Slashdot Mirror
Ask Havenco's CTO Anything You'd Like
A few days ago you read here on Slashdot about the datahaven called Havenco poised to open six miles off the English coast, in the semi-recognized, undeniably eccentric principality of Sealand.
Havenco CTO Ryan Lackey has graciously agreed to answer
questions from Slashdot, and to involve others on the Havenco team in answering questions he can't. C'mon -- how can you not be curious about an off-shore datahaven in an anti-aircraft bunker? Ask questions in the space below, and we'll forward 10-15 of the highest moderated ones on to Ryan. [Updated 15:40GMT by timothy:] Remember, many of the obvious questions are answered on the Web sites above or in the comments of the first story. Fire away with meaty technical questions -- they're up for it!
Forget about internet connectivity. In all honesty, I'd like to know what sort of defense systems you're country has? What are you going to do if some country gets angry about what you're posting and decides to invade? Honestly! I mean, anyone can take of say, martha's vineyard, with just a few people and declare it it's own independant country, but the US could and would drive them out in a heartbeat. Likewise, I could find a desserted island in the pacific and say it's mine, but only until a country with more weapons than me decides they'ed like it instead... You could ally with another country, and use their arms as your own, but in all likelyhood, the entire purpose of this country seems to be to be able to disregard other countries laws... Thererfore, places like the US, France, etc... aren't very likely to step up to defend you...
Now if you'll pardon me, my Ensure's gettin warm and my oatmeal's gettin cold. mumble, mumble...Cryptonomicon..mumble, mumble data haven. Feh! ;-)
Sealand will inevitably have thin comms links and so will be more exposed than most to a DoS attack. Recent cases have involved ISPs pulling user sites simply for being attacked in this way - they accept the target site is blameless, but pulled it "for the good of the majority of users" and the restoration of their own comms.
How would Havenco respond to such an attack ? Taking the moral highground, or the pragmatic approach of letting individual users be picked off ?
We always are persecuted in this country called "slashdot". There is no freedom of speech for us, whereas the feudal rulers of this land (known as 'karma whores') are able to publish anything they like, and most of it pokes fun and discriminates against us, the Anonymous Cowards.
We ACs lead a life of misery, frequently banding together and posting numerous articles together in our revolutionary movement for greater recognition. Unfortunately, factions form and it is common to see ACs fighting ACs, forgetting their cause.
Will you shelter us? We don't have much money, but our wisdom shines from continent to continent. We are probably the most persecuted group on the internet, and need all the recognition and help we can get.
on behalf of,
Supreme United League of Anonymous Cowards (SULAC).
From the pictures and schematics I've seen, it looks small, especially if you intend to cram it full of servers, dishes, generators, fuel, supplies and security guards.
Are you going to sink more barges/piles to expand your area?
George
What motivates you to set up a data haven? Are you motivated primarily by libertarian principle, or do you intend it mostly as a way to make money from sealand's sovereign status? Or both?
Will you allow data that does any of the following:
- evades taxes or excise?
- breaks local morality and legislated morality (including where oppressive eg: Iran)?
- belongs to political dissidents?
- belongs to terrorists, organised-crime, etc?
- is uploaded and maintained completely anonymously?
- is maintained with absolutely no access granted to anyone trying to prosecute on grounds of its content?
Do you percieve what you're doing as moral? If so why?
My first question is slightly silly, but did this idea arrive as a result of Cryptonomicon? The second is, where did you look for funding, and how will your backers affect your business plan? Third, are you planning on having banking services?
And are you, as employees/founders of a company, prepared to be carted off at gunpoint, and possibly put on trial, for the activities of your business?
you're providing a service to people who in some cases can't get it anywhere else. how do you justify the fact that people are going to hold illegal data in your facility in the name of free speech?
What inspired you to create a data haven (was it the work of Gibson's Neuromancer series?) and do you think there is a long term future for the data haven concept, perhaps moving from offshore to orbital havens?
I agree that the best method is to retain good relations with your neighboring countries, but if relations go sour, what technologies are you implementing to ensure that no other country can sever your connectivity to the rest of the world?
