Honest question, what makes you think that you will have more rights/privacy by hosting somewhere else? It's been my impression that there has been (comparatively) little backlash within the US regarding foreign data acquisition. Maybe all this attention on the NSA's activities will be the trigger for other countries to create or ramp-up their own data snooping efforts.
- the snooping is explicitly targeting foreigners. In USA I'm a foreigner, by hosting in my own country I have at least the protection of being a citizen.
- if I don't like the snooping my own government does, I can call my representatives, vote for "less snooping" political candidates, start lobbying etc. In a foreign country like USA I have no rights or leverage whatsoever.
NSA and CIA has been used for Industrial espionage purposes in the past, so I wouldn't be surprised if this whole PRISM program was in part for enriching the wealthy and connected even more (and their enterprises).
We already moved our servers & data back to Germany right now evaluating few replacements for Google Apps.
I'm not the OP, but I'll add my two bits here anyway…
I'm moving things off US hosted services - but at the same time I'm also ramping up my privacy protections as well.
For example, I'm changing from using Dropbox to using EncFS encrypted data stored on JottaCloud. I'm not _relying_ on Norwegian based storage to be any less at risk from the Norwegian state security service than Dropbox(/Amazon) data stored in the US - but while it's possible that the NSA might have crypto attacks or hardware/software backdoors that work against my OS and/or EncFS/GPG - there's a _much_ lower chance that the Norwegians have that (or that the US shares those attacks with Norway).
(I'm also using BTSync to get "cloud-like" multi-device file sync without needing to rely an _any_ cloud provider. The closed source nature of BTSync doesn't fill me with joy though - I'm experimenting with Tahoe/LAFS, but I'm not prepared to put in the amount of work required to give me access to data stored that way on my phone/iPad…)
For whatever I self-host, I use open source software I trust (and sometimes contribute to). For other services, I either encrypt as much as possible (i.e. encrypted storage, OTR for chat, PGP for email) and accept that anything non-encrypted is virtually public.
I could also host these encrypted things in the US, but here in Europe I have lawful rights, and my government does not torture, nor does it kill citizens who it sees as evil without any due process. I guess it's as much of a boycott as it is preventing a country that does not have my interests at heart from having access to my data and/or metadata.
Note that about a year ago the Dutch government has announced the AIVD (~Dutch NSA/CIA) budget is being cut 40% over the next few years, and defense spending has gone down too.
I'm sorry, but you are displaying a remarkable level of naiveté about how the world works.
I'm not excusing the NSA, but the reason why the USA is exceptional is precisely BECAUSE things like this are an aberration and not accepted as a matter of course. We discuss them as a society and change our government when it gets out of line.
Lets not forget that it was a democratically elected government in Europe that started WWII. And killed millions for nothing more than being born who they were. Systematically, and with the full acquiescence of the favored population.
I'm not excusing WWII, the reason Europe is exceptional is precisely BECAUSE things like that are an aberration and not accepted as a matter of course. They discuss them as a society and change their government when it gets out of line.
Let's not forget that it was a democratically elected government in the USA that started...
> Lets not forget that it was a democratically elected government in Europe that started WWII. And killed millions for nothing more than being born who they were. Systematically, and with the full acquiescence of the favored population.
I'm sorry, but you are displaying a remarkable level of naiveté and outright stupidity about how history happened.
Hitler was not democratically elected. Hitler had only been a legal German citizen, permitted to run for office, for less than one month. Hitler ran for President with the intention of using the office to destroy the constitution and establish a dictatorship (under which it is extremely dubious to justifiably assess 'full acquiescence' of the population). He assumed the presidency after losing the election because Hindenburg died two years after defeating Hitler, and Hindenburg ran for re-election expressly to prevent Hitler from becoming president. After Hindenburg reluctantly appointed Hitler as Chancellor, the 1933 elections were an inarguably undemocratic election, in which new "elections" were held after Hitler urged dissolution of the Reichstag. The Nazis relied on widespread violence and intimidation, culminating in the Reichstag fire and subsequent laws that eviscerated civil liberties and imprisoned political opponents. The Nazis even "monitored" the elections to ensure they achieved a majority.
Slavery, Jim Crow, McCarthyism, sexism, paternalism, COINTELPRO, etc.--all these have strong places in American history of being the norm, not the aberration, and being accepted as a matter of course.
And who were these Nazis? Were they Germans who acted on behalf of their party and political ideology?
You can argue all you like about how much worse the USA is than Europe but my mother lived in Germany during that time. Complain all you like, but the USA is still far ahead of where Europe is when it comes to civil rights. Ask any survivor of the camps.
The mere fact that the head of the intelligence agencies is going to have to testify under oath in front of the Congress is a sign that the legitimacy of our government is something that is valued and protected.
Appeal to emotion, much? You directly mischaracterized the democratically elected status of the German state that began WWII. It has everything to do with the undemocratic nature of the German state after 1932 that led Europe to WWII.
I never argued in the slightest that the US was in any way, shape, or form worse than Europe. I simply corrected your incorrect understanding of history. If you're going to take a point from history to make a point about contemporary society and events, then at least get the history correct. It's not like you have to read between the redacted lines of history to do so.
Just by the way bureaucracy works you can make it a lot more inconvenient for them by using services of a bunch of different countries just to put your profile together.
By rotating free email providers such as mail.ru, free.fr, and so on you can pretty much create a bureaucrat's nightmare - assuming of cause the unlikely cause that this is the weakest link in the chain.
Off-topic, but a fun way to take this to the next level: if you have your own domain, you can set mx records with the same priority at different services to randomly scatter your incoming mail. You can then pull them in with pop3 with your mail client or getmail with something like Dovecot to provide a self-hosted IMAP interface.
You get the added benefit of having automatic fallbacks if one of your mail services is down.
I can't speak for all DNS servers but BIND will return them in a different order each time it answers an query.
For example, the first query returns "mx1, mx2, mx3"; next query returns "mx2, mx3, ms1"; next query returns "mx3, mx1, mx2". Many resolvers seem to simply use the first one so it's roughly equivalent to round robin load balancing.
As far as I know that's the expected behaviour. I also saw it in practice, although I did not study the exact distribution in much detail.
The reason for this behaviour would be that you would normally use this for load balancing.
You can normally get the same behaviour by setting one MX record to a local A record (mail.example.com), and then serving several IPs for that A record in a round-robin/random fashion.
That you don't know if another country is monitoring as deeply as the U.S. isn't a good reason for considering the U.S., who we know is monitoring as deeply as the U.S.:)
