Slashdot Mirror
Ask Havenco's CTO Anything You'd Like
A few days ago you read here on Slashdot about the datahaven called Havenco poised to open six miles off the English coast, in the semi-recognized, undeniably eccentric principality of Sealand.
Havenco CTO Ryan Lackey has graciously agreed to answer
questions from Slashdot, and to involve others on the Havenco team in answering questions he can't. C'mon -- how can you not be curious about an off-shore datahaven in an anti-aircraft bunker? Ask questions in the space below, and we'll forward 10-15 of the highest moderated ones on to Ryan. [Updated 15:40GMT by timothy:] Remember, many of the obvious questions are answered on the Web sites above or in the comments of the first story. Fire away with meaty technical questions -- they're up for it!
Forget about internet connectivity. In all honesty, I'd like to know what sort of defense systems you're country has? What are you going to do if some country gets angry about what you're posting and decides to invade? Honestly! I mean, anyone can take of say, martha's vineyard, with just a few people and declare it it's own independant country, but the US could and would drive them out in a heartbeat. Likewise, I could find a desserted island in the pacific and say it's mine, but only until a country with more weapons than me decides they'ed like it instead... You could ally with another country, and use their arms as your own, but in all likelyhood, the entire purpose of this country seems to be to be able to disregard other countries laws... Thererfore, places like the US, France, etc... aren't very likely to step up to defend you...
Sealand will inevitably have thin comms links and so will be more exposed than most to a DoS attack. Recent cases have involved ISPs pulling user sites simply for being attacked in this way - they accept the target site is blameless, but pulled it "for the good of the majority of users" and the restoration of their own comms.
How would Havenco respond to such an attack ? Taking the moral highground, or the pragmatic approach of letting individual users be picked off ?
From the pictures and schematics I've seen, it looks small, especially if you intend to cram it full of servers, dishes, generators, fuel, supplies and security guards.
Are you going to sink more barges/piles to expand your area?
George
What motivates you to set up a data haven? Are you motivated primarily by libertarian principle, or do you intend it mostly as a way to make money from sealand's sovereign status? Or both?
Will you allow data that does any of the following:
- evades taxes or excise?
- breaks local morality and legislated morality (including where oppressive eg: Iran)?
- belongs to political dissidents?
- belongs to terrorists, organised-crime, etc?
- is uploaded and maintained completely anonymously?
- is maintained with absolutely no access granted to anyone trying to prosecute on grounds of its content?
Do you percieve what you're doing as moral? If so why?
My first question is slightly silly, but did this idea arrive as a result of Cryptonomicon? The second is, where did you look for funding, and how will your backers affect your business plan? Third, are you planning on having banking services?
And are you, as employees/founders of a company, prepared to be carted off at gunpoint, and possibly put on trial, for the activities of your business?
you're providing a service to people who in some cases can't get it anywhere else. how do you justify the fact that people are going to hold illegal data in your facility in the name of free speech?
I agree that the best method is to retain good relations with your neighboring countries, but if relations go sour, what technologies are you implementing to ensure that no other country can sever your connectivity to the rest of the world?
The Sealand folks seem to base their view of sovereignty on a decision in a relatively lowly UK court taken a while ago. While at the moment they may be nominally independent, it seems to me pretty likely that if the matter was taken either to a higher court or to the international community in general, it would really be found to be part of the UK and not a sovereign state at all -- and as it's an artificial structure, the Royal Navy could presumably claim ownership, as they put it there in the first place.
Given this, and the fact that from what I've read, Havenco only has one connection to the outside world running directly to the UK, whereas a really useful data haven would, to my mind, need several connections to several different countries to be really viable or immune from legislative interference -- is this really intended to be a viable idea, or just a publicity stunt?
And how are those plans for world domination going?
Are you going to have Jill St. John stop by for a photo op? Or maybe Plenty O'Toole?
This is all covered on their website.
Hardware - VA Linux Boxes.
OS - Debian, RedHat, OpenBSD, or FreeBSD 4.0
Access - Doesn't say, but I am assuming ssh, ssl, etc, since it says open secure protocols.
Why don't people read the available info, before wasting questions asking stuff that is easy to find out, and doesn't require their CTO?
Oh well people are just lazy I guess.
>~~~~~~~~~~~~~~~~
>~~~~~~~~~~~~~~~~
Pilchie
My question is this: were you inspired by Cryptonomicon, or did Cryptonomicon scoop you? If the former, then this is not the first time SF inspired real world events, a self-fulfiling prophecy. If the latter, then this must be one of the quickest SF predicted prophecies. How does it feel to be in this position? I gather you are already sold on the necessity and market for a data haven. How seriously do you take Stephenson's warnings of governmental or corporate harassment?
Is there any way that we internet users or the Open Source Community could help with Heavenco? Are there any specific software/software security need that you have? Have you considered working with individulas/groups from other countries to help politically support your operations from their native soil?
You've chosen to try and execute a great idea. Like all great ideas, it needs demo'ing to possible investors and customers before it can really fly.
My question: is HavenCo in Sealand simply a flashy demo for a planned 'public beta' somewhere in Asia or the Carribean later on?
