the core of Europe's Internet (London and Amsterdam).

The strength of Sealand's claims to sovereignty has been repeatedly confirmed by academics and those in the legal profession; the only ones who downplay it are those who feel they have something to lose by Sealand's sovereignty.

Additionally, HavenCo has no intention at all of engaging in any business which would "sufficient[ly] antagonize a bona fide government" (including Sealand). Our AUP prohibits infrastructure-threatening content (spam, network terrorism), and Sealand's laws prohibit child pornography. HavenCo itself serves no objectionable data, and engages in no business which would be illegal in any major country of the world; we simply sell server colocation to users.

Security was something else I looked at. I looked at four methods of connectivity - fibre, microwave, satellite and packet radio. Any means of connectivity (except, perhaps, for packet radio), exposes a "Seahouse" to the prospect of its connectivity being shut off at the mainland (whether it be in the UK or the Continent). From a pure security point of view, fibre is obviously the best option. Microwave, satellite and radio can be snooped both from Earth and space. Satellite and radio links have their own problems with regard to latency.

I do not understand why you care about snooping on public IP links; this is data, encrypted and unencrypted, which is entering or leaving the facility via the public Internet, and could be just as easily monitoring anywhere else. There is no problem for us in broadcasting this information. If you want your data in transit on the Internet to be private, everyone knows to encrypt it.

Satellite does not need to terminate in UK/Europe to reach Sealand.

There are specific laws in many countries regarding cutting communications to third-countries or isolated communities, so we are not as worried about cutting service on microwave/fiber links as you are.

The provision of traditional utilities to a "Seahouse" present further problems - unless a cable could be install ed to bring power from the mainland (which, again, leaves the facility open to being shut down by mainland authorities), such a facility must generate its own power. I dismissed wind and wave as too unreliable, leaving diesel-based generation. This would be expensive and the possiblity of being unable to resupply because bad weather arises (note that, at one point, Sealand was abandoned because of bad weather). Any interruption to power would result in disruption of environment control (AC, fire suppression systems).

We run entirely on locally-generated power, currently with reciprocating Diesel engines, and substantial onsite fuel storage. We are confident in our ability to ride out any storm, as far as fuel resupply. Generating power from Diesels is a well-tried technology on offshore platforms.

I've never actually heard the "Sealand abandoned due to bad weather" story, and the Royal Family of Sealand, who are involved in management, deny that such an event ever occured. (I think another tower or radio ship from the pirate radio days may have been abandoned due to weather, but not Sealand.)

The actual environment itself was also a concern - I'm not sure how suitable a sea-tower is, as a facility for hosting sensitive computer equipment.

We have suitable environmental control systems to provide a superior environment for hosting machines, with high levels of redundancy in our engineering plant.

Finally the security of Sealand itelf was a concern. I conducted an analysis aimed at examining what sort of operation would be required to attack, conquer or destroy Sealand. With the help of an individual with experience of this type of military operation, I determined that carrying out a professional operation designed to invade and seize temporary control of the tower, would cost somewhere in the region of 200,000 (around $320,000). This would involve sourcing weapons and experienced personnel, as well as arranging for a suitable method of accessing the target.

Security is not my job, but two points to consider:

  1. Security has been upgraded, and continues to be upgraded. Presumably your estimate was based on the condition 5 years ago. Certainly at one point (1978), a semi-trusted group were able to conquer the fortress for less than $320,000 in today's money. I would definitely put my money on the defense if the same situation came up today.

  2. HavenCo's security does not depend crucially on the security of Sealand. We have tamper-resistance and cryptographic technology so as long as Sealand security serves its purpose as a "speedbump" to a major attacker, it will allow machines to be placed into a secure state prior to loss of control. Even in the event of a rapid attack, or compromised insider, customer data inside tamper-resistant processing devices would not be vulnerable at any point.
(Note that the people guarding U.S. nuclear weapons depots are armed with M-16s and radios, not even frag grenades. U.S. nuclear weapons have equivalent tamper-resistant technology to what we deploy in our servers. Security only needs to defend against vandalism and make sure that any theft is detected; there is no attempt made to prevent an assault by a capital ship or sufficient well-armed company of soldiers from taking control of the weapons, assuming they can get to the facility without being detected.)

Conquering the tower would be a different matter, requiring a long-term commitment to both the security and logistics of the tower. Destroying it by UDT methods would not be easy or cheap, although severaly disrupting its habitability by something like mortar attack would be a lot cheaper.

Placing a warship with mortar in the waters near the UK's major container port would be ... highly unpopular.

Placing mortars ashore for long enough to close on target would also inspire a very unfavorable response from the UK military. Any mortar which could hit Sealand from shore could also threaten hundreds of thousands of British citizens. British gun laws, being what they are, and the British experience with mortar attacks on Heathrow being what it is, I would not want to try it.

We don't promise customers protection from denial of service, of a physical or electronic kind, but we do try our hardest to prevent/stop DoS attempts.

In the end, I decided that Sealand sovereignty/legal position, security and suitability as a hosting location were not up to scratch.

I find it interesting that HavenCo have found otherwise. I note with interest that the HavenCo Web site indicates that they intend to open hosting facilities in other countries, and I find myself wondering whether the SeaLand thing is merely a publicity stunt/gimmick, purely for the purpose of impressing the press, potential clients and investors.

I am unclear on exactly why your analysis was so different than ours; we have a well-developed security model for global secure colocation, and Sealand fits into the model perfectly (admittedly, we're unlikely to need to buy drysuits for any of our future datacenters, but that's a minor issue). We are using only a very small number of novel or cutting edge technologies, and relying on standard best industry practice for most of our operations. I think we have addressed any of the engineering concerns you have; I don't understand why you feel the power situation is so complex, or the network situation so dire.

It may be that we have different target markets; we're providing a very specific product, global high-security colocation, rather than general-purpose server hosting for the average user.

As for your security concerns, I think our security model simplifies this dramatically, and our security team are responsible for dealing with the kind of threats you mention. I have complete faith in their ability to provide us with defense against all viable threats.

The jurisdictional issue is of course an open one, but we have substantially hedged our bets by ensuring Sealand is a viable colocation location regardless of any future change of sovereignty status.

Finally, addressing that issue of the definition of co-location. A co-location facility allows companies (typically telcos, ISPs) to locate equipment within the same building, to enable interconnect/exchange of IP traffic. HavenCo says that it will not allow clients to place it's own equipment in the facility. If this is the case, then HavenCo's Sealand facility will be a hosting facility, where clients are constrained to choosing equipment which HavenCo can supply/support.

As for whether or not we provide true colocation, it depends (as for spelling, I prefer the shorter/European spelling "colocation"; some within HavenCo like "co-location", others like "collocation"). We will allow arbitrary equipment to be housed within our facility if we can be assured it will not interact poorly with other equipment, just like if you want to put your equipment in a cage at a local AT&T office. This means we need to know HVAC/power specs, inspect it to make sure it's not a bomb or monitoring device, etc. The easiest way for us to do this is say "we will not accept end-users, but will instead order to customer spec from known/reputable vendors". If you want a Juniper M160, we'll get one from Juniper for you and install it, giving you the ssh keys. If you want a Sun Ultra Enterprise 6500, same thing. If one wishes to have media shipped separately, we can x-ray/chemical sniff just the media, and pop in your drives into hardware which has been shipped separately, so you don't need to rely on us to do initial system setup and handoff. Or, you can ftp us a disk image, and we'll just write it to a standard drive and install it in the machine for you when it arrives.

We can do arbitrary cross-connects (fiber only), and can connect to telco circuits as required, in arbitrary locations. Many other true colo facilities require that all cross connects be done by facility staff (I don't actually know of any which allow customer-run crossconnects between cages). We also offer the standard complement of "remote hands" through full sysadmin service.

The one area where we prefer that our customers use standard hardware which we supply is x86 1U PCs. We'd prefer if all of our customers used our standard config 1U machine, which is sold at a very good price, as it simplifies our engineering, sparing, and logistics. We can get your server up in seconds, once our online ordering systems are up, by maintaining inventory. If we allowed people to colo arbitrary crappy $200 PCs, we'd face an endless cycle of dealing with broken power supplies, fans breaking and taking out the whole machine, etc., and I'd be happy to charge people 10x more than for our 1U servers to colo their own no-name 1U box. We can provide a free "if it breaks while it's with us, we'll fix/replace it" warranty on our standard 1U boxes, too, since we've got the spares onsite, and know they are top-notch hardware which should very rarely fail.

We'll even provide people with access to their own hardware. Compared to places which allow customers onsite, we've got very high latency for this; we need to ship the machine to either your own address, or to a neutral facility ashore, and you can screw with your machine, and then ship it back to us (at which point we'll go through the same security process to make sure nothing bad has been added to the machine).

I can't think of any service offered by other colos which we do not offer:

  • Colo arbitrary equipment, provided it meets facility requirements
  • User access to hardware, outside the secure hosting area
  • Remote hands/config service
  • Arbitrary crossconnects or telco connects.

possible questions for HavenCo
by leto (leto@earthmud.org)

1 ...The Web site displays a copyright logo. Did Sealand sign the Berne Convention, and thus does it respect copyright?

Ryan: We weren't supposed to have the copyright logo on our site; it has since been removed (the Web site was kind of rushed).

2... Explain who is the real owner, because outsiders are confused with havenco, principality-sealand.net and sealandgov.com

HavenCo, Ltd. is a company doing global secure colocation. Our first (and presently only) site is in the Principality of Sealand. We hope to expand rapidly to other locations; secure colo in five jurisdictions is worth far more than five times as much as secure colo in one jursidiction.

Principality-Sealand.net is run by criminals from Germany who formerly staged an invasion of Sealand, and were repelled through force of arms. More info about this incident is on sealandgov.com

Sealandgov.com is the official Web site of the Government of the Principality of Sealand. HavenCo is providing technical assistance. (fruitsofthesea.demon.co.uk/sealand is the former official Web site of the Government)

3...Will I be allowed to store encrypted files there that HavenCo can't possible read, condone nor condemn?

We encourage customers to encrypt data so malicious attackers on the Internet cannot hack into your machine and read your data. We provide tools by default to do this on the machines; there are some tradeoffs between security and performance and security and convenience, and the user gets to turn the dial.

We encourage customers to use SSL or other transport-security when dealing with their end-users to keep end-user data safe from attackers who would snoop on the traffic, or malicious parties who would try to spoof/modify data in transit.

4 ... Why does Havenco insist on policies that allow them to remove content based on their discretion? How many judges does Sealand have to deal with this, or will Joe random Sysadmin play judge?

