undefined | Better HN

0 pointshydrogen1810y ago0 comments

I don't really follow your logic here. If your servers are physically in the US, a judge will just issue a warrant to seize the servers.

0 comments

10 comments · 2 top-level

robn_fastmail10y ago· 6 in thread

Maybe. They'd have to issue that warrant to our datacentre operators though, not us, because there's nowhere to send the documentation. And then they can compel our datacentre not to talk about it, if they like, but they can't stop us talking about.

Really though, the point of all this isn't to say they can't take our servers - of course they can, via legal and illegal means. The point is more to say that they can't do it _quietly_, which greatly raises the bar, because now you've got a PR shitstorm to deal with.

But really, it's not going to happen, because we have good legal processes in place. There are proper channels from most countries in the world to the appropriate Australian authorities, and from there to us, and once that request comes in we service it and that's that.

If you want reasonably secure and private email, and you're not doing really dodgy shit, we're probably a safer choice that many. But we're not selling a privacy service, just an email service. If privacy is 100% non-negotiable for you, then you'll need to look elsewhere.

techdragon10y ago

Sold. I've been on the fence about moving some of my most important addresses off of the cheap shared hosting Cpannel managed crap they are on at the moment. It's crap hosting but it's free.

Your Australian honesty, "not doing really dodgy shit" won me over. I'm going to move a few over and check your service out properly.

Nice to see another Australian company doing well :-)

duncan_bayne10y ago

Not only is their product good, but their service is first rate.

I was recently working with the developer of the ASynK contact synchronisation tool ( http://asynk.io/ ) to track down an issue I was having synchronising contact details from Fastmail using CardDAV.

It turned out to be a Fastmail issue; one of their developers was quickly on the GitHub issue chatting to the ASynK maintainer about it, and they had a fix in a couple of weeks.

Impressively clueful support.

kozukumi10y ago

> If you want reasonably secure and private email, and you're not doing really dodgy shit, we're probably a safer choice that many. But we're not selling a privacy service, just an email service. If privacy is 100% non-negotiable for you, then you'll need to look elsewhere.

Hot damn you should put that on your front page. Ok maybe not but to people like me that is without a doubt the best way to phrase your sell.

sgc10y ago

I use fastmail and I am happy with it, but you may never know if they access your servers and mirror them using the datacentre back end. Honestly, I would be surprised if they have not done so already, it's not like you are a low profile target.

MichaelGG10y ago

Thank you for all of your and colleagues' replies in this thread. I'm sold. I've long been impressed with fm's engineering; just wasn't clear on what the US presence really meant.

When privacy is non-negotiable, I don't use SMTP email.

hydrogen18OP10y ago

> once that request comes in we service it and that's that

Well yeah, of course they aren't going to seize your server if you just give them everything they want. It is far easier and cheaper for them.

alfiedotwtf10y ago· 2 in thread

All drives are encrypted. They may take our servers, but they'll never take our customer's data.

throwaway12353410y ago

Those servers -- do they have Firewire Ports? USB3? Other externally accessible DMA ports?

Drive encryption prevents offline data at rest, they keys will be in memory for a running server. If LEA is going to grab your servers, your keys are going to go with them.

brongondwana10y ago

Yeah, it's true - same for anyone. The main benefit of encrypting the drives (indeed, the only reason I was willing to do the tradeoff for something which is mostly theatre) is that we can RMA failed drives and discard old drives with no risk to customer data.

That alone is worth paying the slight overhead on modern CPUs for full disk encryption of all user-data partitions (the OS isn't encrypted - it's Debian with some open source packages on it, and we throw it away anytime - http://blog.fastmail.com/2014/12/07/automated-installation/)

j / k navigate · click thread line to collapse