The Sealand folks seem to base their view of sovereignty on a decision in a relatively lowly UK court taken a while ago. While at the moment they may be nominally independent, it seems to me pretty likely that if the matter was taken either to a higher court or to the international community in general, it would really be found to be part of the UK and not a sovereign state at all -- and as it's an artificial structure, the Royal Navy could presumably claim ownership, as they put it there in the first place.
Given this, and the fact that from what I've read, Havenco only has one connection to the outside world running directly to the UK, whereas a really useful data haven would, to my mind, need several connections to several different countries to be really viable or immune from legislative interference -- is this really intended to be a viable idea, or just a publicity stunt?
And how are those plans for world domination going?
Are you going to have Jill St. John stop by for a photo op? Or maybe Plenty O'Toole?
Are you guys going to pay any tax? The true test of whether Sealand is independant is what happens when the tax dept starts losing revenue.
This is all covered on their website.
Hardware - VA Linux Boxes.
OS - Debian, RedHat, OpenBSD, or FreeBSD 4.0
Access - Doesn't say, but I am assuming ssh, ssl, etc, since it says open secure protocols.
Why don't people read the available info, before wasting questions asking stuff that is easy to find out, and doesn't require their CTO?
Oh well people are just lazy I guess.
>~~~~~~~~~~~~~~~~
>~~~~~~~~~~~~~~~~
Pilchie
My question is this: were you inspired by Cryptonomicon, or did Cryptonomicon scoop you? If the former, then this is not the first time SF inspired real world events, a self-fulfiling prophecy. If the latter, then this must be one of the quickest SF predicted prophecies. How does it feel to be in this position? I gather you are already sold on the necessity and market for a data haven. How seriously do you take Stephenson's warnings of governmental or corporate harassment?
So how do you plan on making sure that content going into your datahaven is from valid sources, and then do you expect to do a review of all data and THEN send it to an appropriate site? Or are users responsible for knowing the laws of the country where the data is to be sent to? Similarly, are users restricted to one site, or can they request multiple HavenCo locations?
You are in a maze of twisty little relative jumps, all alike.
First, Read this:
http://www.smh.com.au/ne ws/0004/03/features/features2.html
So, who are you? What is your background?
Who lives on the island?
Why would I host on a man-made island I could crash a plane into?
-Davidu
# Hack the planet, it's important.
Is there any way that we internet users or the Open Source Community could help with Heavenco? Are there any specific software/software security need that you have? Have you considered working with individulas/groups from other countries to help politically support your operations from their native soil?
You've chosen to try and execute a great idea. Like all great ideas, it needs demo'ing to possible investors and customers before it can really fly.
My question: is HavenCo in Sealand simply a flashy demo for a planned 'public beta' somewhere in Asia or the Carribean later on?
Thank you.
Chris Worth
- Read fiction at www.espressostories.com
Let's say that you do manage to completely secure your clients' hardware and data. Do you think you can also completely obscure the fact that said client is doing business with HavenCo?
If so, may we have more details on how?
If not, do you think that certain governments will make it a crime to simply do business with Sealand? I understand your explanation that you're not undermining the authority of other governments -- but you are undermining their power to legislate away certain activities to which they object, and I imagine they won't like that. In a world which places little value on a citizen's soveriegnty against hir government, there would be few reprucussions to (say) the U.S. making it illegal to purchase your services, but it would put a big dent in your ability to do business.
- Michael Cohn
-----
Go ahead, blame me... I voted for Nader!
Most terms and conditions for ISPs restrict you from undertaking illegal activities and are recognised as being legal in the country that service is obtained from. If you HavenCo host something that is disallowed in the Terms and Conditions you agreed to then claiming International independance is not an option.
About the only way I can see of getting round this is to take bandwidth from a much more liberal country who are more likely to accept the money without questions.
Matt Thompson - Actuality - Insert product here.
1...The website displays a copyright logo. Did
Sealand sign the Berne Convention, and thus does
it respect copyright?
2...Explain who is the real owner, because outsiders are confused with havenco, principality-sealand.net and sealandgov.com
3...Will I be allowed to store encrypted files there that HavenCo can't possible read, condone nor condemn?
4...Why does Havenco insist on policies that allow them to remove content based on their disgretion? How many judges does Sealand have to deal with this, or will Joe random Sysadmin play judge?