It is mainly in the case of serious threat to HavenCo/Sealand. We want to always keep our promises to customers; the only promise we can reasonably make and always keep, as far as security, is that no one will be able to affect the confidentiality or integrity of your server. We have to reserve the right to shut off a given customer and anonymously refund payment, as if we didn't, and someone presented a serious threat to us (even if only just to see how we would react), we would be forced to either break a contract with a customer, or shut down all of our operations. We want to have a way to respond to such circumstances (and if you get your money refunded, it's just a minor inconvenience...truly controversial data should be backed up and replicated, and you can be back online relatively quickly after such an incident. And you can be sure we'll work to make sure we never have to exercise this ability to pull a given customer.)

5...How will havenco prevent their backbone ISP or that ISP's country from interfering with Sealand/Havenco?

Our number one way of preventing people from cutting our links is by making sure we provide a net benefit to the world; we provide a place for secure e-commerce, privacy-protected internet services (do you really want people to be able to subpoena online psychiatric records in civil cases?), and uncensorable free speech (information about repressive regimes, corporate malfeasance, corrupt politicians, racial/ethnic/etc. discrimination), etc.

Even if a company or country is against a given piece of data one of our customer hosts, the company or country will benefit more by our continued availability than they would gain by censoring the data.

Additionally, we will have redundancy across network providers and countries so that even if one of them incorrectly decides to cut off service, we will not be substantially affected. We have lots of technical means for dealing with this kind of problem.

Additionally, various contracts and laws exist so countries and companies can't arbitrarily terminate backbone services; it's possible they would then become 'editors', rather than common carriers, and many countries have laws guaranteeing communications transit for third-countries.

Is this site permitted?
by broody (clue@localhost)

After reading your TOS I have become rather curious in regards to the following clause:

"Unacceptable publications include, but are not limited to:

1.Material that is ruled unlawful in the jurisdiction of the originating server (Such as child pornography, in the case of our flagship Sealand datacenter)"

In the case of the Sealand datacenter, what are some of the limitations?

Ryan: Aside from the HavenCo AUP (no spam, no network attacks), the only laws regarding content hosting in Sealand are those against child pornography.

Please note that in the following examples I am not equating one example with any other or implying that any of the following should be censored; rather they are examples of what I would consider sticky wickets when running a "data haven" and wonder how such things will be handled.

Imagine the following:

  • I am a rabid anti-choice activist in the United States. I wish to post a site with a hit list of doctors performing abortions in the United States. After each "accident" I wish to mark them with a big red X. I publish detailed information on how to find each of these doctors. Is this site permitted?

    This material being hosted on Sealand is legal. I am not a lawyer, but it is possible posting the site may be illegal if you live in the U.S. U.S. authorities will certainly investigate, and civil lawsuits may be filed if the site is linked to an identifiable U.S. person or organization.

    We won't pull the site on Sealand, even if it is illegal to post in the U.S., but it is entirely possible the poster, if living in the U.S. and proven within the U.S. by U.S. authorities to be linked to the site, may suffer legal penalties until the site is pulled. (We will pull the site if the customer himself requests we pull the site, of course.)

    (This is a case of data where even if you oppose it, censoring it leads you down the slippery slope to authoritarianism. We believe free speech will primary serve as a tool for constructive public debate, commerce, and greater understanding between adversarial groups.

    If someone set up a site such as the one above, more free speech, rather than less, would probably render it impotent -- those opposed to it could express their concern, and the groups who directly benefit from the site would probably lose more in public support/legislative power than they would gain from trying to create a culture of fear. And the same privacy/security technologies could be applied the other way -- keep the identities of doctors performing abortions in the United States confidential. Privacy can be a powerful tool for accountability as well as secrecy)

  • I am a hacker who wants to play DVDs on my Linux box and I want to use free software. I want to place source code on my Web site. The United States says this violates some stupid law and some annoying people object. Is this site permitted?

    DeCSS does not violate Sealand laws in any way. DeCSS can be posted freely on Sealand. Again, caveat emptor if you are a known person in the U.S. who can be provably linked to posting it outside the U.S.

  • I am a devoted Iron Chef fan and Fuji TV has just sent me a cease and desist order. I wish to move my materials to Sealand. Is this site permitted?

    It is permitted on Sealand. It may be legally risky to move data to another jurisdiction if you've already received a cease and desist order yourself, but that risk is confined to your own jurisdiction, not Sealand.

  • I am a regular guy in the UK creating a Web site about my daily life. Some people don't like the way I talk about them and my site is pulled. Is this site permitted?

    I do not see how this could possibly be against our AUP on Sealand, so it would be acceptable. Your own risk in your own jurisdiction is up to you.

  • Will you allow sites advocating the overthrow of rival goverments, challenged uses of intellectual property, bomb making instructions, and other information that will get other nation-states panties in a twist?

    If you don't violate our AUP, we don't care. We don't have time/staff to monitor what you're doing, anyway. Buy a box, keep up to date on the bills, and we will keep it up on our net; any hassles you have in your own jurisdiction are your own problem, but you don't need to fear us doing anything to you or your box, except in the extreme circumstance in which our continued survival is threatened, in which case we may decide from a pragmatic basis to discontinue service and anonymously refund the balance in your account.

International Affairs (Score:5, Interesting)
by panda

According to the Sealand Government web site, Havenco "will now take over operations of the government of Sealand." As I understand the other text on the same page, it is generally believed that the government of the UK would not interfere in any acts of piracy, terrorism, or assault on your "territory."

Since you are now within the limits of the territorial waters claimed by the UK, you probably won't have to worry about a full-out assault from a sovereign nation, but another attack like that of 1978 could happen again. Of course, there is nothing but a few court rulings to protect you from Her Majesty's Armed Forces.

Ryan: Two minor points:

  1. We're not within UK territorial waters, due to the fact that Sealand was occupied and declared sovereignty prior to the action by the UK to extend territorial waters. Sealand's territory and territorial waters are not diminished by actions taken by the UK after Sealand's sovereignty was declared. If the UK decides to declare 200km territorial waters next year, it will not affect the sovereignty or territorial waters of France, Belgium, Sealand, Ireland, etc.

  2. The UK would have been very reluctant to allow a fully fitted out warship from some remote power to even pass through the Channel, let alone get within 7nm of her major container port, even if it only had 3nm territorial waters, if the UK believed that warship was coming to attack near the UK. Missiles have sufficiently long range, and ease of targeting, that anything which threatens Sealand also threatens Felixstowe, and even London, so a threat warship appearing near Sealand would probably be responded to by the Royal Navy regardless.

We're in a better position to defend against a 1978-style incident than Sealand was in 1978; I'd rather not go into specific security measures (especially since I'm not responsible for designing/implementing them, except for the parts related to the servers themselves), but if you remove the threat of great power military involvement, it would be very difficult to successfully take Sealand without destroying it entirely in the process. Since our security promise to customers is that their data will not be revealed to anyone, nor will their machine process data incorrectly due to influence by anyone, and this promise does not include more than best-efforts prevention of Denial of Service, an attack which destroys Sealand does not violate our security promise to customers. It would still suck, a lot, and we try hard to prevent it, but ultimately, protecting against denial of service 100% is impossible; all we can do is try very hard, and make it as hard as possible for an attacker to deny service.

In addition [to] "a few court rulings", we have international law on our side. Several legal authorities have confirmed over the years that Sealand meets all the requirements for a sovereign state. There's also the complete PR catastrophe that would befall a major country which invaded the world's smallest country over a free-speech issue; I can't imagine any elected government taking that risk.

Given the precarious nature of the "sovereignty" of Sealand, will you be seeking international recognition and treaties to guarantee your physical security from such attacks? Will you be joining any of the international protocols for cooperation in law enforcement or other areas? I would think that joining these would go a long way to cementing your viability.

I'm not responsible for the actions of the Government of the Principality of Sealand, but from what they've done in the past, and what I've heard discussed, they have every intention of being a responsible international citizen. Sealand is likely to seek recognition or enter into treaties whenever it is in the best interest of Sealand. Particularly relevant to Sealand are international telecommunications treaties and organizations.

Compared to the average state, however, Sealand has very limited resources, both in personnel and money, so I wouldn't expect Sealand to open embassies with every country in the world, sponsor major international aid organizations, or spend huge amounts of money on nationalistic extravagance.

user-side threats
by laborit (laborit@uts.cc.utexas.edu)

Let's say that you do manage to completely secure your clients' hardware and data. Do you think you can also completely obscure the fact that said client is doing business with HavenCo?

If so, may we have more details on how?

Ryan: Yes, this is a major issue. We believe we can do this.

There are several issues:

  1. Anonymize initial contact and decision to buy
    This is simple; browse our Web site from a Web cafe, or use ZKS Freedom, or just hide in the crowd (we get a lot of hits, and if every one of those hits was a server sale, I would already have my toy (C-17 fitted out as a corporate jet/cargo carrier)).

  2. Anonymize initial setup communications
    We can accept a service order through an anonymous remailer system, or through ZKS Freedom to an SSL Web site. This service order should include cryptographic authentication information so we can authenticate you in the future. We'll have this ready for review in advance of commercial sales. It will also be broadcast, so if you trust us, you can just pick up a signed copy from a newsgroup or mailing list, rather than going to our Web site and downloading.

  3. Anonymize initial and continuing payment
    This is perhaps the trickiest part. We can be rather flexible on this. There are some effectively-pseudonymous payment systems out there, and there is always cash. We can certainly come up with a solution in almost any case; it just adds complication. This situation will, I'm sure, improve in the future, as it's only a matter of time before someone develops and deploys truly payer/payee anonymous electronic cash, now that there is a large and credible potential market.

  4. Anonymize future administrative interactions
    Again, ZKS Freedom browsed SSL pages, or remailers. You'll need to authenticate yourself to us, be it by client cert, PGP signature, magic token, one time password list, or something else.

  5. Anonymize systems administration connections
    ssh through ZKS Freedom is what I would personally use, but you can probably do something tricky with a shell interfaced to email and pgp, run through remailers (high latency, though), or Web-based administration, or something novel. If your server accepts lots of SSL connections from users, you could masquerade as a regular user, and then tunnel ssh/telnet through SSL.

  6. Anonymize end-user connections to the server
    This is not strictly necessary in all applications. End-users can always use something like Freedom, or crowds, or anonymizer.com. Maybe your server interacts with users through email/remailer nets, like Tim May's Blacknet.

If not, do you think that certain governments will make it a crime to simply do business with Sealand? I understand your explanation that you're not undermining the authority of other governments -- but you are undermining their power to legislate away certain activities to which they object, and I imagine they won't like that. In a world which places little value on a citizen's soveriegnty against hir government, there would be few reprucussions to (say) the U.S. making it illegal to purchase your services, but it would put a big dent in your ability to do business.

