[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Restore data transfer rate

To: <tarsnap-users@tarsnap.com>
Subject: Re: Restore data transfer rate
From: sehe <seth@sehe.nl>
Date: Fri, 14 Jan 2011 11:40:11 +0100
In-reply-to: <AANLkTimNOfHJjTXJdQZ9PYm5BtA5DgHtBsAqP4aOaofd@mail.gmail.com>
Mailing-list: contact tarsnap-users-help@tarsnap.com; run by ezmlm
References: <9300160D-097E-47D9-968D-77362444FFDB@mackerron.co.uk> <4D2F4142.6020604@tarsnap.com> <AANLkTimNOfHJjTXJdQZ9PYm5BtA5DgHtBsAqP4aOaofd@mail.gmail.com>

On Fri, 14 Jan 2011 11:26:24 +0100, Mads Sülau Jørgensen <mads@sulau.dk>
wrote:
You would of course have to trust Amazon with your unencrypted data
and your encryption keys.

Hardly. You can disable swap (I think it disabled on most images by
default) and use a plethora of encrypted filesystems on your ephemeral
storage to avoid leaking any sensitive data. 
If you use reputable tools for decryption no keys should be retrievable.
Of course, you might argue that this being virtualization, Amazon could
potentially get to the bits anyway, but the opportunity window would be
vanishingly small, not to mention that there would have to be a reason why
your traffic/usage would attract attention of malicious system
engineers/snooping hackers in the first place. 

In other words, it is quite perfectly possible to get this thing
reasonably secure. Keep in mind, tarsnap itself runs on could computers.
You trust tarsnap already?

Follow-Ups:
- Re: Restore data transfer rate
  - From: Gabriel Kerneis <kerneis@pps.jussieu.fr>

References:
- Restore data transfer rate
  - From: George MacKerron <george@mackerron.co.uk>
- Re: Restore data transfer rate
  - From: Colin Percival <cperciva@tarsnap.com>
- Re: Restore data transfer rate
  - From: Mads Sülau Jørgensen <mads@sulau.dk>

Prev by Date: Re: Restore data transfer rate
Next by Date: Re: Restore data transfer rate
Previous by thread: Re: Restore data transfer rate
Next by thread: Re: Restore data transfer rate
Index(es):
- Date
- Thread