Earlier today, ServInt signed on to a letter, spearheaded by the Center for Democracy & Technology, that was sent to leaders in the U.S. House and Senate. The letter urged reform of U.S. surveillance practices “by limiting the scope of surveillance and by substantially enhancing…privacy protections, oversight, and accountability mechanisms” — specifically through the enactment of the USA FREEDOM Act, about which we’ve written here before.
Following is a transcript of the letter. Please take a moment to look it over — then contact your elected representatives to urge them to support it. If you’re looking for the Reader’s Digest version of what’s at stake here, it boils down to this: the USA FREEDOM Act would close a wide range of loopholes in previous homeland security-related legislation that make it easy for the government to gain access to your e-mail, data, and other private information, without warrants or the protection of other elements of basic due process. Here’s the letter:
We the undersigned civil society groups, trade associations, companies and investors are supporters of the free and open Internet. We are writing to urge that intelligence surveillance practices be reformed by limiting the scope of surveillance and by substantially enhancing the privacy protections, oversight, and accountability mechanisms that govern that surveillance.
Recent disclosures regarding intelligence surveillance activity raise important concerns about the privacy and security of communications. This surveillance has already eroded trust that is essential to the free flow of information and to the exercise of human rights and civil liberties both in the United States and around the world.
To rebuild trust, we urge that the U.S. government act expeditiously to:
- allow companies to be much more transparent about the number and type of surveillance demands they receive;
- be much more transparent itself about the surveillance demands it makes, the surveillance activities in which it engages, and the legal bases for both;
- focus intelligence collection on terrorists, spies and other agents of foreign powers, rather than on everyone else; and
- ensure that its surveillance practices honor both Constitutional and human rights.
Toward this end, we welcome introduction in the House and Senate of the USA FREEDOM Act – legislation which promotes these goals. We oppose legislation that codifies sweeping bulk collection activities. We look forward to working with you on the USA FREEDOM Act and other legislation designed to protect the privacy of Internet users while permitting appropriately targeted intelligence surveillance necessary to protect against terrorism.
This past weekend, I had to take a long road trip to help somebody with an interstate move. As I often do when I’m struggling to keep my eyes open after many hours on the road, I tuned in some talk radio. As luck would have it, I managed to catch a half-hour or so of Glenn Beck’s daily radio program. On this occasion, Mr. Beck was spending a good portion of his time selling a new e-mail service — one which he claimed would “never, ever, ever” surrender any content to Uncle Sam unless the government first came armed with a warrant. For this privilege, Mr. Beck expected listeners to subscribe to his TV channel, for the modest annual fee of $99.95.
Let me make one thing perfectly clear: I am not writing this blog post to discuss Glenn Beck’s politics, or even his (considerable) marketing acumen. No, I’m reserving my precious blog column-inches to call Glenn Beck out for something that is well within my professional wheel-house: the fact that he is misinformed about how e-mail service providers are actually obligated to work with law enforcement, and, more importantly, the fact that he is not helping in the effort to get the NSA out of America’s e-mail inboxes.
To be fair, Glenn Beck is promising one thing that is under his control (though there are any number of e-mail service providers who offer it without the $99.95/yr price tag): that his service will not scan its customers’ e-mail accounts for the purpose of serving ads that match content included in those e-mails. However, Mr. Beck’s other claim — that his e-mail service will only yield to government inspection upon presentation of a warrant — well, let’s spend a moment looking at that more carefully. We’ll start by examining how Glenn Beck himself describes his offering, in a recent online “broadcast”:
(Note: I’m not going to provide any links to Beck content in this blog post. It’s easy to find plenty of Glenn Beck-sanctioned information about his e-mail offer with a simple web search.)
Beck says: “Everybody is scanning your e-mails, so they can… target you for the Feds…”
We say: The NSA scans a portion of all internet traffic, large enough that it could possibly contain most or all e-mail traffic sent inside the United States. This is being done without the consent of ISPs, web hosts and other e-mail providers. In addition, all e-mail service providers/web hosts are required, by law, to surrender any e-mail content they may have if they are served with a warrant by law enforcement. In fact, as detailed by our COO, Christian Dawson, in this post, there are circumstances where law enforcement can force e-mail service providers to hand over your old e-mails without a warrant. You cannot avoid the NSA scanning, or law enforcement searches, no matter how much you pay Glenn Beck.
Beck says: “The NSA and Google (scan your e-mail), and they’re in bed with each other.”
We say: Beck is conflating things here. Gmail does scan its users’ e-mail accounts, in order to serve them with targeted advertising — which they see as the price users of its e-mail service pay to get Gmail for “free.” Separately, documents released by Edward Snowden suggest that the NSA has been eavesdropping on e-mail traffic headed into and out of the Google network, completely unbeknownst to Google. In addition to that, Google, like all e-mail service providers, is required by law to respond to warrants and legal, warrantless requests requiring them to share e-mail content, if they have any. These things are not related to one another.
Beck says: “We’re not surrendering any lists, any emails, anything, without a warrant…”
We say: As I mentioned before, there is nothing Glenn Beck can do to prevent the NSA from “reading” his customers’ e-mail, or to avoid legal warrantless demands for old e-mails — so there’s not much to that promise.
