For example, it is no secret that Anonymixer.com is hosted on Hostkey.com and Chipmixer.com is hosted by Choopa.com. So, how difficult is it for FBI/CIA/DOD to get data from these web hosts, if they can do the same for Cloudflare?
Hi LoveUJack,
For what it's worth and without going into too much detail, the software architecture of Anonymixer
assumes that such entities have infiltrated the public facing server and have had 100% root access from the very first minute.
The public facing server writes nothing to disk, with anything of importance temporarily stored in memory on a need to know basis.
To my current knowledge, even with root access, a third party would be unable to eavesdrop on HTTPS network traffic.
All Anonymixer source code, both server side and client side is compiled, obfuscated and mangled.
Even with this software design in place, we have taken great care in securing the public facing server from outside attackers, for instance the server only exposes port 443 (HTTPS) and has an SSL Labs Grade A Rating. All keys are encrypted and buried away within very large binary files.
In the event of a suspected security breach, or if we just lost the server completely - we could setup an alternative server from an alternative provider very quickly.
One thing to note, even with this security in place, these "entities" do what they like, legally or illegally, when and how they please. There is nothing stopping these entities changing NameServer entries of the WHOIS records or changing DNS responses from CloudFlare so that on trying to resolve Anonymixer.com, you are actually pointed to their own server, which in-effect could act as a MITM. Or, they could simply confiscate the domain entirely.
We always recommend that you use Tor, with the Onion address
http://anonymixerpolbpy.onion.