I think it is highly unlikely this will happen, but we've certainly considered it, and want to make sure we have a credible plan in case it does happen; by having such a plan, we can remove any value in making doing business with Sealand illegal, after all, so maybe it won't happen.

I think any country which starts restricting what countries its citizens can do business with is headed down a slippery slope. The U.S. certainly does this already, with the "seven evil countries", but we're not going to be supporting state-sponsored terrorism, or expropriating property from influential Florida voters, so I think we're sufficiently benign to not be at much risk. Certainly there are countries in the world where conducting commercial transactions with a non-local business, in dollars, is illegal for the average citizen; those are some of the countries to which HavenCo's service can bring the greatest benefits.

Do you need any help?
by BoLean (TLowing.nospam@hotmail.com)

Is there any way that we Internet users or the Open Source Community could help with Heavenco? Are there any specific software/software security need that you have? Have you considered working with individuals/groups from other countries to help politically support your operations from their native soil?

Ryan: Yes.

I'm working on preparing a list, but there are several areas where we could use help.

In general, I'd prefer to work with the existing authors of existing packages to incorporate new features into the mainline. We don't have a huge number of programmers, and our requirements are not terribly unique; mainly we can assist with some requirements definition and design, and would want the teams to handle deciding if it's worthwhile, design integration into their future plans, implementation, and support/maintenance.

(examples:)

  • We're working with the OpenSSL people to get better support for OpenSSL using some more obscure crypto adapters. We'll probably do the same with GnuPG for OpenPGP.

  • I'd like a security-audited subset release of Debian GNU/Linux, with some additional cryptographic signing of packages by auditors. I'd also like to get Debian support for some more esoteric hardware platforms we might use (without revealing too much info :). My personal favorite platforms are Debian and FreeBSD; there are lots of nice automated systems management/upgrade tools one can do with ports and debs.

  • I'd like a Web-based application, using applets or tamper-resistant hardware, which can send/receive OpenPGP-compliant messages.

  • Various enhancements to NOC management, network monitoring, etc. open source tools (rrd, nocol, etc.).

  • A decent SMS-to-email (and reverse) gateway for the Orange cellphone network in the UK :)

  • Various enhancements to networking tools, practices, etc. for increased DDoS resistance.

  • Some cache and SSL enhancements, probably to be presented at IETF.

  • Secure time that doesn't suck (there's a wg, but I want tools).

  • People developing for tamper-resistance, using a common-across-all-tamper-resistant-devices API, such as JavaCard. I'll speak about this at Defcon this summer.

  • Good open-source SQL databases; I like PostgreSQL, others like MySQL, and having good open-source SQL db alternatives is always good.

  • A Web-based time management/scheduler/etc. I've looked at Xen, for Zope, and it looks promising. I don't want to use MS Project. UNIX clients would be great too.

  • Web-based general ledger/accounting tools; again, I don't want to be stuck using Quickbooks/MS Excel. UNIX/Gnome clients would be great too.

Why and what?
by Julian Morrison (julian.morrison@virgin.net)

What motivates you to set up a data haven? Are you motivated primarily by libertarian principle, or do you intend it mostly as a way to make money from Sealand's sovereign status? Or both?

Ryan: Initially, we were motivated primarily by libertarian principle, but that includes a desire to make money. The business would not be possible, nor would we pursue it, if it did not hold the promise of being wildly profitable if successful.

Will you allow data that does any of the following:

  • - evades taxes or excise?

    Sealand has no taxes nor customs duties, so it would be impossible to evade Sealand taxes or excise. It would be even harder to do so with an Internet server. :) We have no responsibility to assist in enforcing tax or customs regulations of arbitrary other countries, within Sealand.

  • - breaks local morality and legislated morality (including where oppressive eg: Iran)?

    Again, Sealand has no local morality or legislated morality, at least as applies to Internet servers on Sealand. No content would be rejected due to this, in the Sealand datacenter. We regulate based on location of the server. If a country, such as Iran, decides content hosted in Sealand is inappropriate for Iranians, they can make it illegal within Iran, and then Iranians accessing HavenCo colo'd servers in Sealand would be violating Iranian law in Iran, and potentially subject to Iranian prosecution. Not Our Problem.

  • - belongs to political dissidents?

    As far as I know, Sealand has no political dissidents; it's too small. No content would be rejected due to belonging to political dissidents in other countries (and I'm sure Sealand would happily allow content belonging to dissident Sealanders to be hosted in Sealand as well).

    We have no real way of knowing if a user setting up a server is a political dissident in another country, anyway. It's not one of the questions on our account creation form :)

  • - belongs to terrorists, organised-crime, etc.?

    We certainly don't support terrorism or organized crime, but anyone can set up a server. We do not screen customers as they set up servers, nor do we conduct four week background checks prior to beginning service. Think "cash and carry."

  • - is uploaded and maintained completely anonymously?

    We encourage users to upload/maintain content/servers as anonymously as possible, for security reasons -- if people don't know who the admins of a server are, they won't try rubber-hose tactics, or will they try to steal your laptop, install BO2k on your machine, etc.

  • - is maintained with absolutely no access granted to anyone trying to prosecute on grounds of its content?

    Users are welcome to keep information private and restricted to any group they choose. In general, we think most users will be publishing data to be visible to as many users (at least paying users) as possible.

Do you percieve what you're doing as moral? If so why?

Yes. We provide a valuable service to customers, promising a certain level of quality, security, and privacy, and work very hard to keep those promises. We do not mislead or coerce anyone into being our customers, and do not engage in anticompetitive or illegal practices against anyone.

DoS
by dingbat_hp (dingbat@codesmiths.com)

Sealand will inevitably have thin comms links and so will be more exposed than most to a DoS attack. Recent cases have involved ISPs pulling user sites simply for being attacked in this way - they accept the target site is blameless, but pulled it "for the good of the majority of users" and the restoration of their own comms.

Ryan: Our network architecture is actually going to be relatively advanced. Basically, private peering in insane quantities at nexuses of Internet traffic around the world, quality cache/filtering at those sites, and then encrypted tunnels over private links back to our datacenters. In the short term, these pipes back to the datacenters will be a bit undersized (10-200mbps), but we're planning to have gigabits of connectivity all the way to our datacenters in the medium term.

Resistance to DoS and DDoS is sort of the age-old battle of arms vs. armor; the newest arms will always win, but slightly older arms will lose against the newest armor.

We're in a better position than most w.r.t. DDoS; because we're on the side of individual liberty and privacy, it's unlikely any actual hackers/packet warriors/etc. would *want* to attack our network; if they did, they'd be suppressing free speech, exactly the thing many of them say they're for. And of course the people developing all the cutting edge stuff are the internet community, not governments and corporations; if we can resist several-month-old tools, we'll probably be able to resist most government or corporate sponsored DoS attempts.

DoS attempts are against terms of service, and the law, in most jurisdictions and networks. We'll work with companies and authorities in other countries to eliminate any sources of DoS against our networks, and will work with other service providers to eliminate the pathetic configurations which are used to effect most DoS attempts. If you look at how rabidly people go after spammers, multiply that by 100 and that's how hard people go after DoS.

How would Havenco respond to such an attack ? Taking the moral highground, or the pragmatic approach of letting individual users be picked off?

I don't think we'd shut off a customer simply for being the target of a DoS attempt, provided the customer was not violating our AUP. We may as needed take pragmatic steps to ensure maximal connectivity and fulfillment of our SLAs for the maximum number of customers, such as partitioning our network during heavy DoS attempts, etc.

Disconnected Living in a Connected Business
by Amoeba Protozoa (amoebapr@remotepoint.com)

Setting up a company on a remote island, even one that doesn't require a lot of on-site workers, was undoubtably difficult.

Ryan: Yes. We actually delayed a lot of the onsite work, which we could have started as early as November, until March/April, due to inclement winter North Sea weather and negotiations with the Royal Family.

What were the major challenges of setting up on the island? How many people, and what sort of equipment did it take? Is there more left to do?

The single biggest challenge in setting this up has been scheduling; certain items have really long lead times, and there are long critical paths. For instance, you need power to operate tools/computers/etc. during buildout, but installing a major power system requires quite a bit of engineering already be completed onsite. We were lucky that a lot of facilities were already in place, including a small generator, housing, kitchen, and a winch.

We have learned a LOT about how to do this in the future; we should be able to create a new datacenter on a green-field site in a matter of a few weeks! Hint: use technologies and procedures with more in common with military logistics than traditional datacenter buildout. (anyone with a nice site in a country with favorable laws and/or government partnership? Email me, ryan@havenco.com!)

We had to do a bunch of interim steps in order to install larger equipment; for a while, I was using a laptop and portable phone for IP connectivity, then geosync satellite transponder, and finally a combination of multiple technologies.

Our power system is still under construction; we've got small UPSes and generator power, but the production system, with a set of large UPSes, 3-phase PDUs, etc., is still in progress.

We've used a variety of transportation technologies; various helicopters, boats and ships, containerized transport, etc. (I must say I prefer the helicopter to the boats, even if it's less exciting)

I'd say that in total, there have been up to 40 people involved so far, within HavenCo, the Sealand Government, and key vendors.

Some of the most useful tools are exactly the same ones you'd use in setting up any kind of techie venture anywhere in the world:

  • relocatable power taps (i.e. power strips)
  • Gerber Multitools/leatherman, pocket knives
  • De Walt power drill/screwdrivers
  • Duct tape
  • Cat 5 UTP for temporary 100baseTX runs
  • Free OSes, on CD and off the net
  • Quality generic PC clone hardware
  • netcat
  • Linux, *BSD
  • VMware (yes!)
  • ssh (quite possibly the single most useful piece of network software ever invented)
  • thttpd (otherwise, we'd have a hard time standing up to slashdot effect, combined with media effect, on random webservers)
  • laptops running UNIX, to make temporary servers, do NAT, etc.
  • email-to-fax, fax-to-email services
  • cellphones (yes, we can get cell coverage on Sealand, at least on deck; this has saved us quite a bit of hassle)
and some which are specific to our site:

  • drysuits (like in my photo in Wired...if you don't wear one, and you're going along at 30 kts in a small boat, you will freeze)
  • Rigid Inflatable Boat (the 22' thing in a lot of the pictures)
  • canned goods (although eating some variant on corned beef hash, or rice pudding, gets kind of old after a few days)
  • winches and list motors, angle grinders, oxy-acetylene torches
  • 1 ton plastic pallet tanks, for water, diesel, etc.
  • Our best friend, a 25 gallon/hour reverse-osmosis watermaker, without which one would be unable to shower (a very recent addition to the Sealand family ...)