Thank you.
Chris Worth
- Read fiction at www.espressostories.com
Let's say that you do manage to completely secure your clients' hardware and data. Do you think you can also completely obscure the fact that said client is doing business with HavenCo?
If so, may we have more details on how?
If not, do you think that certain governments will make it a crime to simply do business with Sealand? I understand your explanation that you're not undermining the authority of other governments -- but you are undermining their power to legislate away certain activities to which they object, and I imagine they won't like that. In a world which places little value on a citizen's soveriegnty against hir government, there would be few reprucussions to (say) the U.S. making it illegal to purchase your services, but it would put a big dent in your ability to do business.
- Michael Cohn
-----
Go ahead, blame me... I voted for Nader!
Most terms and conditions for ISPs restrict you from undertaking illegal activities and are recognised as being legal in the country that service is obtained from. If you HavenCo host something that is disallowed in the Terms and Conditions you agreed to then claiming International independance is not an option.
About the only way I can see of getting round this is to take bandwidth from a much more liberal country who are more likely to accept the money without questions.
Matt Thompson - Actuality - Insert product here.
1...The website displays a copyright logo. Did
Sealand sign the Berne Convention, and thus does
it respect copyright?
2...Explain who is the real owner, because outsiders are confused with havenco, principality-sealand.net and sealandgov.com
3...Will I be allowed to store encrypted files there that HavenCo can't possible read, condone nor condemn?
4...Why does Havenco insist on policies that allow them to remove content based on their disgretion? How many judges does Sealand have to deal with this, or will Joe random Sysadmin play judge?
5...How will havenco prevent their backbone ISP or that ISP's country from interfering with Sealand/Havenco?
Everyone seems to be concerned with other governments capturing Sealand or claiming ownership of Sealand. I think it more likely that they would just sever connections to prove their points, and that has already been addressed.
But what about terrorists? What if some terrorist organization sees Sealand as a get rich quick scheme, and wants to capture and hold hostage the sensitive data of some of the worlds largest companies? Threats to divulge internal secrets, data loss, exposure of personal information of clients and accounting records have all got to sound like a good opportunity to someone out there.
Surely, government militaries cannot be expected to defend what is clearly a corporate undertaking (though I suspect some governments would think it was their job), so what kind of defense is Sealand, or HavenCo in particular going to have in place if any?
-Tommy
"I got a half gallon of Jack, and 2 dozen Ant Traps. I'm about to get wild." -me
I haven't seen this question yet, so now I ask. In order to do the proper due dililgence on this matter, I would like to know what you will do when you get shut down? I don't think it likely at all that the UK will not take a serious look at what you are doing and disagree with it. They are not going to allow you to operate within their territorial claim and not be subject to their laws. Period.
;). What do you plan to do when, either the UK invades, the US invades (highly likely from where I sit, there are entirely too many people in this country that think that my business is their business), or some non-governmental organization invades? Why wouldn't some unscrupulous individual bent on corporate espionage and blackmail just hire some mercenaries and come steal your servers?
I've read that you have plans for other locations, but the information was very vague (as is this question
I love the idea, but this is just ridiculous. Unless you've got unlimited capital coming out of your ears, this is not going to happen. Even if the governments leave the physical location alone, they are bound to shut off your land lines. Satellite bandwidth is beyond prohibitively expensive right now and will remain so for many years. Do you plan to launch your own satellite and man your own ground station in some secret location in order to maintain connenctivity? Even that wouldn't be enough. Governments would find that and shut it down too...
clearly, you folks are in a highly secure location, and can protect your data and hardware from unwanted access. however, what measures do you have in place to protect yourselves from hostile (physical) invasion? considering your unstable relationship with the british government and how the mpaa convinced the sweedish government to raid a kid's house for the decss thing, what is to stop some sort of military/police infiltration of your facility if somebody decides that you are hosting something they don't like?
1) There is a not-all-that-slim chance that if activities began to occur on your data haven that the Western powers disagreed with, they would find a way to excuse an invasion and confiscate your equipment. The obvious wrong answer to this would be to build your own defense. Is such an invasion even a conern for you? Have you given any thought to signing treaties or other such matters of statecraft, or do you think the international community doesn't take you seriously enough to consider such offers?
2) Second, with the coming of sites such as Freenet, do you feel that a data haven such as you have envisioned is still necessary?
- Rev.I'm curious to know what platform or platforms you will be running your service off of? My guess would be something like openBSD and solaris w/ some microsoft scattered about for customer compatibility, but what do I know?
Also how will clients access their files and how will those files be stored? Will you be using existing technology now like ssh/https type for the transfer or will you be writing a secure client?
Thanks.
I was wondering if you have multiple internet backbone connections. I read something about a microwave link to the mainland, but no details.
Do you have multiple microwave links?
Do you have connections to multiple countries, so the UK can't just shut down your connection?
What is your primary source of electrical power, and how long can you operate with backup power when that fails?
Best Regards,
Local Loop
Lots of people are asking questions about physical security, and how you're going to repel missiles and commandos, but I've got the opposite question: why do you need physical security and a physical location at all? Would not the best way to protect your customers' data be to wrap it in hard crypto and distribute it far and wide across the whole of the net, ensuring that there is not a single point of failure or a single physical installation that can be isolated?
