# TortoisLabs review



## danni (Aug 25, 2013)

Hey guys.

Just wanted to share my review on Tortoislabs.

(Borrowed review template from wlanboy)

*Provider:* TortoisLabs (http://tortois.es/)

*Plan:* 3x 512 mb, 1x 256 mb

*Plan locaton:* UK

*Price:* 2x 7,50$, 1x 6.75$, 1x 4,50$ pr month

*Purchased:* 06/2013 and the newest (256 mb) today

The specs posted below, will be from the first ordered VPS - 512MB, functioning as Webserver.

*Hardware information:*


cat /proc/cpuinfo

processor       : 0
vendor_id       : GenuineIntel
cpu family      : 6
model           : 58
model name      : Intel(R) Xeon(R) CPU E3-1240 V2 @ 3.40GHz
stepping        : 9
cpu MHz         : 3392.358
cache size      : 8192 KB
fdiv_bug        : no
hlt_bug         : no
f00f_bug        : no
coma_bug        : no
fpu             : yes
fpu_exception   : yes
cpuid level     : 13
wp              : yes
flags           : fpu de tsc msr pae cx8 sep cmov pat clflush mmx fxsr sse sse2 ss ht nx aperfmperf unfair_spinlock pni pclmulqdq ssse3 sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes f16c rdrand hypervisor ida arat epb pln pts dts fsgsbase erms
bogomips        : 6784.71
clflush size    : 64
cache_alignment : 64
address sizes   : 36 bits physical, 48 bits virtual
power management:


cat /proc/meminfo


```
MemTotal:         509140 kB
MemFree:           50368 kB
Buffers:          119356 kB
Cached:           266184 kB
SwapCached:           40 kB
Active:           246608 kB
Inactive:         160352 kB
Active(anon):      14304 kB
Inactive(anon):     7476 kB
Active(file):     232304 kB
Inactive(file):   152876 kB
Unevictable:           0 kB
Mlocked:               0 kB
HighTotal:             0 kB
HighFree:              0 kB
LowTotal:         509140 kB
LowFree:           50368 kB
SwapTotal:        524280 kB
SwapFree:         524240 kB
Dirty:                 0 kB
Writeback:             0 kB
AnonPages:         21448 kB
Mapped:             9556 kB
Shmem:               360 kB
Slab:              39568 kB
SReclaimable:      31320 kB
SUnreclaim:         8248 kB
KernelStack:        1320 kB
PageTables:         2024 kB
NFS_Unstable:          0 kB
Bounce:                0 kB
WritebackTmp:          0 kB
CommitLimit:      778848 kB
Committed_AS:     102040 kB
VmallocTotal:     333816 kB
VmallocUsed:        2004 kB
VmallocChunk:     308728 kB
HugePages_Total:       0
HugePages_Free:        0
HugePages_Rsvd:        0
HugePages_Surp:        0
Hugepagesize:       2048 kB
DirectMap4k:      524288 kB
DirectMap2M:           0 kB
```

df -h


```
Filesystem            Size  Used Avail Use% Mounted on
/dev/xvda1             30G  1.3G   27G   5% /
```

dd


```
dd if=/dev/zero of=test bs=64k count=16k conv=fdatasync && rm -rf test
16384+0 records in
16384+0 records out
1073741824 bytes (1.1 GB) copied, 19.872 s, 54.0 MB/s
```

wget


```
wget cachefly.cachefly.net/100mb.test -O /dev/null
--2013-08-25 22:47:43--  http://cachefly.cachefly.net/100mb.test
Resolving cachefly.cachefly.net... 205.234.175.175
Connecting to cachefly.cachefly.net|205.234.175.175|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 104857600 (100M) [application/octet-stream]
Saving to: `/dev/null'

100%[======================================>] 104,857,600 24.6M/s   in 4.5s

2013-08-25 22:47:48 (22.4 MB/s) - `/dev/null' saved [104857600/104857600]
```
*What services are running?*


Apache
csf

*Support:*

Nenolod (Known as Kaniini here on vpsboard) seems very knowledgebal.

*Overall experience:*

Im very happy with the service provided. VPS's have been very stable and only had downtime once (a bit long), apparently due to a court order (not my vps causing trouble) - so not Tortoislabs fault 

*Things you wish to see:*

Some more automation on the billing side!

