← Back to context

Comment by riku_iki

3 years ago

lets say I opened account on hentzner, rented server, they sent me email with password, I SSH-ed to it and connection got wire tapped. What way you think could help me to detect this?

Well you could check the SSH server fingerprint that it matches what the SSH client sees. In principle if the SSH connection is MitM'd, they could change the output from the shell so that it would look like it wouldn't be changed. But ultimately they created the keys to begin with, so they can just keep another copy for the purpose of MitM. I doubt they do this nowadays, but they _could_.

edit: I actually thought this story was about virtual machines, but I noticed it was about physical hosts, so those have a bit more hope; but ultimately you're still trusting devices that are not physically under your control, so they cannot be trusted.

But let's say that in the case of virtual hosts: basically there is no way to ensure you have non-wiretapped connection to a virtual computer provided by hosting service. They don't even need to MitM it, they can just look at the memory of the virtual machine. The only attempt at trying to do that properly has been AMD's "Secure Encrypted Virtualization" https://www.amd.com/en/developer/sev.html, but I think it was broken by some researchers and I don't know if it could currently provide some means to do this safely. I suspect even in that case it might be challenging to install the initial operating systems so that it won't contain the MitM functionality in itself.

And even then you would be trusting AMD's implementation of the security layer.

Frankly that the wiretap was discovered this time is just a learning experience for the provider to do better next time. I doubt there are good reasons why it should be possible to detect it, if implemented competently.

  • > Basically there is no way to ensure you have non-wiretapped connection to a virtual computer provided by hosting service.

    so, I relied on market forces here, I hoped that major provider would protect their brand and do not do or allow to do such things, but looks like it is not the case for hetzner and linode.

    • what are you talking about?

      the suggestion in these posts is that the German cops made them do it, which is exactly what happens to every provider in every country - they get a subpoena, they may fight it, if they lose they do whatever it is. every hosting (and transit and peering, I assume) provider in every country has an elaborate "lawful intercept" system already set up for secretly copying traffic to the feds / cops / intelligence services.

      a hijacking of said LI system is what caused a huge scandal / deaths in greece ~twenty years ago: https://en.wikipedia.org/wiki/Greek_wiretapping_case_2004–05

      5 replies →