EC2 and Anonymity: Throwaway Instances?
Posted by Arcturus Kirwin on March 19th, 2008 filed in Anonymity, InternetI’ve been pondering uses for Amazon’s EC2 lately. Namely, what use could you have for it from a privacy or anonymity oriented standpoint?
My first thought was virtual private networks. Could these function well in an EC2 setup? Boot one up, dynamically configure it, and start routing through it. When you’re done, it’s thrown away.
Infact, you could do something similar with websites. If you create a partition in memory, disable swap and such on an instance. Then on boot, it loads an encrypted filesystem into memory and grabs a key that’s temporarily stored (Perhaps in Amazon’s SQS?) and uses that to unlock it. Then when you’re done, you can re-encrypt and re-store the data, ready for when you want to bring it up again.
And as it’s all in memory, there’s no tracability. Good for a site like WikiLeaks or something similar, perhaps? Infact, there could be many uses for EC2 in this field, and in many others.
Ignoring for a moment the scability of EC2, the simple fact that you can bring up and down instances easily and move data to and from S3, SQS, SimpleDB and other Amazon Web Services, means you can do things which would not usually be easily possible.
Anything from.. high-intensity natural language processing, to running simulators, even something as simple as a throw-away remote shell.
The possibilities are, whilst not endless, perhaps immense.
March 23rd, 2008 at 6:32 am
You are, however, relying on amazon’s goodwill, though. Whilst encrypted data is not readable by most mortals (governments may or may not be able to) you cannot guarantee that the memory on your EC2 instance and any i/o on it will not be monitored.
This is much the same problem as people using TOR to read their unencrypted emails.
And amazon will certainly co-operate with any search warrant…