Technology
We constructed IGD not just with aesthetics and content in mind but privacy and security. However, and most importantly, this does not mean you or us are secure because everything is broken.
What you can do to help secure yourself on the internet:
- Visit our website through Tor Browser @ http://igdnewsy3xy4bzfy6odv7zvssekg4k6u62at6kqq6xwxc7avevhiscyd.onion
- Tips, Tools and How-tos for Safer Online Communications
- London Calling: A Cellphone and Internet Security Primer [PDF]
On Anonymity:
- We anonymize IP addresses in our logs.
- We do not serve advertisements or track behavior.
- This site is available via TOR Hidden Services at http://igdnewsy3xy4bzfy6odv7zvssekg4k6u62at6kqq6xwxc7avevhiscyd.onion
On Security:
- Our back end only uses Open Source Software that is publicly auditable.
- We receive regular third party security audits and penetration testing.
- Our servers are configured with full disk encryption.
- Your connection is encrypted with SSL using Perfect Forward Secrecy. We have configured SSL to generate random public keys per session for the purposes of key agreement which are not based on any sort of deterministic algorithm. This helps to ensure that any spy capturing information from the internet will not be able to decrypt in the foreseeable future.
- Your connection has been configured to prevent against attacks from third parties by making use of HTTP Strict Transport Security. HSTS is a security protocol that forces the use of SSL in the communication between the web browser and our web servers.
- Your connection is accelerated through the latest version of HTTP/2 – a technology that achieves reduced latency through compression, multiplexing, and prioritization.
- Our certificate provider participates in Certificate Transparency with embedded SCT info and we’ve enabled Certificate Transparency Monitoring to ensure your communicating with the authentic IGD.
- Our content is accelerated by using open source, reverse proxy, load balancing, caching web accelerators: NGINX
- We’ve configured our CDN servers to only use the latest TLS version.
On Resiliency:
- Our servers are backed up in several different geographically distributed locations that are PGP encrypted and version controlled.
- Our CDN servers fall under several legal jurisdictions and are also geographically distributed.
- We’ve successfully mitigated DDoS attacks of over several hundred GB.
- Spam always goes into /dev/null
- As of Sept 2017 – We serve content to over 1.5 million unique visitors a month.
All of this effort has earned us the highest rating from Qualy’s SSL lab.