LinuxQuestions.org
Page 2 of 2 1 2
Show 50 post(s) from this thread on one page

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Need better Upload Strategy (https://www.linuxquestions.org/questions/linux-newbie-8/need-better-upload-strategy-4175535175/)

suicidaleggroll 03-02-2015 02:40 PM
Unless you're running on bare metal (no virtualization) on your own server, even shred, dd, etc is no guarantee of anything. The virtualization software is capable of intercepting everything written to disk. It can make copies, incremental backups, whatever they want it to do.

If your data is sensitive, don't put it on a virtual server hosted in the cloud, bottom line. You have no idea who or what has access to the data you put on it.

RobInRockCity 03-09-2015 10:46 PM
Quote:
Originally Posted by Pearlseattle (Post 5325796)
A final paranoia-boost: :)
read the "man shred" until the end. It is mentioned that overwriting files is not guaranteed to work with most of the filesystems.
The reason is that in order to save time or because of other functionality offered by the filesystem (e.g. historical snapshots of data), even when you overwrite a file the data is not going to land at the same place that the original file was using => the original data will still be lying somewhere on the HDD.
Just what I need... More paranoia!! :p


I know that I have all but accepted that philospohy on my personal laptop... There are just too many unknowns to think that password-protecting or encrypting particular files or directories is enough. The only way you can hope to be safe is to do Full Disk Encryption (FDE).

Of course, there is the rub with a VPS - you can't control the disks/machines!!


Rob

RobInRockCity 03-09-2015 10:48 PM
Quote:
Originally Posted by suicidaleggroll (Post 5325832)
Unless you're running on bare metal (no virtualization) on your own server, even shred, dd, etc is no guarantee of anything. The virtualization software is capable of intercepting everything written to disk. It can make copies, incremental backups, whatever they want it to do.

If your data is sensitive, don't put it on a virtual server hosted in the cloud, bottom line. You have no idea who or what has access to the data you put on it.
It sucks being "privacy conscious" and yet being on a limited budget!!


Rob

Pearlseattle 03-16-2015 06:09 PM
Quote:
The only way you can hope to be safe is to do Full Disk Encryption (FDE).
Well, it probably doesn't matter if you do FDE or just a 2nd level ecryption like encfs (which I am using) - the disk controller will always end up deciding where the data ends up.
At that point what will matter will be the weakest link, which will probably be the host that you'll use to input/write your password => these thoughts will bring you to paranoia-level-2.

Paranoia-level-3 can be accomplished only with a full offline server.
Paranoia-level-4 is then really advanced, with no windows and double walls to avoid any kind of external leak of frequency.


All times are GMT -5. The time now is 09:38 PM.
Page 2 of 2 1 2
Show 50 post(s) from this thread on one page