5...How will havenco prevent their backbone ISP or that ISP's country from interfering with Sealand/Havenco?
Granted - I'm no expert either. I was just thinking that as it's a permanent structure rather than a ship or a portable structure, it might come under property law rather than marine salvage law.. as said, however - dammit, Jim, I'm a sysadmin, not a lawyer. Claiming ownership of property based on abandonment is a very long-term thing, if I remember rightly.
This article and article 60 of this one (from a vague web search) look interesting.
Obviously, offering to store data for other people can be an ethically sticky business. Are there limits to what you are willing to store?
A holding company in the US could allow a German company to store, serve and update Nazi material (which is illegal in Germany). Similar situations could allow for storage of child pornography or copyrighted material. How do your rules deal with this?
Thank you for not thinking.
Because, nobody ever expects the ...
I was very glad to read that one of the only things that HavenCo will disallow on its servers is child pornography. In my own net experience, I find myself thinking that all is fair except for kiddy porn. But, once a person starts to take any interest in the content, can they really avoid the problem of getting drawn into a very difficult position of having to gradually expand what isn't allowable? For example, suppose some sick-o wanted to host a web site depicting real-life rapes. Surely just because that is not child pornography does not mean that it is morally justifiable to provide that service. Can you really just draw the line at child pornography?
Slashdot 's editors are dickheads
Everyone seems to be concerned with other governments capturing Sealand or claiming ownership of Sealand. I think it more likely that they would just sever connections to prove their points, and that has already been addressed.
But what about terrorists? What if some terrorist organization sees Sealand as a get rich quick scheme, and wants to capture and hold hostage the sensitive data of some of the worlds largest companies? Threats to divulge internal secrets, data loss, exposure of personal information of clients and accounting records have all got to sound like a good opportunity to someone out there.
Surely, government militaries cannot be expected to defend what is clearly a corporate undertaking (though I suspect some governments would think it was their job), so what kind of defense is Sealand, or HavenCo in particular going to have in place if any?
-Tommy
"I got a half gallon of Jack, and 2 dozen Ant Traps. I'm about to get wild." -me
Could you describe what neat technological feats you are planning to maintain robust connectivity, and whether you will get creative in the future with your routing?
Assuming you start with a single microwave connection to the coast, it makes routing easy, but leaves you open to any number of problems others have already addressed.
Later you may have some expensive backup satellite connections and you might lay down an undersea fibre link to both the british and continental coasts (you could resell the excess bandwidth with no problem, could be nicely profitable).
Do you envisage pushing the technological envelope to keep your connectivity going when you have multiple connections? Some tricks along the lines of asymetric routing tables, discontiguous EBGP AS path switching, or encrypted vpn tunnels to sympathetic ISPs in a shell game of anonymizing hops like zero knowledge? How closely are you working with your upstream providers to head off problems?
Would you consider reselling vpn endpoints so people could tunnel traffic out of oppressive countries without the local authorities sniffing the traffic for content?
the AC
[who should lose karma for excessive use of buzzwords]
Hemos is like...sci-fi fans;he thinks technology is cool, but he hasn't bothered to understand the science it's based on
I noticed on the Sealand website references to Prince Roy's ill health. With Michael of Sealand on your board of directors, how will the political and business arrangements be handled? In other words, what is the relationship between the Government of Sealand and Havenco? And what will that relationship be should Michael of Sealand ascend to the Throne.
I haven't seen this question yet, so now I ask. In order to do the proper due dililgence on this matter, I would like to know what you will do when you get shut down? I don't think it likely at all that the UK will not take a serious look at what you are doing and disagree with it. They are not going to allow you to operate within their territorial claim and not be subject to their laws. Period.
;). What do you plan to do when, either the UK invades, the US invades (highly likely from where I sit, there are entirely too many people in this country that think that my business is their business), or some non-governmental organization invades? Why wouldn't some unscrupulous individual bent on corporate espionage and blackmail just hire some mercenaries and come steal your servers?
I've read that you have plans for other locations, but the information was very vague (as is this question
I love the idea, but this is just ridiculous. Unless you've got unlimited capital coming out of your ears, this is not going to happen. Even if the governments leave the physical location alone, they are bound to shut off your land lines. Satellite bandwidth is beyond prohibitively expensive right now and will remain so for many years. Do you plan to launch your own satellite and man your own ground station in some secret location in order to maintain connenctivity? Even that wouldn't be enough. Governments would find that and shut it down too...