And now we've got some Pelican 1650 equipment cases for transporting all our equipment, and I'm getting a 26U portable waterproof rack for transporting core routers/etc. (previously, I was using drybags, and somehow my laptop/rio/nikon990/cellphone/palmvx/etc. got dropped during a transfer from the boat at night, after being removed from the drybag :( Thankfully I had backups...and we'll see if "it just stopped working suddenly" is a viable warranty strategy, since it's strictly true. (Donations to the "Ryan Lackey small consumer electronics collection" are always accepted, of course, particularly nice pre-release toys.)

What are some of your day-to-day facilities like (food, shelter, perhaps even recreation)?

We have a small kitchen, and make two meals a day (breakfast is generic cereal and stuff). For housing, people have from 50 to 150 square feet of space each; it's not great, but is totally passable. We have one room dedicated to recreation, the lounge, with a TV and a bunch of books. You can also go out on deck and admire the view. My favorite room for recreation is the NOC, though, since I'd probably spend my spare time hacking on new tools or webpages, reading online books or Web sites, or playing computer games.

We have a professional cook/housekeeper onsite (a recent addition), which greatly improves quality of life -- I have better food when I'm on Sealand than I ever did when I cooked for myself (that it's free is nice too).

(FYI, last night I slept on my desk in the NOC because I was too lazy to walk 300' to my bedroom...it was surprisingly comfortable. Antistatic foam makes a good pillow, too.)

We're planning to improve the food/shelter/recreation situation, but it's sufficiently good now that it's not a priority. People have discussed getting a DVD library, video projectors, satellite TV system, better books, putting computers throughout the recreation spaces so we can play networked video games against each other (and others on the net), a hot tub, nice commercial kitchen, professional chef, etc.

The most impressive thing is that the Sealand Royal Guards (mainly ex-British soldiers who provide security, physical maintenance, and logistics support), many of whom had never used a computer before, have started using the PC we left in the lounge, and now want me to get them laptops. Sadly, it's a win98 box, so the GNOME/KDE people should hurry up and produce a viable alternative so I can give them Linux laptops...) IRC, the Web (ok, mostly porn), etc. seem like the best way to introduce people to the net -- in less than a week, they've become pretty self-sufficient on the Internet.

What is your daily cash burn rate? Are there ways to cut it? I don't know what the daily cash burn rate is; we don't have the kind of absurd burn rate common in Silicon Valley, though, even though we have substantial physical construction involvement.

We could almost certainly cut burn rate if we needed to, but we'd rather focus on increasing revenue, which is potentially infinite, than decreasing costs, which becomes exponentially harder as you get closer to $0, and is finite.

Are you making a profit now? If not, when do you plan to be able to?

This I don't know; I do techie stuff. I don't think the financial people would share this information at this point, either.

Do you have a plan in case of a hostile takeover?

Our stock is closely held, so a stock-based hostile takeover is unlikely.

If you mean a military takeover, yes, we have comprehensive security plans, but this is handled by our onsite security people, and I have little involvement. My personal plan is "don't get shot", and "stay away from where people might potentially be shooting." While people may focus on the extreme possibilities where we get raided by some corporate mercenary team or religious fundamentalists or something, in reality, our security concerns are much more likely to be "someone falls down a ladder and breaks a leg; how to we deal with this" or "minor electrical fire in the kitchen"; that kind of thing is handled quite well.

Where can I send my resume? :)

jobs@havenco.com. Include a description of what kind of job you would *want*, along with a resume. Please please please only use .txt or URLs, not .doc! (guess which resumes I don't even bother reading...)

Interesting concept...I wish you luck!

Web Email (was: Re:Disconnected Living)
by xyzzy

Ooo! The more interesting question to ask is: Can I get (either for free, or since this is a business, for pay) an e-mail address at havenco.com, or some other domain hosted at Sealand?

Ryan: You can definitely not have a havenco.com e-mail address, unless you work for us.

If anyone with a server at HavenCo/Sealand sets up a mail server on Sealand, you are welcome to contract with that person to buy an account. I imagine Web-based and non-Web based outsourced e-mail provided from Sealand will be a major market, for the reasons you mention.

You could set this up yourself, too. $1500/month for the box, you should be able to get a few thousand accounts, and if people paid $10/month each for non-subpoenable e-mail, you'd be profitable quickly. Dedicated machines per major user would also work; if a company wanted to oursource their Intranet/Extranet and e-mail servers, you probably would want to just resell one or more machines per customer.

In reality, the most important data any person or organization has is their e-mail! It can be read, spied on, subpoenaed, etc. I'd pay MONEY for this service.

I agree. You'd definitely want Web-based via SSL or applet security for viewing, or PGP in/out relaying, though; it would be silly to just put the mail server on Sealand and not protect the messages in transit.

Will Sealand be getting a top-level country code? If so, you could also sell domains, but let me say that I think the hottest idea is selling Web-based e-mail accounts.

You're welcome to point .com/.net/.org domains at HavenCo IP addresses. Same goes for country codes.

We'd really like our own country code, but getting one is a really long and involved process, so don't hold your breath. .com is still the most respected commercial domain, so I think it will be a really long time before any serious commercial business relies on non-.com domains.

Dibs on "billg@havenco.com" :-)

Points of Contact to the Internet
by gregor_b_dramkin (gregor_b_dramkin@my-Deja.com)

What will you do when pressure is exerted on your landlubber ISP to shutdown your connection? Move to another ISP? What happens when no one else will give you bandwidth? A renegade server farm doesn't do any good if no router will accept its traffic.

Don't say it can't/won't happen. Unfortunately, it can and probably will.

Ryan: We don't buy transit from ISPs. We only buy transit from tier 1 and 2 network providers, and arrange peering with as many as possible.

We are relying on having a very high quality, very well run network, with a large amount of desired content, as well as a top-notch well-known network administration team, to encourage as many networks as possible to privately peer with us at our major points of presence.

I certainly agree that if no one will carry our traffic, we're in bad shape, but luckily this is the Internet, and most of the people making those decisions are still fundamentally pro-freedom and individual liberty, with a techical background. We're going to be a very good internet citizen, participating in a variety of infrastructure development programs with pro-internet organizations, and peering with us is good for everyone.

Many countries have third-country communications laws which would make it unlawful for the government to exert pressure on ISPs to drop routes for given customers in other countries. Additionally, the value of the Internet will fall dramatically if major governments get involved in censoring traffic at that level; we've already seen examples of countries which try to block all potentially offensive or subversive traffic at their borders; not a lot of net startups moving there, eh?

cancel ×

151 comments

Weakest Link... (2)

slashkitty (21637) | about 14 years ago | (#961882)

In any security system, there is always a weak link. In this case, I would guess that the weakest link is the client's machine. Ryan said that clients could access their account from a cyber cafe. I don't see how they can hope for a secure system with such lapses in security. It is very reasonable to expect that that machine could be bugged and tracking the clients every movement. How could a clients data be secure on HavenCo's servers if the client doesn't have a secure machine?

Re:Anarchy? (1)

timothy (36799) | about 14 years ago | (#961886)

Badger wrote:

"I'm a little unclear as to why it's a good thing to have an unanswerable entity running around this planet. We have governments, and inter-governmental institutions for a reason! Would we condone this place if they housed thieves or killers? What if SeaLand was a refuge for terrorists instead of data? Anarchy is anarchy..."


The problem is that some animals are more equal than others. Do you believe that all governments / govt'al institutions hold their power legitimately?

I don't. There's a whole spectrum of government on earth, from No Pretense of Freedom (N. Korea) to The Occasional Pretense of Freedom (PRC) to Certain Rigidly Defined Freedoms (Singapore) to Freedom to Pay Taxes, Plus Drive Volvos (Sweden) to A Bit More Freedom But Always Shrinking (The U.S.).

There is no country where the government doesn't intrude or want more power -- that's the nature of government, IMO. You can't be angry at a pig for enjoying its slop. Is government a necessary evil? I'm willing to say Yes at least for the moment, but with an emphasis on the "evil." But every step away from the tools to overthrow particular governments is one they'll happily dance right along with.

Remember, a lot of people killed this century (and probably every other since the start of history) were killed through the malice or inattention of their own governments. Offshore datahavens so far are doing better;)

The neutrality of a true data haven (there probably are many such that we've just never heard about) may appeal to Bad People, but I can think of a lot of Nice Guys who might like it for the same reasons. No fair to ban milk because it may be enjoyed by a vicious, terrible murderer, or dental floss because it could be used as a garrotte. Or more to the point, a hammer because it could be used to bludgeon infants as they sleep.

thoughts,

timothy

Re:Anarchy? (1)

kashifq (156996) | about 14 years ago | (#961887)

yes, this *is* a step towards a kind of anarchy. i, for one, think this may not be such a bad thing. let's face it, government (especially democratic government) has more or less failed in many of it's roles. in rich countries, the govt belongs to whoever has the dough. in poor countries (like mine) the govt belongs to whoever has the guns. the masses aren't *really* (IMHO) represented anywhere. if nothing else, heavenco and the like will serve to underline how a lot of people feel about the abuse of authority, and smart govts will start to behave themselves. maybe.

take odds on the CIA being a client? (1)

brokeninside (34168) | about 14 years ago | (#961888)

With HavenCo's preference for anonymous business relationships, I'd be willing to wager that the CIAs, NSAs, Mossads, etc. of the world will be among the first customers....

Re:Hmmm - I reckon we want a server (1)

titus-g (38578) | about 14 years ago | (#961890)

or...

How about slashdot getting some space there, and sticking an SSL gateway to the news/forums so that the Anonymous Coward non login was more than token security?

err although actually there would be no need to have that on a havenco site. ho hum

Anyway /. falls under US Jurisdiction, therefore they can be got for what they post, no matter where they post it.

The main protection is anonyimity (purchase/posting etc.).

Sealand Sovereignty has been tested in court (1)

burris (122191) | about 14 years ago | (#961892)

Also, I'd be interested to see what happens if SeaLand's sovereignty ever is contested in a courtroom, or what will happen if a government does order their communications links cut off.
Read the Sealand website again. A ship from the British tax collection agency (Exise) tried to go to Sealand and was fired upon. Prince Roy was eventually hauled into court on tax and gun charges and the court ruled that England had no jurisdiction in Sealand, giving them de-facto recognition of sovereignty.

Burris

Timothy, send me your laptop... (1)

Richy_T (111409) | about 14 years ago | (#961894)

And I'll drive up and dunk it in the North Sea for you. Then you can say it's happened to you too.

