It's Baaaaaack: HavenCo Trying Once Again To Bring Encrypted Computing To The Masses, But Not Hosted On Sealand

from the yeah,-good-luck-with-that dept

If you were into digital and cryptography issues a little over a decade ago, you surely remember the debacle of HavenCo, the attempt at a secure data haven hosted on the “micronation” of Sealand (better known as an abandoned platform off the coast of England that some folks “invaded” and claimed as a sovereign nation, which no government recognizes). HavenCo and Sealand was a story the press loved, and the hype level was astounding, followed by the whole project being a complete disaster. Last year, James Grimmelmann wrote a fantastic look-back/post-mortem of HavenCo and an even more detailed and comprehensive legal review paper all about Sealand and HavenCo. If you want the history of all of this, start there. Or, if you want the fictional account of the mindset that went into HavenCo, pick up a copy of Neal Stephenson’s Cryptonomicon.

Now, it’s being reported that James Bates, grandson of Roy Bates, the “founder” of Sealand, has teamed back up with Avi Freedman, one of the initial funders of HavenCo, to relaunch the project with a focus on bringing data security to the masses. Feel free to insert whatever skepticism you have for this project right now, because you’re not alone. To their credit, there are two things that are different this time around. First up, they’re not trying to host the data center itself on Sealand, which was a part (just a part!) of the mess the last time around. Instead, they’re just using Sealand to host air-gapped machines with encryption keys. The actual data will be encrypted, but hosted elsewhere, including in the US and EU, where they believe it will be safe because of the encryption:

Sealand still plays a role in HavenCo’s new business plan, but this time, Freedman says, HavenCo 2.0’s servers are going to be based in the United States and the European Union, not stuffed into the legs of an anti-aircraft platform. (Some of the servers are even in northern Virginia, a couple dozen miles from the NSA’s Maryland headquarters.) The company will use the platform to stash cold data (i.e., drives that aren’t connected to the internet and don’t need to be quickly accessible), including encryption keys. Without the encryption keys, the data stored on the mainland servers is all but useless, and Sealand gives HavenCo enough time to shut down their backup servers and dump the keys. “We’re not advertising thermite charges or EMPs,” says Freedman, but “it’s a less exotic method of making the machine a cold dead box.”

Also, they’re offering more basic tools for protecting your data, rather than trying to build out an entire utopian offshore data haven:

HavenCo 2.0 has four main components: virtual private networks (VPN), which create private networks over public ones; secure network storage; Least-Authority File System (LAFS) storage, an open-source, decentralized storage system; and web proxying, which allows users to shield their IP address by routing through other servers. The end goal is creating communications and storage that are key-encrypted from start to finish.

Of course, the other big difference this time around is the NSA. Or, more specifically, the recent revelations of what the NSA has been doing. As we’ve been noting, there’s a growing interest in greater online privacy and security, and a number of different services have been popping up lately to help provide that. Of course, that also means a lot more competition for HavenCo, and given the brand’s dubious background, they may have significant difficulty getting people to bother signing up.

Filed Under: , , , , , ,
Companies: havenco

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “It's Baaaaaack: HavenCo Trying Once Again To Bring Encrypted Computing To The Masses, But Not Hosted On Sealand”

Subscribe: RSS Leave a comment
Josh in CharlotteNC (profile) says:

Trust my encryption keys sitting on a server in Sealand? I think I’ll pass.

Don’t get me wrong, I’m all for a real data haven Cryptonomicon style, but Sealand isn’t remotely close. (No UN recognition of soveriegnty, long track record of unstable “government”, no independence in energy, finances, or even food supply makes that a no-go.)

Avi Freedman (profile) says:

Re: encryption keys on Sealand

Actually, the idea about key storage specifically is to be able to store encrypted copies of your keys (that HavenCo doesn’t have the ability to decrypt) in case you lose them.

Somewhat like the keys or boot disks you get with drive encryption software.

This becomes particularly important (or, has been an asked for augment to the offering) with LAFS, since the file name (“capability”) in LAFS has the decryption key as part of it. So for users not already running drive encryption, they need to store those names on an encrypted partition or in an encrypted file.

Could be done by users on S3, a google doc, email to gmail or elsewhere, but people have asked for it as part of a service.

nasch (profile) says:

Re: Encryption Keys

If you do not manage your own keys then you do not know when they are compromised.

If you encrypt your private key using your public key and then store it off site, that’s perfectly safe. If you don’t trust that nobody can get your key that way, then you don’t trust your encryption anyway and shouldn’t be using it for anything important. Right?

Anonymous Coward says:

“If you were into digital and cryptography issues a little over a decade ago, you surely remember the debacle of HavenCo, the attempt at a secure data haven hosted on the “micronation” of Sealand (better known as an abandoned oil platform off the coast of England that some folks “invaded” and claimed as a sovereign nation (which no government recognizes).”

Seriously? First paragraph and the article is already almost unsalvagable.

There’s a missing ) in there somewhere. Also, Sealand is not on an abandoned oil platform. It is actually on something called a Maunsell Fort, a military offshore structure from the times of the WWII, primarily designed to house anti-aircraft defenses.

I’ll save you the trouble of doing some basic research, “journalist”, and provide some useful links.

Avi Freedman (profile) says:

Re: metadata

Using LAFS for file storage, the metadata is encrypted as well – so HavenCo or any other LAFS-based operator wouldn’t know exactly what chunks of data go with what files. There are downsides to that – file consistency can’t be checked since we don’t know what chunks go with what files, and what files or directories go with what parent directories.

With the S3-compatible offering, metadata is not encrypted as well. When users enable AES-256 on clients such as Cyberduck or SME, the contents and name of the files/objects are encrypted, but we do have the ciphertext (encrypted data) grouped by file.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...