From paying invoice to service delivered (lets say another vps), can take several hours, which can be a bit annoying


----------



## drmike (Aug 25, 2013)

> downtime once (a bit long), apparently due to a court order (not my vps causing trouble)


Mind you, their offers interest me and indeed seem like right minded chaps.

But....

Offline due to court order?  What? Hopefully this isn't the new fashionable thing to do, to explain away unplanned downtime.  

I fail to see how court order means clients and business stop, but someone humor me from the provider side.


----------



## danni (Aug 25, 2013)

Hey buffalooed 

The responce I recieved was "....court order issued by SOCA, the UK Serious Organised Crime Agency ...."


----------



## kaniini (Aug 25, 2013)

buffalooed said:


> Mind you, their offers interest me and indeed seem like right minded chaps.
> 
> But....
> 
> ...


One of our UK nodes was taken for forensic imaging last Wednesday in the morning and returned that afternoon.  Other UK nodes were unaffected.

It was due to allegations related to a Tor hidden service operating on the node that was being used to facilitate criminal activity -- beyond that I don't know any further details.

Of course, the nodes themselves were encrypted, so we used that as a negotiating point to ensure the quick return of the hardware, which is why we were able to get it back up and running the same day.

We are, of course, evaluating options such as bringing in a solicitor on retainer to handle these situations more vigilantly.


----------



## kaniini (Aug 25, 2013)

To expand on this, in the US the procedure is different... the FBI/DHS/whatever would have to contact us first, and we would provide whatever data once all due diligence has been completed.

In the UK it is different, from what I have been told by others who have been in this situation, SOCA is very aggressive and likes to shoot first, then ask questions later.  We were not even notified that the node had been taken until afterwards when they wanted our encryption passphrase.

Additional thought added later: I think, in general, the way SOCA does things is a result of the UK being a more established police state -- the US has been playing catchup aggressively, but the UK has been an aggressive surveillance state for decades.  Either way, this is a risk of operating in the UK that we were aware of before starting operations there.


----------



## drmike (Aug 25, 2013)

Good response @kaniini.

How did the nodes being encrypted  give any leverage to quick return?  In my past encrypted data meant longer retention if not a long protracted court action to have the servers returned.

Do you or can you recommend means of providing crypto of the entire VPS container with keys / credentials entirely in the VPS owner's hands?   Doing so would mean policia would have issue squarely with the customer.

Amazing the goons aren't imaging drives on site considering potential for harm and suits by companies caused harm.

"Let's solve a crime, by committing ten more".


----------



## kaniini (Aug 25, 2013)

buffalooed said:


> Good response @kaniini.
> 
> How did the nodes being encrypted  give any leverage to quick return?  In my past encrypted data meant longer retention if not a long protracted court action to have the servers returned.
> 
> ...


Regarding encryption as an end customer, on our platform, you can use LUKS or eCryptFS.  With HVM mode, you could also use TrueCrypt.

As for how we had leverage, that is very simple -- in exchange for the hardware being returned, we would give them the current encryption passphrase.  We then changed the encryption passphrase once the node was returned and brought back online.

In my experience of dealing with law enforcement, they generally just want to get the data relating to their investigation.  Ultimately, they wound up asking for us to just decrypt the images associated with the customer they were targeting, so we did that for them.

I can't go into more specific details for obvious reasons.


----------



## danni (Aug 25, 2013)

Thank you for the explanation and service provided


----------



## drmike (Aug 25, 2013)

*"Tor hidden service operating on the node"*

TOS/AUP allow Tor, just not an exit node.   Take it the allegation is an exit node was there?

Time all providers disallow Tor entirely.   Really has become an enormous mess.

I feel for you big time dealing with the stress, workload, loss of income, etc.


----------



## kaniini (Aug 25, 2013)

buffalooed said:


> *"Tor hidden service operating on the node"*
> 
> TOS/AUP allow Tor, just not an exit node.   Take it the allegation is an exit node was there?
> 
> ...


In this case, the customer was not running an exit node, just an "enclave".  I don't think banning Tor in general is the answer.

We run our nodes at extremely low densities, so not many customers were affected.

Additional thought added right after I hit post: I think that the operator of this hidden service was ratted out by the tormail guy, as that just happened a week and a half ago, and they're looking to slap him with some serious charges -- so I bet he was more than willing to rat out other hidden services being used for criminality.


----------