(emphasis mine)
Obviously not. If they were, they wouldn't have to pose as officials. They most likely bought false papers from the German businessman who once invaded sealand and kidnapped the Prince's son. (he, the businessman, is still selling false Sealand documents, including passports)
They aren't.
I really don't know. The HavenCo people are pretty well-respected in their fields, though. I'd hope not.
DNA just wants to be free...
They're 6 miles from the UK mainland and UK territorial waters extend 12 miles. The only commando raids they are likely to face are from British forces - no one else could do anything.
-- "It's a sad day for American capitalism when a man can't fly a midget on a kite over Central Park" - Jim Moran
One of the longest running free-speech issues on the Net has been between the Church of Scientology and the numerous CoS debunking sites such as Xenu.net. The CoS has vigorously pursued anyone who publishes their secret processes on the internet - they are ruthless, fearless, and most importantly to anyone meaning to host something offshore, they have a NAVY (and Tom Cruise to boot!) If you are truly sovereign, then along with the rights of a sovereign nation come the responsiblities - such as defending yourself from intruders. One of the first groups to seek refuge on your haven will be the Scientology resistance, and you will soon be pitted against Ron's Navy.
Which brings me to my question: Do you have any plans on implementing true physical countermeasures, such as phased-array radar, anti-aircraft weaponry, and hardened gun emplacements?
--
What happens when you outlaw guns
- I noted in the Sealand website:
- Will H/S seek to enter NATO?
- I'm assuming that H/S's physical security threat model includes small merc forces (everyone always trains for the last war). Placing that at one extreme and, say, a cruise missile strike from your favorite Western power at the other extreme, about where (in rough terms) are you planning?
- Sealand seems to have an antagonistic history with the world, as when, in 1990, a ship was fired upon by Sealand (I'll assume there is more history than listed on the website). Given the lack of recognition Sealand already has (a ruling by an internal state court of the United Kingdom does not, in law, have any binding upon the international community), how is H/S planning on fighting the image of H/S as a pirate's den, hosting illegal services in a cutthroat backwater?
- On the Rules of Use, I noticed this worrisome line:
Good luck,HavenCo will now take over operations of the government of Sealand and operate the first datacenter for its secure colocation services from the Sealand sovereign fortress.
First, congratulations! I suppose this would make you Minister of Technology or somesuch. However, given the dim view that many countries will take of this merger, do you anticipate this will place on roadblock on diplomatic efforts by HavenCo/Sealand (H/S)?
This document may change from time to time. Changes go into effect and are applied to all customers from the time that they are posted to the above URL.
While this is a fine statement of principle, given the lack of recourse a business will have (after all, Havenco is the government), what effect do you anticipate this will have on your marketing staff?
cordelia
Information wants to be free
Information wants to be free
So what? Guns want to kill, but we have laws against that.
I think their service is an Internet analog to the many services that provide ways of handling contraband goods.
For instance, let us say you live in a restrictive country, "A," but you are currently visiting country, "B." You find something you would like to buy country B, but cannot legally own it when you are in country A: but you can ship it to a service in country "C!"
Datahaven may be like country C in that you can store your contraband there and access it through someplace in country B without breaking any laws in country A.
But of course, this is all speculation!
-AP
clearly, you folks are in a highly secure location, and can protect your data and hardware from unwanted access. however, what measures do you have in place to protect yourselves from hostile (physical) invasion? considering your unstable relationship with the british government and how the mpaa convinced the sweedish government to raid a kid's house for the decss thing, what is to stop some sort of military/police infiltration of your facility if somebody decides that you are hosting something they don't like?
1) There is a not-all-that-slim chance that if activities began to occur on your data haven that the Western powers disagreed with, they would find a way to excuse an invasion and confiscate your equipment. The obvious wrong answer to this would be to build your own defense. Is such an invasion even a conern for you? Have you given any thought to signing treaties or other such matters of statecraft, or do you think the international community doesn't take you seriously enough to consider such offers?
2) Second, with the coming of sites such as Freenet, do you feel that a data haven such as you have envisioned is still necessary?
