All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Privacy on VPS providers: how reliable is to host private data?
Some time ago, a client asked me to develop a website for their small company and to find a provider to host this. The web application will be hosting private data about the clients of this company and so on, stuff that shall not be watched by people that doesnt belong to the corporation. After this requeriment, a question came to my mind: how realiable are the average LEB providers to offer such privacy?
I know there are ways to encrypt the hard disk (LUKS, dm-crypt) and the communications using safe protocols, however, the admin of the provider could always watch the data hosted there. May the data is encrypted on disk space, but it will be always possible to install some rootkit that debugs at memory once the data is decrypted.
Even if I get a full dedicated server, there will be some hands able to mess my data. So, is there any way to host private data on server that you don't know if are trustworthy?
Comments
Use full disk encryption, SSL or something of the kind from client to server, and hope that whatever you're doing isn't interesting enough to get your host or any three-letter agencies using rootkits and the like.
IMO, if your data is so important that you would worry about a provider may try to see them, you should never put them anywhere away from yourself.
Thus, keep your own hardware for those top-secret data, and maybe you also need own DC.
But for most time, those providers have more things to do than look into you system. I personally put my codes on a LEB, not worrying anything, for I know they don't worth the provider to steal.
I don't believe FDE is possible in OpenVZ, so you'll probably be looking at KVM.
What kind of performance hit?
I'm honestly not sure about the performance hit of FDE, hopefully someone else will know.
Is this a web application that will only be used by company employees?
Any provider that can physically access the server has full ability to access client data if it's unencrypted. It's always been a matter of trust. Unless you're prepared to pay for a locking quarter cabinet from a colocation facility and install your own servers etc.. of course.
So, we already have a thread about this
http://www.lowendtalk.com/discussion/9910/kvmxen-privacy
And was started today/yesterday too
If you want certain data to remain private from physical intrusion, host it locally in a secured location. If practical, host it on a server that does not have Internet access (not so practical in this case). Once other people have access to the data (physical or remote), all bets are off. The best thing you can do in this situation is to secure the server with the private data as best you can and hope that no skiddies become interested in your milkshake.
Protip: If you want complete, ultrasup3r1337h1gh security, save the data to the server, then destroy the HDD. That way, NO one can steal it. It's Leg-wait for it-en-dary!
Thanks for the answers.
But even if the disk is full encrypted, can't the admin just debug the memory at execution time to find the data?
It's about 10-15% higher in the %LA category. It's low CPU compared with ecryptfs (ubuntu's "encrypt your home directory"). NEVER do a git clone or svn checkout on an ecryptfs mount.