New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
OpenVZ is like shared hosting as all files accessible from admin side as for XEN or KVM virtualisation it’s like dedicated containers.
If you don't, there is no reason to do so. Use dedicated servers (like physical machines, not virtual ones) for confidential things, as well as encrypt its' storage.
Trusted Low End Users?
or encrypt kvm vps. do you have a how-to?
They are called "Veterans"
Useless. VM with LUKS can be easily decrypted as hypervisor owner has access to the VM's RAM (where LUKS key is stored)
oh. i am only a untrusted member.
really easily?
There are plenty of guides on Internet, moreover I have accomplished such task in a test environment. I haven't done anything similar regarding a dedicated server as it requires more effort for extracting keys from the RAM.
@dedicatserver_ro does it, so don't trust him
There is no trust guarantee with low end providers, maybe pick those that atleast have some credibility (maybe the community can suggest some), or big enough userbase (security through obscurity lol). But in anything else just rent a Dedicated Server.
As another user pointed out, in OpenVZ, the vms are plain open and accessible to the admins; they can view and manipulate vms anytime they want.
Even if you use encrypted containers such as Truecrypt, you have to mount them to use them and therefore, they might get accessed from those whom you want to hide your data from.
The best course of action is to choose a dedicated server from a reputable provider (the privacy laws in the country that provider is registered in, is a hint here) and for additional security, go full encryption from the get go (fully encrypted disk)
A VPS from a large established, full priced, hosting firm is no better?
All providers from Romania. Can't go wrong.
Low End or trusted. choose one
Anything that is not physical, can be just copied or easily accessed.
If you don't trust your Provider, don't buy from them.
Even if you encrypt your disk, they could snapshot your vm or pull the key to decrypt the disk from memory.
Get a dedi for that confidential things.
But even there, trust your Provider.
Obfuscate the source code and upload only binary blobs.
Any reference to this?
Have a look at my signature. They are very reliable. Trustable? I do trust them.
This is the best option. But even then, it's not 100% if a three-letter agency wants to get in. You don't control the BIOS or firmware or console, often you're imaging using the provider's image, and even if you use a distro ISO or upload your own ISO, ultimately you don't have 100% control of what's presented to the server.
But that's a much more sophisticated attacker than some snooping junior sysadmin on your provider's staff.
There is a thread on this forum. Search with his website name.
here it is: https://lowendtalk.com/discussion/172699/dedicatserver-ro-aka-astimp-it-solution-srl-silently-logging-into-the-customer-server/
Yes, you will be scammed sooner or later.
They have black magic, ifykyk
ye magic lvl 99. they can use all spells.
I don't understand what you guys are talking about Romania, can you please explain? @sasslik @hyena56 @TheGreatOakley
They have girlfriends there
yea, every day new one, bc in the morning they are gone with my money and wallet (oops, sry dont have muney bc all these cheap offers)..
Well I am not generalizing all Romanian providers (I mean small ones), but with-in my 10+ years experience with Romanian providers, mostly all ends up in deadpool. Maybe 10+ years ago there seems a trend with Romania Providers, they multiple creates VPS hosting companies hosted on Voxility DC as far as I can remember. They used to market here also. But I think most of them are banned already here. And of course it ends up in deadpool they take money, after 1-2 months deadpool, then create again. The chain continues. Especially cociu he pocketed the most
Trusted
Low end
Providers
You may only pick 2.