- Rev.I'm curious to know what platform or platforms you will be running your service off of? My guess would be something like openBSD and solaris w/ some microsoft scattered about for customer compatibility, but what do I know?
Also how will clients access their files and how will those files be stored? Will you be using existing technology now like ssh/https type for the transfer or will you be writing a secure client?
Thanks.
Hmm. Despite an earlier ruling that Sealand lay outside of .uk's territorial waters back in the 3-mile days, the Home Office have announced to the press that Sealand DOES fall under their juristiction for purposes of the RIP bill. Do you have any plans to get official recognition by the European parliment or UK courts of Sealand's status before you go ahead?
--
-=DaveHowe=-
Where's "your line"? I.e. what will you store, and what won't you store? Since you have your own principality, it's not necessarily obvious that certain things that couldn't be stored in the US wouldn't be stored in your data haven.
Also, what are you doing to protect customers? Do you see your data haven as becoming the "Swiss Bank" equivalent for data?
And finally, what kind of hardware/software do you guys have supporting your operation?
-- Truth goes out the door when rumor comes innuendo. -- Groucho Marx
Hmm. I am assuming you expect to get the majority of your business from companies whose host countries have intercept or key escrow provisions in place. What measures do you expect to take to secure the data on the platform and while in transit (both physically and cryptographically)? If a CEO of a customer comes to you and says he needs to obtain a key to his data in your safekeeping, but can't say why, what will your response be?
--
-=DaveHowe=-
I was wondering if you have multiple internet backbone connections. I read something about a microwave link to the mainland, but no details.
Do you have multiple microwave links?
Do you have connections to multiple countries, so the UK can't just shut down your connection?
What is your primary source of electrical power, and how long can you operate with backup power when that fails?
Best Regards,
Local Loop
Lots of people are asking questions about physical security, and how you're going to repel missiles and commandos, but I've got the opposite question: why do you need physical security and a physical location at all? Would not the best way to protect your customers' data be to wrap it in hard crypto and distribute it far and wide across the whole of the net, ensuring that there is not a single point of failure or a single physical installation that can be isolated?
As we've seen again and again recently, the best protection against censorship and other legal attacks is massive redundancy and decentralization.
According to the Sealand Government web site, Havenco "will now take over operations of the government of Sealand." As I understand the other text on the same page, it is generally believed that the government of the UK would not interfere in any acts of piracy, terrorism, or assault on your "territory." Since you are now within the limits of the territorial waters claimed by the UK, you probably won't have to worry about a full-out assault from a sovereign nation, but another attack like that of 1978 could happen again. Of course, there is nothing but a few court rulings to protect you from Her Majesty's Armed Forces.
Given the precarious nature of the "sovereignty" of Sealand, will you be seeking international recognition and treaties to guarantee your physical security from such attacks? Will you be joining any of the international protocols for cooperation in law enforcement or other areas? I would think that joining these would go a long way to cementing your viability.
Just be sure to wear the gold uniform when you beam down -- you know what happens when you wear the red one.
After reading your TOS I have become rather curious in regards to the following cluase:
Unacceptable publications include, but are not limited to:
In the case of the Sealand datacenter, what are some of the limitations?
Please note that in the following examples I am not equating one example with any other or implying that any of the following should be censored; rather they are examples of what I would consider sticky wickets when running a "data haven" and wonder how such things will be handled.
Imagine the following:
I am a rabid anti-choice activist in the United States. I wish to post a site with a hit list of doctors performing abortions in the United States. After each "accident" I wish to mark them with a big red X. I publish detailed information on how to find each of these doctors.
Is this site permitted?
I am a hacker who wants to play DVDs on my Linux box and I want to use free software. I want to place source code on my website. The United States says this violates some stupid law and some annoying people object.
Is this site permitted?
I am a devote Iron Chef fan and Fuji TV has just sent me a cease and desist order. I wish to move my materials to Sealand.
Is this site permitted?
I am a regular guy in the UK creating a website about my daily life. Some people don't like the way I talk about them and my site is pulled.
Is this site permitted?
Will you allow sites advocating the overthrow of rival goverments, challenged uses of intellectual property, bomb making instructions, and other information that will get other nation-states panties in a twist?
~~ What's stopping you?