Rich

Hmmm - I reckon we want a server (5)

shockwaverider (78582) | about 14 years ago | (#961895)

OK - How about Slashdot buying some space here.

Stuff we all agree should be freely available [DeCSS etc] gets posted.

At the very least it would give us an answer to "Who whould win in a fight, HavenCo or MPAA"

Easily replicated? (1)

RyanP (8861) | about 14 years ago | (#961896)

I wonder how many other companies will start offering similar services now that HavenCo has taken the first step. There are large amounts of oil rigs floating around, and while not all of them are in international waters, just having the security the isolation provides might be enough. Didn't Disney or some booze company buy an island in the Pacific too? That might be a viable option as well...owning actual land gives you a very solid claim on sovereignty!

Security is laughable (2)

Rand Race (110288) | about 14 years ago | (#961897)

While this whole thing is cool and all, it's really only in existance at the whim of states like Britain and France. Believe me, if Havenco does something to really annoy Britain then one night Havenco will simply disapear. SAS and SBS commandos (GIGN or the 2nd REP if it's France) will do away with what they don't like and nobody will be the wiser. No need to shell it, no need to blockade it, no need to face international court. Unless Sealand has some seriously heavy duty millitary and security equipment they will not stand a chance against a good commando team, and the British SAS are commonly held to be the best in the world.

Letting the kids play (1)

cah1 (5152) | about 14 years ago | (#961898)

All this principality, sovereign nations talk sounds fun, but don't you think that all this is merely being tolerated because it's not actually threatening?

The moment HavenCo does something to actively antagonise the UK or mainland Europe, the connection gets cut. Simple.

Lackey claims they're not worried about this, but frankly it's pie in the sky. HavenCo will be tolerated for as long as they're not actively annoying any governments - their days are numbered unless they're just being a colo with a cool twist. For as long as they're just that, they'll be left alone.

That the UK hasn't stomped on them is all down to whimsy - the comms, the utilities, their provisions, their healthcare, their very existence is all hanging by a thread. They'll not last long in a siege!

me too (offtopic) (1)

brokeninside (34168) | about 14 years ago | (#961901)

Something to carry around and write stories on is precisely why I just bought a used NEC v/50 on ebay. It cost me $215 w/ shipping. 20 MB RAM and 2.1 GB hard disk. Emacs takes freaking forever to load up, but vi (vim actually) is all I really need as I do most of my writing in an xterm anyway.

The only pissers are:

  1. All the X apps (like Netscape Communicator, xevil, etc.) that were never intended to be seen on a 640 x 480 display and don't have scroll bars where they need them if the windows are resized to fit such a small screen).
  2. XFree86 only supports 256 colors on the Western Digital SVGA chipset

The battery lasts about 100 minutes which for me is 2 round trips to work on the bus. The funniest part is all the people staring at me like I'm rich cause I have a laptop.

Re: Child porn (2)

loki7 (11496) | about 14 years ago | (#961903)

I wonder what child porn is, in Sealand?

Here in Canada we have some pretty oppressive child porn laws. Writing a story, or painting pictures depicting sex with people who may be minors is considered child pornography.

What's Sealand's definition?

/peter

Thanks Ryan (1)

Money__ (87045) | about 14 years ago | (#961905)

This fantastic resonse amounts to the begining of a "Data haven howto". woo hoo!
___

Re:Security is laughable (1)

mduell (72367) | about 14 years ago | (#961906)

What was Rainbow Warrior? I've seen a few posts mentioning it, but no details :(

Mark Duell

Waterhouse is cooler! (1)

grammar nazi (197303) | about 14 years ago | (#961908)

All Waterhouse could think about when starting his own data haven was whether or not he could fsck America Shaftoe! Now that's my kind of guy!

Re:Pirate Radio - the link (2)

ch-chuck (9622) | about 14 years ago | (#961909)

is here [simplenet.com] - but then they mention being "3 1/2 miles south of Long Beach, Long Island" - hmmmm.

Re:Server Room Security (1)

mduell (72367) | about 14 years ago | (#961912)

Simple... get a small styrofoam (sp?) cup of LN2 from your neighborhood chemical shop and place it in the bottom of you case.

Mark Duell

Re:Personal privacy? (1)

Ether (4235) | about 14 years ago | (#961914)

What about the society that allows easy and unfettered access to this information? Face it, we live in an information society. Thought experiment: Say the local news says "convicted arsonist felon living near local school". You've never burnt anything more than a pile of charcoal, but someone with your name has- does that change the fact that you now have people outside your door protesting? If you're lucky, you get a retraction at the end of the news and a small settlement. Look at Richard Jewell, who spent three months in hell as the suspect of the Atlanta Olympic bombing-- only to be cleared with a 'oh, he's not the guy. sorry for screwing your life over'. Prefacing bomber with 'accused' doesn't take the impact out of it.

The web puts people at equal footing- if Joe Anonymous posts libel to the web, I can just as easily refute it. His sealand site has as much as a voice as does my ispland site. Contrast this with the power that you have against "Investigative News."

We face a paradox: The ease of the exchange of information is inverse to privacy (Which is nothing more than the control of information about you). I would wager that some of the people that scream the loudest that "Information Must Be Free" also scream that "Privacy is a Right!" Where will you draw the line?

Re:Lawsuit defense - haha (1)

gwalla (130286) | about 14 years ago | (#961915)

IANANL (I Am Not A Naval Lawyer), but I'm pretty sure that ships in international waters are subject to the laws of their port of origin.


---
Zardoz has spoken!

Since they're not WIPO fodder... (4)

Ex Machina (10710) | about 14 years ago | (#961916)

Wouldn't it be nice if HavenCo/Sealand would set up a mirror for DeCSS, ASF2MPEG (did you know that MS has a patent on the ASF format?) and other "illegal"/banned (peh) pieces of free software like this (and perhaps some standard crypto stuff OpenSSH, GnuPG, etc.).

Perhaps they could set up some sort of anonymous remailer (using strong crypto, no large attachments/spam, cobranded with HavenCo to make them some .com $).

I'll forget about technical / bandwith / biz concerns for HavenCo..... wouldn't it be nice...

Re:Waterhouse is cooler! (2)

Ex Machina (10710) | about 14 years ago | (#961917)

Indeed!

Re:Security is laughable (1)

knight_23 (35042) | about 14 years ago | (#961918)

July 10th 1985 - The Rainbow Warrior prepares to lead a peace flotilla of ships from New Zealand to Moruroa to peacefully protest against French nuclear testing. Three days after arrival in Auckland, French agents bomb and sink the Rainbow Warrior in the harbour, killing Greenpeace photographer Fernando Pereira.

http://www.greenpeace.org/~comms/rw/pkhist.html

Personal privacy? (5)

EndlessDespair (207088) | about 14 years ago | (#961919)

The laudable libertarian stance on freedom of information notwithstanding, there's a question I've got for readers: What will you do if you see your credit card number posted on a HavenCo-hosted site? Or some other spicy bit of personal information that you'd really rather fell under privacy laws?

Server Room Security (2)

Anonymous Coward | about 14 years ago | (#961920)

I thought I had read at some point that HavenCo flooded their server rooms with nitrogen so you had to wear a suba tank and mask to work on the boxes. Besides preventing human access to the machines, it was supposed to prevent rust. Did anyone else pick up on this fact? If so, where can I get my nitrogen flooded server room cheaply?

Lawsuit defense - haha (3)

ch-chuck (9622) | about 14 years ago | (#961921)

I know of one group that wanted to run their own unlicensed radio station, bought an old Japanese fishing trawler, outfitted it with transmitters and sailed out into international waters and started broadcasting and very soon the US coast guard shows up, arrests them and hauls the whole shebang away. The charge - broadcasting into US terriroty (of course they don't dare raid radio Moscow for doing the exact same thing). The point? In international waters it's whoever has the biggest guns and navy, if the UK or whoever wanted bad enough to shut it down they will, and need only the flimsiest legal justification for sending in the stormtroopers.

Re:I dunno... (2)

J. Chrysostom (125843) | about 14 years ago | (#961922)

I think the author was well aware that basically anyone who wants to attack their data haven can do so. $320,000 is a drop in the bucket for any international organization.

The CIA could drop Sealand in a second, but they probably wouldn't attempt to do so. If anyone is running a business on Sealand that displeases the US, they'll get the British to solve "their problem." The British will most likely try to negotiate with HavenCo, but if HavenCo fails to respond, the British will have no choice but to waltz in and arrest them all. If the "defense forces of Sealand" open fire, the platform gets trashed beyond repair, and all the personelle go to jail for a very long time.

But lets say that HavenCo & Sealand surrender, and sue the British instead. The lawsuit would take place in a British Court (the ICJ can't take suits from non-state entities like Sealand). The British court would most likely rule in favor of the government, and the pseudo-sovereignty of Sealand is destroyed forever.

This means, as the HavenCo rep is pointing out, that they will try not to piss people off. So long as they avoid making enemies, they'll have a very profitable time.

"The UK is a law-abiding country" (1)

whuppy (33165) | about 14 years ago | (#961923)

It is highly unlikely the UK would intervene with military force, as they are a primarily law-abiding country with a strong tradition of respecting the law, due process, etc.

HA!
Try that line in Northern Ireland.
--

Question for HavenCo employees (1)

stu (3749) | about 14 years ago | (#961924)

Was there any need whatsoever for the faux-cyberpunk costumes you guys wore when Sealand made the BBC's 'Newsnight' the other week?

*Mirrorshades*? Good grief, its the year 2000! They haven't been 'futuristic' since Billy Idol co-opted them for his ludicrous comeback effort.

*Long Leather Coats*? Jeeezus. Why not just wear T-Shirts with 'Yes, we have seen the Matrix' on them?

Having the XMatrix screensaver running in the background of every shot - was that your idea or the BBC's?

Be warned - it may not be the efforts of world governments which will scupper Sealand. If you carry on like this it will just be the shame of people shouting 'Ha ha ha! This lot look like C-Net's Desmond Crisis, circa 1996!'

Other than that, great effort - keep up the good work.

Re:defenseless (3)

Money__ (87045) | about 14 years ago | (#961925)

I got that impression too. You bring up an interesting point. On the one hand he's saying that they are an independant country and on the other hand he points to the UK navy as a form of protection for the nation in the event of a naval invasion.

What's to stop the UK government from negotiating a backdoor diplomatic agreement from another country to drive a boat up to sealand and blow it up while the UK navy and defence system sit idle. The UK gov would have plausable deniability saying "We do not interfear with other independant nations" while sealand is sunk.

