this post was submitted on 11 Jul 2023
22 points (92.3% liked)

Selfhosted

40152 readers
545 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

Why happen if I store pirated content inside my VPS? I think the answer is pretty obvious, in their TOS should say that if I do that they will BAN me without warning, but can they detect the files? Or worse, what if I download directly into the VPS with torrent or Jdownloader?

From what I understand (and based on USA laws) only if I torrent something they can BAN me, because I'm redistributing something with copyright in their servers, and I don't only refer to games, this can apply to music, movies, etc.

top 19 comments
sorted by: hot top controversial new old
[–] [email protected] 9 points 1 year ago* (last edited 1 year ago)

Most can detect traffic. Content itself, I do t know. Certainly some can.

Probably will remove you. Ban you. And pass on any data they may have to authorities.

It’s the main reason I don’t do it. Even if it’s extremely unlikely.

That’s what my homelab is for. But even then, it has its own problems.

[–] [email protected] 6 points 1 year ago (1 children)

There are VPS services that dont give a fuck about DMCAs and pirated content. You should specifically look for one like that if this is your intent. I do not have any specific provider recommendations but you might find something useful in lowendtalk.

[–] [email protected] 1 points 1 year ago

This is true. I know of one that doesn’t care but I’d prefer not to out them even though a lot of people surely know already.

But how could a provider find out, if they are one that cares? Well, they could sniff all their network traffic, do some SPI/DPI on it, store those logs, and run automated analysis on them periodically.

Even then, they’re not going to do the job of, say, the RIAA or MPAA for them. So in most cases, the only way a host would find you out on their own is things like high storage usage (maybe), high amounts of commonly-pirated file types, and high usage of certain protocols (like torrent). Outside of that, probably nothing would happen until your host gets a DMCA notice.

[–] [email protected] 5 points 1 year ago

I would assume the server in the closet is better for this, I mean don't pirate is that better FBI?

[–] [email protected] 4 points 1 year ago* (last edited 1 year ago) (1 children)

If you rent a VPS, you're having a legally binding contract with whatever company you choose. Read that contract/agreement! It will contain information like if they snoop at your data, if you allow them to rat you out to somebody else or what is allowed and what isn't allowed and consequences if either party does something wrong. You won't find that specific information in US law or some general answer that applies to every provider.

If they say in their TOS: 'we will ban you if you do X' and you agree to that and then do X, they'll probably ban you... if they say something else in their TOS, then something else will happen. this is how contracts work.

However, i'm not sure if US law provides citizens with something like privacy. In other jurisdictions, it is forbidden to just scan through all your customer's data to see if you can find something incriminating. At least on the level of pirating some movies.

And the FBI might have real criminals to arrest. I'm not sure if they're actively looking for peanuts like one person who runs JDownloader. Unless you point them right at it. YMMV

[–] [email protected] 1 points 1 year ago (1 children)

AFAIK, web hosting clients here in the US don’t really have any expectation of privacy from their host itself.

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago) (2 children)

Rly? How do you do business in the US? How do (small) companies rent webservers that process credit card information of their clients? How do they store sensitive data? Like data you're contractually obliged not to tell anyone. Where do you sync private data from your phone?

I know technically, you can snoop at data if you're the host and the server is right there with you. But surely that has to be illegal?

[–] SheeEttin 2 points 1 year ago

You work with a provider that is SOC 2 compliant, meaning while they have the ability to access your information, they can only do it in a way that is controllable and auditable by the provider.

[–] [email protected] 1 points 1 year ago

No idea. Maybe hosts typically follow a policy of not snooping in stored files without a ticket requesting or authorizing it implicitly or explicitly. At least that would make sense to me.

[–] [email protected] 4 points 1 year ago

I wouldn't do it unless maybe the provider gives a wink wink that they are pro-privacy and are hosted in a nation that doesn't have strong copyright laws.

Or host it at home, and use a VPN to torrent.

[–] [email protected] 3 points 1 year ago

Set up full disk encryption or an encrypted container like gocryptfs. But typically they analyze network traffic not IO traffic because that's quite a pain to implement as they'd have to reimplement the entire filesystem just to analyze what you store.

[–] [email protected] 3 points 1 year ago (1 children)

Microsoft has been known to detect unencrypted passwords on storage or emails and try them on the encrypted zips that are stored. It may be standard practice to operate across borders.

[–] [email protected] 3 points 1 year ago (1 children)

Really? Any proof of this?

[–] [email protected] 2 points 1 year ago

Here’s an Ars Technica article talking about it.

[–] [email protected] 2 points 1 year ago

It depends on provider, one thing I can tell you for certain is that most of them don’t scan your file system, it is overhead they simply don’t need.

What is likely to happen is that they’ll get sent a DMCA and if they are a company that cares about DMCA claims (I.e. OVH) they’ll shut you down, if they don’t care then that DMCA claim goes directly to the trash can and you can continue business as usual.

[–] [email protected] -2 points 1 year ago (1 children)

Given that the Fediverse is wide open, unencrypted, and your instance owner is no more immune to getting a subpoena from law enforcement than anyone else ... one might think twice about asking questions of the form "if I commit a crime can they find me" here. Even if your VPS can't detect it, you just left a paper trail here by asking how to commit a crime. :) Bad plan.

Your Fediverse instance owner might consider deleting your post and perhaps your account to keep them from being the subject of such a subpoena in the future.

[–] [email protected] 1 points 1 year ago (1 children)

Honestly you are right, I should think before posting things like this, may sound dramatic but I don't want my whole Instance to be damaged by a post.

[–] [email protected] -1 points 1 year ago (1 children)

Not just your instance. Every instance Federated with it that got a copy of your post is part of the chain of evidence. Don't plan crimes in the fediverse for heaven sakes.

[–] [email protected] 3 points 1 year ago* (last edited 1 year ago)

IP is not shared via activitypub FYI. Only the instance owner would have that.

That being said, yes don't plant crimes as federation makes removing your incriminating comment across instances near impossible

load more comments
view more: next ›