1. What sort of data needs extraterritorial protection?
2. Who guarantees your physical security. For example, if you host data considered by some government to be a threat to them, who will defend you against commando raids, air strikes, and the like?
---- "When I grow up, I'll know far less"
Don't say it can't/won't happen. Unfortunately, it can and probably will.
You can never equivocate too much.
How, generally speaking, are you handling physical security at Sealand? Private guards and/or hired mercenaries, evil high-tech lazer defense systems, rabid dogs with bees in their mouths so that when they bark they shoot bees at you, what?
... I'm sure the UK will look after you in that regard. Specifically, are you prepared for a businessman bringing in a private mercenary force? It's happened before, after all.
I mean, Sealand's already been taken by military force once, and back then it didn't even have anything more interesting on it than a self-proclaimed prince, his wife, and their heir apparent.
Now, you've got some very very valuable data to protect, and while the equipment may theoretically be tamper-proofed, I would hope that that is not your _only_ assurance of security.
I'm not talking about full-blown military incursions, either
DNA just wants to be free...
What company is providing *you* with networking on Sealand? Is it possible that they could be liable under the laws in their own country for traffic coming out of Sealand? It's possible that this could negate any benefit to setting up a Sealand server.
Several come to mind... First, is Havenco hiring? It would be cool to work in a datahaven. Second of all what would HavenCo do if all of their outside access was cut off, either by hostile intent or by bureaucratic nonsense? Pretty neat, if you can keep other people from trying to regulate you or put you out of business.
Network penetration is network engineering, in reverse.
The question doesn't make sense. Free speech is free speech. Illegal speech is not free speech. For supporters of free speech, there is no such thing as "illegal data".
Having said that, the other posters here are correct... HavenCo isn't taking such a bold stance. They won't allow "illegal data." Read the FAQ... er, actually, the Acceptable Use Policy.
MSK
Then, buoyed by the apparent immunity, somebody else will do it. Then another bloke will do the same.
This will go on until her majesty's government is sufficiently annoyed and the Royal Navy is dispatched to forcibly reclaim british sovereignty over your bunker.
What will you do?
--
Here's my mirror
Ooo! The more interesting question to ask is:
:-)
Can I get (either for free, or since this is a business, for pay) an email address at havenco.com, or some other domain hosted at Sealand?
In reality, the most important data any person or organization has is their email! It can be read, spied on, subpoenaed, etc. I'd pay MONEY for this service.
Will Sealand be getting a top-level country code? If so, you could also sell domains, but let me say that I think the hottest idea is selling web-based email accounts.
Dibs on "billg@havenco.com"
You claim to be a few millseconds by optical fiber from London. I recall some talk about satellite links.
If your link to London falls, can you still give good connectivity (latency and bandwidth)?
__
__
Men with no respect for life must never be allowed to control the ultimate instruments of death.
GW Bu
Yes, and part of Britain lies within Sealand territorial waters. I think the usual understanding is to split the difference.
-russ
Don't piss off The Angry Economist
I'm sure you know the extent of what you're getting into. This data haven represents an international "threat" to security/intelligence, a threat that sooner or later I expect a country's intelligence agency will choose to deal with.
My question is: how far are you willing to go with this data haven? It seems to mean much more to you than just a cool networking phenomenon; are you willing to fight and even die for these ideals?
-peeto
Cretin - a powerful and flexible CD reencoder
If you are requested to disclose the contents of a server under RIP, will you claim to be in the UK, or outside it ? How strongly will you assert this ?
You say in the FAQ that you won't store things which are illegal in the client's country. It seems to me like one of the most important attributes of a data haven would be its ability to let people escape oppresive governments. If they can't do this, then what are they gaining by going to you with their data?
Setting up a company on a remote island, even one that doesn't require a lot of on-site workers, was undoubtably difficult.
:)
What were the major challenges of setting up on the island? How many people, and what sort of equipment did it take? Is there more left to do?
What are some of your day-to-day facilities like (food, shelter, perhaps even recreation)?
What is your daily cash burn rate? Are there ways to cut it?
Are you making a profit now? If not, when do you plan to be able to?
Do you have a plan in case of a hostile take-over?
Where can I send my resume?
Interesting concept...I wish you luck!
-AP