Ya know this sounds a little paranoid even as I type it. From a secutity point of view, if this is the least of their worries, they don't have any.

I do admire Ryans experience and knowhow in his job and I have to respect the risk he's willing to take to see his beliefs come to fruition.

King of sealand: dude, wanna run my colo?
Ryan: sounds kewl, what's the catch?
King of sealand: Our army is smaller than that box of little green army men and we're as defenseless as a windows box at a hacker con.
Ryan:sign me up!

Lackey got nads
___

Re:Security is laughable (1)

Romen (10819) | about 14 years ago | (#961929)

The Rainbow Warrior was a fairly large Greenpeace ship, that was protesting French nuclear testing in the south Pacific. Some French commandos blew a large hole in the side, causing it to sink, and killing a photographer. The French have never admitted this or apologized, but they were orderd to pay 1.9 million in damages by an arbitraitor.
Sam TH

HavenCo is bolloxed already (1)

Holgate (712) | about 14 years ago | (#961931)

I quote:

----- Forwarded

I urgently need to transport _______ ___, _______ ___, and a bunch of luggage to Sealand. Britain has started turning away known HavenCo employees at the airport, so I have arranged transport by boat tonight from a port town in _______. I need a brave hearted individual with a large car or van (or the ability to rent one) to drive [the lot] to the rendezvous point this evening. HavenCo will pay all your expenses, plus some reasonable additional fee for your time. If you can help, please give me a call ASAP at +__ ___ ___ ____.

----- Backwarded

That WIRED cover story may have been a little bit presumptuous...

Post a US political figures info instead (1)

jhines (82154) | about 14 years ago | (#961932)

and sit back and watch the fireworks on someone elses dime.

If someone were to crack their personal info and post it, it would make for a high profile test case.

Re:Personal privacy? (2)

anatoli (74215) | about 14 years ago | (#961935)

OTOH, what will you do if you see your credit card number posted on a site hosted in, uh, say, Kazakhstan?
--

Re:Timothy, send me your laptop... (offtopic) (1)

timothy (36799) | about 14 years ago | (#961936)

You'll need to send me your address first, and promise to take lots of pictures of the dunking. And it would be a lot cooler if you could throw it from the sealand platform, which may be trickier.

My laptop (barely worthy of the name) I got in trade from my old housemate Dan Jones for an PCMCIA Ethernet card, and Dan may have gotten the better end of the deal. (Just the same, totally voluntary!)

Macintosh Duo (230, I think, but it's not in front of me) ... it's got an 80 MB hard drive, a (failing) greyscale screen (4 bit? 8 bit?), a flakey external floppy ... it was a neat machine when it came out, but this example no longer even serves as an adequate typing station, b/c humidity and dust have scotched the keyboard.

I'd like a better laptop but the purchaser's dilemma is overwhelming. The ones I'd like are too expensive or not out yet.

I want:
(non negotiables)
- Linux friendly, and preferably also *BSD
- 13.1 or bigger XGA active matrix**
- trackpoint* not touchpad (well, not touchpad *only* ... Dell Insp. 3800 has both ...
- keyboard-input provision
- long battery life

(negotiable)
- video mirroring
- integrated 10/100 ethernet
- large hard drive (I'd settle for 4GB)
- reasonable price (upper teens?)
- plenty of memory - I guess 64MB is OK for a laptop ...

Standard (PC Compatible) probably, but if Powerbook G3 / 400s could be had for under $2000 I think I would be tempted.

timothy

Re:I dunno... (1)

flossie (135232) | about 14 years ago | (#961937)

If the dispute is over sovereignty, how could the ICJ refuse it on the basis that one of the participants is not a sovereign nation? National courts are not the usual venues for sovereignty disputes.

Re:More Interviews please! (1)

timothy (36799) | about 14 years ago | (#961938)

Both Lars and Ryan here took longer than expected, for various reasons. It's frustrating on our end too -- In Lars' case, we almost dropped the whole thing.

I like interviews, too! You can email me suggestions for ones you'd like to see, and we'll try to get some of them.

timothy

more Sealand info (1)

Tiro (19535) | about 14 years ago | (#961939)

For backround and photos visit The official Web site of the Principality of Sealand [principality-sealand.net] or this other page about Sealand [demon.co.uk] .

As shown in the photographs at these sites, Sealand is just a tiny platform high over the open sea. Smallest damn principality I've ever seen...

If it's worth doing, it's worth doing at a profit! (2)

Ungrounded Lightning (62228) | about 14 years ago | (#961940)

Wouldn't it be nice if HavenCo/Sealand would set up a mirror for DeCSS, ASF2MPEG (did you know that MS has a patent on the ASF format?) and other "illegal"/banned (peh) pieces of free software like this (and perhaps some standard crypto stuff OpenSSH, GnuPG, etc.).

What I'm saying is that It would be an interesting gimmick (marketing) for them...


Why should they become a lightning rod for free? They'd be ahead to leave this "marketing gimmic" to their clients, rather than co-opting it for themselves.

Then they get paid for the servers that host it, rather than spending their own resources on them. And they still get the marketing benefits.

(It might be in their interest to post the tools that are handy for doing business with them anonymously. But I bet even that could be handled, more cheaply, by linking to others who already host them.)

Re:Personal privacy? (1)

Dyolf Knip (165446) | about 14 years ago | (#961950)

Cancel the card, get a new one.

Dyolf Knip

--

The container port is not part of Sealand. (2)

flossie (135232) | about 14 years ago | (#961951)

The container port that he is referring to is Felixstowe. This is the largest container port in England. I think his arguments run along the (perfectly correct) lines that the UK government is not going to take lightly any potential threat to Felixstowe.

Re:Lawsuit defense - haha (1)

Dyolf Knip (165446) | about 14 years ago | (#961952)

Broadcasting into US territory is a crime? That's gotta be the dumbest charge I've ever heard of. So any schmuck who sends a signal over the border can be arrested? What kind of specifications are there on type of broadcast, power of said broadcast, etc?

--

Re:Personal privacy? (1)

GUNTHER (9069) | about 14 years ago | (#961953)

If your credit card number appears on a HavenCo site then you are already in trouble. You need to contact your Credit Card Company and get the card cancelled. It is your fault for letting the number get out. You shouldn't rely on privacy laws as a safety net for your own incompetence.

Naive. (1)

ktakki (64573) | about 14 years ago | (#961954)


If someone set up a site such as the one above, more free speech, rather than less, would probably render it impotent -- those opposed to it could express their concern, and the groups who directly benefit from the site would probably lose more in public support/legislative power than they would gain from trying to create a culture of fear.


It seems that you don't grasp the nature of religious fanaticism. The people who bomb clinics or shoot doctors don't give a shit about "public support/legislative power". They don't even care about Scripture ("Blessed are the peacemakers.").

Expecting a mad bomber to act rationally is absurd.

k.
--
"In spite of everything, I still believe that people
are really good at heart." - Anne Frank

Sealand Homepage (2)

Ex Machina (10710) | about 14 years ago | (#961955)

Sealand has a homepage [sealandgov.com] !

Just embargo (2)

KahunaBurger (123991) | about 14 years ago | (#961956)

I mentioned this is the questions thread, but it was too late. :(

All this posturing about repeling assaults ignores the more likely question of an embargo or blockade.

Its an artificial island, right? IE, no source of fresh water. He mentioned the recent aquisition of a water purifiyer which allowed them to take showers, the need for pallets of water, and relience on canned goods. Do we need a picture drawn here? If they piss the US and/or UK off badly enough, they may be invaded, or if there is actually any international respect for their supposed soverngty, they'll just be starved out.

However, if they don't piss off any major powers, they shouldn't have a problem, and in spite of the posturing for this crowd, I doubt they will piss anyone off. I don't think they're really "Republic of Texas" delusional.

-Kahuna Burger

Re:Personal privacy? (1)

Defiler (1693) | about 14 years ago | (#961957)

If my CC# is posted somewhere, I will instantly cancel that card. If something REALLY upsetting about me was posted (I don't think this information actually exists, but let's pretend that it does..) I would probably take measures to find out who posted it there in the first place, then go to their house with a fire axe, a basket of mice, and some tough rubber gloves.

Free speech is a good thing.. Part of the package is that you may have to hear speech that you don't agree with.

Re:Letting the kids play (2)

Chalst (57653) | about 14 years ago | (#961958)

I think the point that came across in the interview is that the UK
*could* cut their service, but it would be a very bad thing for the UK
to do from a diplomatic point of view: something they would likely do
only if Sealand represents some kind of military/terrorist threat to
them. Not impossible, but not just a matter of `whimsy'...


I'd be *really* surprised if the UK did act against them. Why are
Havenco's activities more dangerous to the UK than say, the Channel
Islands or the Faroe islands?

Re:Sealand Homepage (3)

Ex Machina (10710) | about 14 years ago | (#961959)

Their old page [demon.co.uk] has cool pictures [demon.co.uk] and fun facts [demon.co.uk] .

Cracking? (3)

Hugh Kir (162782) | about 14 years ago | (#961960)

I noticed that no one asked what would happen if the servers run by HavenCo were cracked. Since
they are on a territory which is not recognized by any of the world's nations, would any legal action
against the cracker be possible, even if said cracker were caught? I think that eletronic
assault against HavenCo is a much more realistic possibility than military action. I wonder
what, if anything, they would be able to do about it, beyond attempting to close whatever
security flaw the cracker had exploited.

Re:Weakest Link... (1)

Defiler (1693) | about 14 years ago | (#961961)

Read the responses again.. He addresses this issue at least three times.. Basically, they don't care what the client does with their machine. Period.. If the client is stupid enough to make an insecure connection to the server and transmit a password, or even a secure connection via a machine that could have a keyboard logger, etc, etc, then that's their problem.
All they will do for you is guarantee that your machine will not be tampered with.

Oil rigs are not far off shore (1)

rhinoX (7448) | about 14 years ago | (#961962)

I would venture to say that there are VERY FEW oil rigs that far off shore. The most common distance is not more than 30 miles from the shoreline, keeping with the edge of the continental shelf.

The technology that goes into keeping a rig stable at depths much more than are encountered at those distances are incredible, and oil companies will avoid using them at all costs.

Re:Personal privacy? (5)

EndlessDespair (207088) | about 14 years ago | (#961963)

I think my point -- which was the larger privacy issue -- is being missed. Let's try some examples besides credit card number. What would you do if you saw posted
  • your tax returns
  • your medical history
  • your arrest record
  • a scan of the the default notice the bank sent you once (but no mention of the fact that it was their screwup and totally bogus)
  • those other honeymoon photos, long thought lost
  • a report tracking your movements
  • libel
And so on and so on and so on. My question was really: what would you do if you saw something up there that you felt violated your privacy? I guess that's a subquestion too -- what would violate your privacy -- but that's probably been dealt with elsewhere. What I'm curious about is what people would try to do, given the present situation.

