Unless you're running on bare metal (no virtualization) on your own server, even shred, dd, etc is no guarantee of anything. The virtualization software is capable of intercepting everything written to disk. It can make copies, incremental backups, whatever they want it to do.
If your data is sensitive, don't put it on a virtual server hosted in the cloud, bottom line. You have no idea who or what has access to the data you put on it. |
Quote:
I know that I have all but accepted that philospohy on my personal laptop... There are just too many unknowns to think that password-protecting or encrypting particular files or directories is enough. The only way you can hope to be safe is to do Full Disk Encryption (FDE). Of course, there is the rub with a VPS - you can't control the disks/machines!! Rob |
Quote:
Rob |
Quote:
At that point what will matter will be the weakest link, which will probably be the host that you'll use to input/write your password => these thoughts will bring you to paranoia-level-2. Paranoia-level-3 can be accomplished only with a full offline server. Paranoia-level-4 is then really advanced, with no windows and double walls to avoid any kind of external leak of frequency. |
All times are GMT -5. The time now is 09:38 PM. |