So what’s the takeaway here? If you want to protect your e-mail from unlawful inspection by the government, sending Glenn Beck $99.95 won’t accomplish anything. But a few minutes of your time might. Our COO has written two recent blog posts about things you can do that won’t cost you a dime, and could make a huge difference: supporting the USA FREEDOM Act and keeping abreast of developments surrounding ECPA. Do yourself, and your country, a favor by checking these posts out and contacting your congressmen to urge their support as required. Glenn Beck is right about one thing: unauthorized, extra-legal snooping into e-mail accounts is unethical, un-American, and just plain wrong. We just wish he would use his considerable influence to help change things for the better.
New Relic is a resource monitoring tool gaining popularity in the hosting community. It is not uncommon for our customers to ask for help installing this software. In my last article, I explained how to install New Relic’s application performance monitoring. In this post, we’ll look at installing their server performance monitoring.
New Relic has a free tier for their service. A free account allows you to monitor cpu, memory, disk, and network traffic for your server. The following directions will guide you through the installation of New Relic on a CentOS server. Other Linux OS servers will be similar, but not exactly the same. Please note that these directions require you to log in to your server on the command line and execute commands as root. Read more
Accessing SSH for the first time can be fairly daunting, but it doesn’t have to be. Command line access via SSH is the single most powerful tool you have for administering your server. Not only can you do everything on the command line of your linux server if you wish, there are certain tasks you can only accomplish through SSH command line access.
After learning how to check for permissions to access SSH, configure a client and log in to your server via SSH in part 1 of our SSH Basics series, you’re ready to execute your first commands. Let’s dive right in.
A user’s guide to SSH Read more
If you’re not careful about how you purchase hosting “in the cloud,” you can end up paying a heavy price for the freedom of a scalable solution. ServInt’s Jelastic Java and PHP cloud service is different. It autoscales, allowing you to only pay for what you use. It also allows you to purchase cloud resources in bulk, to achieve maximum savings — and it allows you to set scaling resource maximums, to make sure you never bust your budget during a traffic surge. Here’s a video to show you how it all works:
In a previous article, SSH Key Authentication, I explained how to generate an SSH key so you could automatically log into your server instead of using a password. This is convenient for you (no more typing the password) and very inconvenient for potential hackers. If you turn off password authentication (because you’ll no longer need it), no amount of password guessing will let a hacker in.
The previous article showed you how to add the key to your cPanel server, but what if you’re not running cPanel? Don’t worry, the process is just as easy for no-panel servers. I’ll show you how.
Adding the Key Read more
The USA FREEDOM Act: NSA Data Collection, the Escalation of Encryption, and Curbing the Digital Arms Race
On October 29, 2013, the USA FREEDOM Act was introduced to end the mass gathering of phone record data by the NSA.
H.R.3361/S.1599 is a bipartisan effort authored by Sen. Patrick Leahy (D-Vt.), chairman of the Senate Judiciary Committee, and Rep. James Sensenbrenner Jr. (R-Wis.) that seeks to curb the mass targeting of communications by American citizens by clarifying the language in Section 215 of the USA PATRIOT Act.
How does this affect you?
ServInt supports the USA FREEDOM Act because the same limitations that the bill places on the phone surveillance activities of NSA apply to other forms of communication, specifically Internet traffic. Not only should this bill get the NSA out of your phone calls, it should get them:
• out of your inbox
• out of your search history
• out of your text logs Read more
A great way to keep potential threats at bay and make your server more secure is to employ TCP Wrappers. TCP Wrappers are a form of access control you can use – in conjunction with a firewall – to lock out unwanted users and increase your server security.
TCP Wrappers are similar to a firewall, in that you can allow and deny IPs or hosts, but different as they provide some additional options as well. TCP Wrappers use access rules in the hosts.allow file to allow or deny connections to network services that use the tcp_wrappers library, libwrap.
For example, you may want to allow someone access to FTP files to your server, but not want to allow them SSH, WHM, or any other kind of access. TCP Wrappers allow you to grant them access to FTP, or another specific feature, while denying them access to everything else. Read more
So you want to build your own Minecraft server? Minecraft can be a pretty easy game to set up on a VPS. It just requires a few quick commands before you’re on your way to survival/adventure/creativity!
Note: This guide is specific to CentOS cPanel servers, but can be followed for a non-cPanel server as well. Also, this tutorial assumes you are familiar with working on the command line on your server via SSH. If you’re not, you might want to check out this article first to get your feet wet.
Also note: This tutorial does not include purchasing and installing the Minecraft stand-alone launcher. If you are new to Minecraft, download the launcher here to connect to your Minecraft server installation.
Without further ado, here are the steps to install Minecraft on a cPanel VPS: Read more
RAM (Random Access Memory) is computer storage that holds the data of running processes (i.e. programs). That data includes the image of the program itself, the data that the program uses to interact with the computer’s operating system, and the data that the program is actually manipulating to do whatever useful thing the program is written to do. Consequently, RAM needs to be a very fast data store that gives a running program nearly instant access to the data it needs to operate. It is also volatile — it does not survive reboot. By contrast, data on disk (whether traditional hard disk, or otherwise) is designed for long-term storage and large capacity at the expense of speed.