Too easy, try this... (2)

Reality Master 101 (179095) | about 14 years ago | (#961964)

That one's too easy... you just change your credit card.

Try this: Someone gets a picture of your wife. They Photoshop her face onto various sex poses (lets say a quality job that you couldn't tell was fake), and accompanies them with various rape fantasy stories. All with a name and address.

I think Sealand needs to get a little more of an ethical standard rather than just "child pornography". If they're going to recognize kiddie porn, then they should recognize other forms of abuse as well.


--

Errrrr... (1)

Ranger Rick (197) | about 14 years ago | (#961973)

If one of our sites is taken down temporarily, we'll have sufficient spare capacity in others to allow customers who have wisely stored backups and hot-spares elsewhere to be online almost instantly.

If the customers can afford to have this data on-hand in a backup or hot-spare (not in the sense of money, but in the sense of culpability/freedom/whatever), why do they need you? Isn't the whole point to have a safe place where "dubious" or unpopular information can go? If they hold onto it themselves, there's no reason to go through all the trouble of pushing it offshore if the feds can still get them for having their backups instead.

:wq!

Re:If it's worth doing, it's worth doing at a prof (1)

jhines (82154) | about 14 years ago | (#961974)

Why should they become a lightning rod for free?

Because it is supporting the open source community which they rely on for most of their software?

Probably the best thing would be to meet halfway, and offer a deal to a group for hosting a mirror site.

Re:Security is laughable (1)

flossie (135232) | about 14 years ago | (#961975)

While you are certainly right that the military could do away with Sealand, I don't think it is true to say that "nobody will be the wiser". It would probably be quite noticable to all those who are paying for services there if the service were just to stop overnight.

Anyway, while it's true that the French special forces act on a politician's whim (Rainbow Warrior, anyone?) I would hope that the SAS would not be used to murder innocent civilians not involved in violent activity.

That was refreshing. (1)

mindstrm (20013) | about 14 years ago | (#961976)

Looks to me like a few /. readers got a bit of a smackdown there. Thinking they were 'all that' and knew global security inside and out, and trying to shoot down the whole project as 'bunk'.
Sounds to me like they know *exactly* what they are doing, and have been exceptionally thorough. And I bet they are also exceptionally profitable.

As for all the stuffa bout security/landline/whateever... .look at it a different way. Rather than considering how easy it is to 'cut' such lines... how is this any less secure than within any other country? It's certainly not. Within the US? The UK? No.. it's *easy* to cut comm lines there.. laws are much stricter when it comes to cutting communication lines between countries.

I believe that cutting undersea cable, or destroying a cable landing would be tantamount to a nuclear strike in terms of political power.

Re:Personal privacy? (1)

flossie (135232) | about 14 years ago | (#961977)

Change my credit card!

Re:I dunno... (1)

mindstrm (20013) | about 14 years ago | (#961978)

Although... sealand may be an independant state, but is that state not contained within the UK's terretorial waters? And you don't bring foreign subs into the UK's waters... no sir....

I bet they have all kinds of shielding anyway.. after all, the whole damn thing is made of steel..

Re:Security is laughable (1)

Defiler (1693) | about 14 years ago | (#961979)

HavenCo isn't saying that they won't be destroyed, just that they promise that customer servers won't be tampered with by outside sources.. HavenCo detonating a nuclear device "divine wind" style would NOT break this agreement. If Britain or the US decides that they don't want your country to exist any more, then no force on Earth will stop them.
He lists a few methods for avoiding this situation.. Just read the interview again.
Also, there will be multiple sites.. If one goes down, the others will continue to process data.

Re:Lawsuit defense - haha (1)

flossie (135232) | about 14 years ago | (#961980)

He mentions pirate radio stations in the interview. Radio Caroline broadcast from the North Sea for decades.

Re:Letting the kids play (1)

Defiler (1693) | about 14 years ago | (#961981)

What happens if (like the interview states) they start using satellite links, such as, say, iSky?
How do you cut their link without:
1. iSky's agreement
2. Physical destruction of iSky's hardware, and associated legal challenges thereof..

Also, cutting land lines to isolated communities is illegal via quite a few national/international laws.

Re:Lawsuit defense - haha (2)

mindstrm (20013) | about 14 years ago | (#961982)

Sealand is not in 'international waters' anymore. It is in the UK terretorial waters, yet retains it's own independant status.

And as they said, they will not do things to intentionally agitate a foreign government. THey will not host porn, they will not do shit to piss of the UK.

Re:I dunno... (1)

klund (53347) | about 14 years ago | (#961983)

That also makes me wonder if they plan to shield against Tempest / Van Eck attacks. Although it would seem that anyone listening "Van Eck"-style would be obvious to the isolated Sealanders. Let's not forget that probably don't have equipment for detecting underwater stuff like subs and ROV's. And Tempest would be easy in the North Sea because the Sealanders are the only RF source around.

High frequency RF has a spectacularly short screening length in sea water. That's why submarines have to surface to communicate, or be stuck with a few bps over ELF radio (and long antennas).

So all they have to do is put the servers below the water line. Problem solved! (This would probably mitigate the EMP susseptibility, too.)
--

How about hosting slashdot forum on havenco.com? (1)

chabotc (22496) | about 14 years ago | (#961984)

Since the somewhat recent fuzz about 'being responsible for hosting content/forums' and the class acts microsoft has send ./ about there kerbos documents, wouldnt it be a nice idea to host the slashdot forums on one of there sealand boxes? i would love to see MS trying to get there teeth broken on that :)

-- Chris Chabot
"I dont suffer from insanity, i enjoy every minute of it!"

Re:Personal privacy? (2)

SimonK (7722) | about 14 years ago | (#961985)

Get a new credit card, I guess, but probably also try to find the person who owns the site. That might be doable throught whois, but more likely would require legal investigation. While HavenCo is probably registered in Anguilla, their peering agreements in the US might make some technical/legal action possible.

Re:Lawsuit defense - haha (2)

SimonK (7722) | about 14 years ago | (#961986)

They're not in international waters. Sealand is entirely surrounded by UK territorial waters no these extend to the 12 mile international limit. Sealand is either UK territory, in which case the inhabitants have the right to due process under UK law, or it a sovereign nation, in which case they can do their own thing.

Personally I think their claim to sovereignty is pretty solid, but I can think of plenty of situations where the UK or someone with tacit cooperation from the UK government (to get access to Sealand through UK territorial waters) would choose to brazen it out. From what Ryan says, it looks like they're going to try and avoid provoking anyone too much (for instance, he stresses legal liabiltiy in people's own jurisdictions), and this makes me feel happier about the whole venture than I did before.

Re:Since they're not WIPO fodder... (1)

dvdeug (5033) | about 14 years ago | (#961987)

Well, they're libertarian - hand them the money, and they'll store pretty much whatever you want there.

Re:Waterhouse is cooler! (1)

YIAAL (129110) | about 14 years ago | (#961989)

Yeah, SeaLand needs an America Shaftoe. It would help their marketing campaign, too.

Well it doesn't bode well... (2)

matthew.thompson (44814) | about 14 years ago | (#961992)

...if he can't even keep his laptop safe and dry what's going to happen when they start using big servers and drop those into the sea ;o)

Fake site ! (1)

dingbat_hp (98241) | about 14 years ago | (#961997)

You have the web sites the wrong way around.

The real Sealand site is at: http://www.fruitsofthesea.demon.co.uk/sealand/ [demon.co.uk]

The site at http://www.principality-sealand.net/ [principality-sealand.net] is a bunch of evil Spanish passport scamsters (alhough it's generally a more informative site on the history).

Re:Lawsuit defense - haha (1)

flossie (135232) | about 14 years ago | (#961998)

They will not host *child* porn.

Re:Timothy, send me your laptop... (offtopic) (1)

Richy_T (111409) | about 14 years ago | (#961999)

You'll need to send me your address first, and promise to take lots of pictures of the dunking. And it would be a lot cooler if you could throw it from the sealand platform, which may be trickier.

Actually, I was thinking more of taking it to the beach and dropping it in. You talk about the North Sea as if it's some mysterious place but it actually borders quite a large bit of coast on this little old island of ours. If you wanted, I could probably throw it at Sealand. I'd probably need a compass to work out the direction however. It might qualify as the first technological attack on the island though :)

[Tim's Christmas wishlist snipped]

Personally, I just want something I can carry around and write stories and knock up some code on.

Rich

Re:I dunno... (2)

Ex Machina (10710) | about 14 years ago | (#962000)

Sweet! I'm not sure all the servers will be below the water line though. all it would take is a stealthy ROV snuggling up to one of the pilings during the night.
Now that I think about it, the conrete most likely has some rebar in it which should shield them some.

Long-term viability. (2)

The Dodger (10689) | about 14 years ago | (#962001)


Okay, I have to admit that I'm about a quarter-convinced of HavenCo's SeaLand facility's long-term viability.

However, I still find it "interesting" that they're steadfastly declaring their sovereignty from the UK, and relying upon the UK Government's desire to avoid bad PR to prevent them from interfering with SeaLand, on the one hand, whilst relying upon the Royal Navy to protect them from attack, on the other. Given that a HavenCo employee flying into Heathrow on his way to SeaLand from America was turned back at UK immigration a few weeks back, because he didn't have a UK work permit, I'll be interested in seeing how this actually pans out.

Also, I'd be interested to see what happens if SeaLand's sovereignty ever is contested in a courtroom, or what will happen if a government does order their communications links cut off.

But, if they do succeed in setting up a real, viable datahaven, which can actually host information and services with impunity, then the best of luck to them. I'll probably be one of their customers.


D.

Re:F*** That!!! Somebody start a w4r3z server d00d (2)

Ex Machina (10710) | about 14 years ago | (#962002)

I don't think Sealand could withstand the MSDN surgical strike team of crack MSCEs.

Why would the CIA bother? (2)

daviddennis (10926) | about 14 years ago | (#962003)

This is why child porn is prohibited in Sealand; they don't want to get the US or UK authorities riled up. I don't know of anything other than that with the potential of making US/UK authorities so riled up as to cause SeaLand to be attacked.

HavenCo is right in saying that it would be a horrorific PR disaster to all concerned. Even if HavenCo put national secrets on the web, the most likely result of trying to censor HavenCo would be to give those secrets even greater spread. Look what happened to the Church of Scientology's "Sacred Secrets" when they went after the ISPs that hosted them.

