New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
they will be able to access it if they want to
@smartcard
Yea the host has access, members here suggest encrypting the file system.
With OpenVZ all your provider needs to do is type "vzctl enter yourID"
From there they are in root and have full access. Will they? Depending on the provider choice they will or won't without your permission which will normally be because you asked them too.
Unless you own the hardware, the network, and the building always assume your data is accessible by somebody other than you at some point in time.
^^ This. It's really all about trust, so which provider are you going to trust and how did you come to that decision?
Of course if you are asking the question because there is something you do not want the provider to see because it's against their terms, the law or whatever then do not assume that they need to look in to see what is going on.
You can't encrypt the file system on openvz. You can however encrypt certain files or folders.
@Mun
Yea sorry about that, but in KVM you can encrypt the file system correct?
Yes. However, even though it is encrypted there is somewhat easy ways for the host to determine the key and access the container. The only sure fire way to secure your data is owning your own hardware / renting hardware or using a software like tahoefs where the data is spread between multiple machines.
@Mun
I see, thanks so much for explaining it to me, I was thinking of encrypted file system as well but I will look for a alternative.
Encrypted filesystems store the keys in RAM. In VPSs RAM can be dumped and thus encryption keys are available to the server owner.
I wrote a lengthy post regarding this topic a while bad so if you want more specifics and how to improve your privacy look it up (I should bookmark it next time I'm at a PC).
@KuJoe
Alright thanks so much, (offtopic) by any chance do you have a post about ipv6 to ipv6 tunneling with ipsec? The site I am creating I want to be as secure as I can get it but it is just a hybrid game/business type site (its really hard to explain)
This is similar to what the NSA (government) says when you don't want them to snoop into your stuff. Damn, I never expected this reasoning on this particular forum
So what are you saying? That wanting to know if the provider can access the data because it's against their terms is the right thing to do rather than not abuse the service in the first place?
Don't twist my words. You're assuming that OP is asking this because he's trying to hide illegal stuff when he's maybe just wondering if OVZ is secure enough to have his data in there. Your reasoning is just broken and doesn't exactly help anyone willing to have some privacy.
He is saying you're trying to pull the dreaded "If you have nothing to hide, you don't need to worry" argument.
Or is supposed to be protected by NDA, privacy laws or just private, and OP wants to know if their $1 teenage host is likely to share it on his facebook page or not.
yawn to you both.
The NSA is the new buzzword for combating everything reasonable.
That's not what he said though. Weird how somebody could jump to that conclusion if they actually read what he wrote. He just said that if you are violating the TOS don't expect to not get caught even if the host can't see your files.
Leaving aside that it's just hilarious to put openvz and security/privacy into 1 sentence ...
I'm also almost feeling offended by the "fbi blockwart" argument of @Lee.
How about "because my clients expect - and have a right! - to their stuff being safe and private"?
Or how about "I'm PAYING you. You are not my boss or my controller you are a service provider. better keep that in mind!"?
Or how about "because my stuff is f-cking none of your business"?
That said, while an openvz pigfarm is particularly lousy, @KuJoe has pretty well nailed it. I'd like to add that a decrease of privacy is a system immanent property of sharing resources.
(Pssst ... help is in the works but I won't say a single word more until GA)
Go NSA team!
@Lee
Someone either acts against TOS or he doesn't. If he does the provider can (and must) prove that - by LEGAL means.
The provider does, however, NOT have any right whatsoever to look into clients data, not even when client acts against TOS. Even stipulating differently in a contract would be null and void because contracts must be within the frame of law.
Providers only legal way into clients data is clients explicit permission or a court order.
You act like OpenVZ has security issues. Sure, a root user can enter a VPS or see the root filesystem, but that's the case with any virtualization. If the host really wanted to, they could mount the volume, block device, etc that hosts a hardware VM and access the root filesystem the same. Nothing (excluding encryption) is going to protect your data from a malicious user who has access to the host's superuser.
If you plan on storing sensitive data within a VPS and don't trust or want to rely on the host's security and privacy practices, use client-side encryption. Encrypt the data before uploading it. It is the safest method. The host will never have access to the encryption key.
Many years ago, a friend had a VPS which was hacked. The hackers installed an alternate root account and the apparently sold it to some other bad guys who logged in using it, set up a fake bank login screen on the machine, and then proceded to send out spam emails directing people to log in and change their account passwords. (We were amazed when we found out what was transpiring on the box -- they were harvesting several passwords every minute. We couldn't believe so many people would be so gullible.)
Of course, we conducted a forensic analysis after shutting down their scheme. What we found was that the original bad guys apparently possessed the root password -- something that was not easy to guess -- when they logged in correctly the first time to set up the alternate root login, and the login was established perhaps 6 weeks before it was actually used. The obvious conclusion was that it was an inside job -- someone at the VPS host company had most likely stolen our shadow file and passed it along to be brute-force cracked. I can only surmise that we weren't the only ones to have our shadow file pilfered, but how to tell? In any event, there was never a hint of an indication from the host company that anything had been compromised. I suspect, though, that some employee made a nice bit of pocket change for procuring those files for some black hat type.
As a result, I now view all data on my VPSes as potentially compromised. I use strong passwords on all my accounts. I turn off password access, as well as direct root access, from ssh. I don't store sensitive information on a VPS unencrypted. And I have scripts which look for stuff like accounts that have been added without my knowledge.
It's a dangerous world out there; just look at your logs sometimes. And it's a fools errand to ever presume the data on your VPSes have not been compromised.
Sounds a little far fetched but who knows. I just don't see why someone would bother stealing your shadow file for bruteforcing when they could just install a rootkit seeing as they had access to your filesystem.
The person with access to the VPS file systems (and the files on them) is not interested in rooting anyone's server directly. They are simply an unscrupulous employee interested in making a quick buck. The person they sell the shadow file to is a middleman who breaks into and conditions the server for illegitimate access and then sells the created credentials to a third party to use for whatever nefarious purpose they desire. The point is that there appears to be an entire underground marketplace of individuals on the greater Internet involved in the process of creating, conditioning, and reselling compromised VPSes.
While it is true that the initial person in this chain might be able to add a bogus account to the VPS directly, thus bypassing the middleman, it would probably be a rather risky thing to attempt. Far easier to take home a system backup on a thumb drive and extract the info there, where one cannot be observed.
I found the post I made and tweaked it a bit and put it here since this will not be the last thread asking this question: http://rand.pw/howsecure/