As we've seen again and again recently, the best protection against censorship and other legal attacks is massive redundancy and decentralization.
According to the Sealand Government web site, Havenco "will now take over operations of the government of Sealand." As I understand the other text on the same page, it is generally believed that the government of the UK would not interfere in any acts of piracy, terrorism, or assault on your "territory." Since you are now within the limits of the territorial waters claimed by the UK, you probably won't have to worry about a full-out assault from a sovereign nation, but another attack like that of 1978 could happen again. Of course, there is nothing but a few court rulings to protect you from Her Majesty's Armed Forces.
Given the precarious nature of the "sovereignty" of Sealand, will you be seeking international recognition and treaties to guarantee your physical security from such attacks? Will you be joining any of the international protocols for cooperation in law enforcement or other areas? I would think that joining these would go a long way to cementing your viability.
Just be sure to wear the gold uniform when you beam down -- you know what happens when you wear the red one.
After reading your TOS I have become rather curious in regards to the following cluase:
Unacceptable publications include, but are not limited to:
In the case of the Sealand datacenter, what are some of the limitations?
Please note that in the following examples I am not equating one example with any other or implying that any of the following should be censored; rather they are examples of what I would consider sticky wickets when running a "data haven" and wonder how such things will be handled.
Imagine the following:
I am a rabid anti-choice activist in the United States. I wish to post a site with a hit list of doctors performing abortions in the United States. After each "accident" I wish to mark them with a big red X. I publish detailed information on how to find each of these doctors.
Is this site permitted?
I am a hacker who wants to play DVDs on my Linux box and I want to use free software. I want to place source code on my website. The United States says this violates some stupid law and some annoying people object.
Is this site permitted?
I am a devote Iron Chef fan and Fuji TV has just sent me a cease and desist order. I wish to move my materials to Sealand.
Is this site permitted?
I am a regular guy in the UK creating a website about my daily life. Some people don't like the way I talk about them and my site is pulled.
Is this site permitted?
Will you allow sites advocating the overthrow of rival goverments, challenged uses of intellectual property, bomb making instructions, and other information that will get other nation-states panties in a twist?
~~ What's stopping you?
Don't say it can't/won't happen. Unfortunately, it can and probably will.
You can never equivocate too much.
How, generally speaking, are you handling physical security at Sealand? Private guards and/or hired mercenaries, evil high-tech lazer defense systems, rabid dogs with bees in their mouths so that when they bark they shoot bees at you, what?
... I'm sure the UK will look after you in that regard. Specifically, are you prepared for a businessman bringing in a private mercenary force? It's happened before, after all.
I mean, Sealand's already been taken by military force once, and back then it didn't even have anything more interesting on it than a self-proclaimed prince, his wife, and their heir apparent.
Now, you've got some very very valuable data to protect, and while the equipment may theoretically be tamper-proofed, I would hope that that is not your _only_ assurance of security.
I'm not talking about full-blown military incursions, either
DNA just wants to be free...
What company is providing *you* with networking on Sealand? Is it possible that they could be liable under the laws in their own country for traffic coming out of Sealand? It's possible that this could negate any benefit to setting up a Sealand server.
Several come to mind... First, is Havenco hiring? It would be cool to work in a datahaven. Second of all what would HavenCo do if all of their outside access was cut off, either by hostile intent or by bureaucratic nonsense? Pretty neat, if you can keep other people from trying to regulate you or put you out of business.
Network penetration is network engineering, in reverse.
Ooo! The more interesting question to ask is:
:-)
Can I get (either for free, or since this is a business, for pay) an email address at havenco.com, or some other domain hosted at Sealand?
In reality, the most important data any person or organization has is their email! It can be read, spied on, subpoenaed, etc. I'd pay MONEY for this service.
Will Sealand be getting a top-level country code? If so, you could also sell domains, but let me say that I think the hottest idea is selling web-based email accounts.
Dibs on "billg@havenco.com"
I'm sure you know the extent of what you're getting into. This data haven represents an international "threat" to security/intelligence, a threat that sooner or later I expect a country's intelligence agency will choose to deal with.
My question is: how far are you willing to go with this data haven? It seems to mean much more to you than just a cool networking phenomenon; are you willing to fight and even die for these ideals?
-peeto
Cretin - a powerful and flexible CD reencoder
You say in the FAQ that you won't store things which are illegal in the client's country. It seems to me like one of the most important attributes of a data haven would be its ability to let people escape oppresive governments. If they can't do this, then what are they gaining by going to you with their data?
Setting up a company on a remote island, even one that doesn't require a lot of on-site workers, was undoubtably difficult.
:)
What were the major challenges of setting up on the island? How many people, and what sort of equipment did it take? Is there more left to do?
What are some of your day-to-day facilities like (food, shelter, perhaps even recreation)?
What is your daily cash burn rate? Are there ways to cut it?
Are you making a profit now? If not, when do you plan to be able to?
Do you have a plan in case of a hostile take-over?
Where can I send my resume?
Interesting concept...I wish you luck!
-AP