In practice, HavenCo would most likely cooperate with the US and UK security folks, but not those in Iraq or other oppressive nations, simply because the UK would defend Sealand in defense of its own territorial integrity.

D

----

How nice! (2)

Ex Machina (10710) | about 14 years ago | (#962004)

http://www.havenco.com/about_havenco/ ngo.html [havenco.com]
HavenCo is donating free colocation space to Non-Governmental Organizations of our choosing. In general, the types of organizations that we will want to provide hosting for are those that promote free speech promote human rights give a voice to minority and oppressed groups that otherwise may not be heard

Pirate Radio (2)

nstrug (1741) | about 14 years ago | (#962005)

During the seventies, there were lots of similar pirate radio stations broadcasting into the UK - however as they were broadcasting from international waters the UK couldn't touch them - they usually waited for them to stray into UK territorial waters to arrest them.

Now the difference here of course, is that in this case the UK chose to observe international law, whereas in the example that you gave the US ignored it.

UK courts have a long history of slapping down the government and the UK would be very wary of failure in court should they launch an action against Sealand.

Nick

Yeah, then Roblimo could tell M$ to kiss off (1)

ballestra (118297) | about 14 years ago | (#962006)

echo $SUBJ It'll be anarchy!

Re:Personal privacy? (1)

RomulusNR (29439) | about 14 years ago | (#962007)

Get a new credit card number?

Just a guess.
--

Re:I dunno... (1)

Joe Decker (3806) | about 14 years ago | (#962008)

I think the most successful attack against a place like this would be EMF type stuff.

Probably more work than a torpedo. Remember that they're trying to prevent capture of the data more than trying to prevent destruction of the data.

That having been said, I'd be extremely surprised if the steel reinforcement of the concrete in the legs of the platform didn't give you a Faraday cage.

That also makes me wonder if they plan to shield against Tempest / Van Eck attacks...

Pretty tough unless your close, and again you have the Faraday cage that I expect the legs provide. And what would it get you? A look at the IP traffic most likely, which you could sample elsewhere, and some consoles. Remember, the users (and their display screens) are elsewhere. Watch the exciting backup runs! Woohoo! Digging into the contents of the disks would probably require physical penetration of the site.

--j

HavenCo takeover HOWTO (1)

gill (206589) | about 14 years ago | (#962009)

With all the thinking about the business and takeover of HavenCo and how anyone there should be afraid of [insert favorite opressive regime/gov here], it seems to me most likely that if the UK or US governments decided they did not like HavenCo, they could simply purchase all of the available processing power. There *is* a limit to what they can do on the platform. Buying them out would be a lot less dangerous/exciting politically than storming Sealand with guns a'blazin.

Show me the money. (2)

AtariDatacenter (31657) | about 14 years ago | (#962010)

He even has some ideas for how you can make a lot of money.

I seemed to have missed this. Where does he discuss this?

Anarchy? (1)

Badger (1280) | about 14 years ago | (#962011)

I'm a little unclear as to why it's a good thing to have an unanswerable entity running around this planet. We have governments, and inter-governmental institutions for a reason! Would we condone this place if they housed thieves or killers? What if SeaLand was a refuge for terrorists instead of data? Anarchy is anarchy....

More Interviews please! (3)

Raindeer (104129) | about 14 years ago | (#962012)

Is it my imagination, or don't we have as many interviews as we did a while ago. I remember that every monday there was an interview and Fridays the answer. That schedule is gone now. I would like to urge the Slashdot guys to go out and get some more interviews.

Water World (1)

Tyrannosaurus (203173) | about 14 years ago | (#962013)

All this talk of "physical security" made me think of the movie Water World.

Picture a dozen Mad-Max looking dudes attacking this thing with Sea-Doo mounted rocket launchers. And the brave SeaWorld defenders are protecting free speach for the masses, instead of a tomatoe plant.

So do the good guys wear Red Hats in this story?

I dunno... (3)

Jon Erikson (198204) | about 14 years ago | (#962014)

Firstly I'd like to say that it's nice that /. has had someone for an interview that is way more intelligent than the average /.er, and has actually thought about how you go about doing some of the things that /.ers go on about in the real world.

Whilst I can't fault his arguments, I wonder if he's ever considered the possibility of more covert assaults? The CIA is well known for attacks on small, relatively defenceless targets that happen to piss them off, and Sealand sounds like a prime example, especially with its "host anything" policy. And the UK isn't going to stop them thanks to the relationship between the two countries.

I think it's quite possible that the US will decide that Sealand is an annoyance that can be easily dealth with, and act again to suppress a foreign group in the name of "national interest".


---
Jon E. Erikson

Re:Since they're not WIPO fodder... (1)

Ex Machina (10710) | about 14 years ago | (#962015)

right. What I'm saying is that It would be an interesting gimmick (marketing) for them to do what I suggested. Why?
  1. Make Nice With OpenSource Community - We're bigger zealots than Apple lusers! Anyone who appears to be helping OpenSource is automatically "cool"
  2. Make Lots of Press Releases - Getting press coverage is always good (even negative press for a company like this).

Re:More Interviews please! (1)

jellicle (29746) | about 14 years ago | (#962016)

Give us some suggestions, we'll try to get them.

Sometimes the schedule is broken for reasons beyond our control, generally interviewees that take an inordinately long time to respond. But we're still shooting for one/week.

--
Michael Sims-michael at slashdot.org

Re:Personal privacy? (1)

acidrain (35064) | about 14 years ago | (#962019)

Not really care. Do any of you wan't to know the above datails about me? (Shut up Troll) I don't expect that anyone would find this info, or bother reading it. Only famous people have these concerns, and Sealand isn't going to make it any _worse_ for them...

This is the realm of international politics (2)

Ian Bicking (980) | about 14 years ago | (#962021)

There are specific laws in many countries regarding cutting communications to third-countries or isolated communities, so we are not as worried about cutting service on microwave/fiber links as you are.
Isn't this exactly what was done to Yugoslavia? (initial slashdot article, [slashdot.org] followup [slashdot.org] ) The whole situation in Yugoslavia seemed to show how meaningless international law really is if the international powers-that-be want to do something.

Really, international law can't mean much of anything. Law without enforcement isn't really law. And the enforcement of law means an overriding authority with the ability to apply force. This does not exist -- and if it did exist, we'd have merely achieved a world-spanning nation-state. The only international force at the moment is political, not legal, and the UN is only a forum for this political interaction. The UN doesn't hold any real power itself. And at the base of international politics is always war (though it may be under different names).

I hate to seem pessimistic -- I really hope HavenCo makes it -- but if the UK (by itself, or as a proxy for the US) really cares to stop something in Sealand, it will do so. Probably under a pretext, but with the pathetic state of the media even a dumb pretext seems to be enough. Sure, you and I will know that it's bull, but I already know how much lying crap the US government lays out and the government don't seem too worried about me. Aid to Colombia is to fight drugs? Ha. Kosovo was to save Kosovars? Sure. Contras were freedom fighters? Right. Terrorism is a big threat in the US? I'm so scared.

I hope Ryan has read The Prince [bb.com] to get practical advice on the international politics that HavenCo desires to enter. Best of luck.
--

Re:Long-term viability. (1)

Bryant (25344) | about 14 years ago | (#962023)

That's a practicality issue, not a legal issue. They aren't assuming the UK will protect them for any kind of legal reasons, they're assuming that the UK will get touchy if someone brings heavy weaponry too close to UK borders. It just happens that SeaLand is quite close to the UK.

I think this is the overoptimistic viewpoint, since the one scenario Ryan didn't mention is "What happens if the government which wants to remove SeaLand is on good terms with the UK?" After all, the US has heavy weaponry within UK borders all the time...

I wish I had asked (1)

Marillion (33728) | about 14 years ago | (#962027)

Can I take my next holiday there?

Felixstowe (2)

Andy Dodd (701) | about 14 years ago | (#962028)

A number of people (including Ryan himself) have mentioned the importance of Felixstowe. Britain isn't going to let ANY armed ship from an even slightly untrusted country near that port. The only non-British armed ship that MIGHT be able to get near Felixstowe would be one belonging to the US Navy. (Since the US and UK trust each other a grat deal.) But the US would most likely not conduct military action against Sealand, it would be a PR nightmare.

Spamming/DOS (1)

GlassUser (190787) | about 14 years ago | (#962029)

Is there going to be any kind of protection from other users from spam/dos attacks originating from Havenco? How will this be determined? It seems that it would always brush the line of censorship.
Basically, I'm asking who decides what is a spam or attack, and by what criteria? I can't find them posted more specifically than at http://www.havenco.com/about_havenco/faq.html#four which only says that spammers/attackers will be shut down. I don't see any list of criteria, such as is found at spamcop (http://spamcop.net/fom-serve/cache/64.html), which lists several requirements to allow using the service to report. Granted, this may be a small issue, but it could be important for some.

Relying on the UK for protection (2)

tmu (107089) | about 14 years ago | (#962030)

Fascinating answers. I really appreciated getting the detailed (if somewhat repititious) view of the whole thing.

For me, the most interesting aspect is how much Havenco and Sealand are relying on the UK to protect it's (now) territorial waters and container port for them. This makes complete sense, but it's not something i'd thought of before. It will be very interesting to see how this develops.

Final kvetch: child pornography. This one is just too vague to be enforceable, even within jurisdictions that have a larger body of law to clarify this. If Havenco works out, I think that this clause will cause trouble eventually.

Orange SMS - Email gateways (1)

matthew.thompson (44814) | about 14 years ago | (#962031)

For SMS to Email or Fax see Andrews & Arnold's Faxtext [aa.nu] service. Very fast and reliable plus a great company to do business with.

For Email to SMS and possibly the other way Locust [locust.co.uk] are a good bet. £3 per month for Locust, Free for Faxtext.

Re:I dunno... (2)

Ex Machina (10710) | about 14 years ago | (#962032)

Please. The CIA would fund {Islamic Terrorists, Irish Terrorists, Russian Mafia Goons} to do it for them in exchange for {guns, drugs, money}.

Seriously. I think the most successful attack against a place like this would be EMF type stuff. Are their boxes in Faraday cages (as seen in Enemy of the State).

That also makes me wonder if they plan to shield against Tempest / Van Eck attacks. Although it would seem that anyone listening "Van Eck"-style would be obvious to the isolated Sealanders. Let's not forget that probably don't have equipment for detecting underwater stuff like subs and ROV's. And Tempest would be easy in the North Sea because the Sealanders are the only RF source around. (wow that wandered!)
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...