john/tractatus
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
tractatus/docs/drafts/DRAFT_SECURITY_POSTURE_SOVEREIGN_INFRASTRUCTURE.md
TheFlow f72a5ce041 feat: April 2026 research content — Mythos analysis, tenant isolation, security posture 
- Mythos threat analysis PDF added to downloads
- Two blog posts seeded: Mythos/cyberattack economics, physical tenant isolation research
- Homepage "What's New" updated from March to April 2026 (Mythos, Sovereign Database, encryption)
- Draft research notes: SLL model specialization, security posture assessment
- Seed script for blog post creation

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-09 14:56:38 +12:00

5.2 KiB
Raw Blame History

Security Posture for Sovereign Infrastructure: A Practical Assessment

Status: DRAFT — for review before publication Author: John Stroh Date: April 2026 Licence: CC BY 4.0 International

Context

On 78 April 2026, Anthropic disclosed the capabilities of its Mythos-class AI model — a system that can discover software vulnerabilities at scale and write working exploits for them. The immediate question for any self-hosted platform: what is our actual security posture, and what needs to change?

This note documents a practical security assessment of a production platform running on sovereign infrastructure (EU and NZ), conducted on 9 April 2026 in direct response to the Mythos disclosure.

Starting Position

The platform runs on two servers — one in France (OVH), one in New Zealand (Catalyst Cloud) — with no US cloud dependencies. Every request requires authentication. Every database query is scoped by tenant identifier. There are no public-facing APIs beyond authenticated tenant endpoints. No AWS, Azure, or GCP footprint exists.

This architecture was chosen for data sovereignty reasons (CLOUD Act avoidance), but in a post-Mythos world it also functions as a security posture: the mass-scanning and mass-exploitation scenarios that Mythos enables target large cloud platforms with wide API surfaces. A small, self-hosted platform is not in that blast radius.

What We Found and Fixed

Dependency Vulnerabilities

A full npm audit revealed 19 vulnerabilities across the Node.js dependency tree: 3 critical, 9 high, 5 moderate, 2 low. The critical vulnerabilities included HTTP request smuggling, unbounded decompression chains, and CRLF injection — all in the undici HTTP client used by the Qdrant vector database client.

All 19 were remediated in a single session. The fix required upgrading two packages to versions outside their declared semver range (a breaking change that was tested before deployment). Post-remediation: 0 vulnerabilities.

Observation: These vulnerabilities existed before Mythos. They were not exotic — they were published CVEs in widely-used packages. The Mythos disclosure motivated the audit, but the vulnerabilities were conventional. The lesson: dependency auditing should be a standing practice, not an incident response.

Encryption at Rest

One server (OVH France) had been running Percona Server for MongoDB with AES-256-CBC storage-engine encryption since March 2026. The second server (Catalyst NZ) was running MongoDB Community Edition, which does not support encryption at rest.

On 9 April 2026, the Catalyst server was migrated from MongoDB Community 8.0 to Percona Server for MongoDB 8.0 with encryption enabled. The migration involved:

  • Full database dump (28.5 MB, seconds to complete)
  • Package swap (Community to Percona)
  • Fresh initialisation with encryption keyfile
  • Full restore (25,145 documents, 0 failures)
  • Encryption verification confirmed: AES-256-CBC active

Total downtime: approximately 15 minutes. Both servers now encrypt all data at rest.

Key management: Encryption keyfiles are stored separately from data directories, with restricted permissions. Keyfiles are escrowed cross-jurisdiction — the NZ keyfile is backed up on the EU server, and both are on offline physical storage. Without the keyfile, encrypted data is unrecoverable.

Patch Cycle Policy

A 48-hour patch cycle has been adopted for CVEs published through Anthropic's Project Glasswing programme. The platform's two-server architecture makes this tractable — both servers can be patched in hours, compared to the weeks or months required by large enterprises with legacy infrastructure.

What Remains

Two hardening measures are in progress:

SSH and network access review. Both servers use key-only SSH authentication. The review will verify firewall rules, confirm that MongoDB is not exposed on any public interface, and ensure the WireGuard tunnel is the only path to internal services.

Intrusion detection. fail2ban is in place for SSH brute-force protection. We are evaluating OSSEC or equivalent for file integrity monitoring — detecting unauthorised changes to application files, configuration, or system binaries. In a world where exploit generation is automated, detection speed matters more than prevention alone.

The Honest Assessment

No small platform can defend against a Mythos-class model directly targeting it. The question is whether we are in the target set — and the answer, for now, is no. The organisations at greatest risk are those running legacy systems on US cloud infrastructure with wide public API surfaces, unpatched dependencies, and no encryption at rest.

Our posture: two servers, sovereign jurisdiction, no cloud dependencies, all data encrypted at rest, zero known vulnerabilities, tenant-scoped isolation, 48-hour patch cycle. This is not invulnerable. It is defensible.

The remaining work — intrusion detection and network hardening — strengthens an already sound position. It does not close gaps that currently leave the platform exposed.

John Stroh — My Digital Sovereignty Ltd — April 2026

Licence: CC BY 4.0 International — https://creativecommons.org/licenses/by/4.0/