All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
No privacy whatsoever on VPSes -- even KVM
...the new technique "works to detect the creation of TLS session keys in memory as the virtual machine is running." According to HelpNetSecurity, this vulnerability "makes it possible for a malicious cloud provider, or one pressured into giving access to three-letter agencies, to recover the TLS keys used to encrypt every communication session between virtualized servers and customers. CIOs who are outsourcing their virtualized infrastructure to a third-party vendor should assume that all of the information flowing between the business and its customers has been decrypted and read for an undetermined amount of time."
I mean we knew this was possible in theory, but "extremely tricky". Turns out that not so much, and there are already tools created to do all sorts of complex wiretapping like that.
Comments
Makes sense I guess. It's tough to guarantee complete security and isolation when someone has access to the hardware. I still say the safest server sits in your closet, with you standing in front of it holding a shotgun
The safest server is also air gapped and not connected to the internet. Looking at you nuclear power plants...
http://www.reuters.com/article/us-nuclearpower-cyber-germany-idUSKCN0XN2OS
Eh, they want to connect them to the internet. For remote access.
The news being? I can dump RAM from KVMs by virsh to a file and pretty much (yea yea some conversion) just grep the keys for FDE/TLS/whatever out of it...
Also, why would you dump the TLS key? This requires physical access or host access, thus you can just dump the ram, extract the FDE key (if any) and mount an image (also live created as snapshot) on another instance.... which gives you the key as file. Passphrase for it can be extracted on the same way, if the file handle is still open (not sure how that decryption is ultimately handled, i.e. stored as decrypted file in memory or decrypted at the time of request of a PFS generation/direct session - also likely openssl/windows dependent).
EDIT: On another note, even with the priv key, you can't easily regenerate/decrypt PFS sessions - So you'd need to dump each PFS session priv key on generation time, store it, and then match it against the traffic you recorded - on large systems this could be millions of key pairs per minute).
http://rand.pw/howsecure/
ShotgunHost : "We shoot the hard drives first."
Sadly this can't be predicted, specially if said provider has employees which don't care as much about customer privacy.
I've personally seen it.
Outside of that cases, there is also the ToS - If the ToS say they can search and view what you store on it and they are not in the EU... tough luck.
Hasn't the rule always been that giving anyone else physical access to a running system you might as well give SSH password?
Considering a non-Apple Thunderbolt port (or Apple also if you do some shit in the UEFI implementation) theoretically allows DMA dumping of RAM at nice 10-40Gbit (so the full PCIe BW, if i still know right how the bus is linked to the CPU, which is the same as with Firewire - info is from 775 times though) 1 minute can already dump 60-240GB RAM (other end i.e. a PCIe SSD, they regularly do 2500MB/s+ on the same PCIe x4 bus)... physical access has advantages, a DMA attack is also invisible to the host if executed correctly and not specifically protected hardware side (the device does not register as PCIe device but rather as bridge or just passive, which is hard to detect outside of minor IRQ changes).
Ram freezing was/is popular outside of this, port mirrors are ubiquitous anyway, as are "failing harddrives" in RAID sets.
SSH generally also requires a remote site which can be traced/needs an external IP, which might also go through an IDS system - Can be circumvented by patching natively into the L2 of the target, but this has physical access then also already...
EDIT: TB3 uses PCIe 3.0 x4, not 2.0, thus speed is 40Gbit and not 20.
That is what I've been assuming.
If someone has physical access to the machine and the required skills it's game over.
No privacy whatsoever. Period.
It's worth to note that it's very easy to write a script that monitors memory changes of KVM machines using GDB, listening for some file descriptor and file read & comparison events for the SSHd code, try to log in using SSH to the server, offer a pubkey and at the right moment flip a bit in that virtual memory environment using GDB to allow the login via SSH.
Using virtual machines/environments to store your personal data is just stupid and everyone doing so deserves their data getting leaked regarless.
Thank god I'm just using iCloud for my stuff.
lol
Nobody deserves to get their data leaked for being trusting in professional companies. Just because somebody can do something doesn't mean they will. Hosting your data with a trusting, professional company is much more financially beneficial for users who don't have the ability to host their data on their own infrastructure. Hundreds of thousands of companies rely on VPS providers for their business and none of them deserve to get their data leaked unless they chose to go with a shady provider that they shouldn't have trusted in the first place.
Technology and software - nothing is 100% secure, no matter what kind of security you apply there is always a small risk.
If it's secure enough for celebrities, it's secure enough for us!
Or if it's something you care about encrypt it client side before letting it anywhere near the server.
Yes eventually someone might crack the encryption but if you've done it properly that will take a long time and they'll likely be sorely dissapointed once they did break it and all they manage to get is an old tax return or some such.
"Why? Why the heck would someone encrypt an old tax return document? WTF IS GOING ON WITH THOSE PEOPLE?!"
What do you mean by "personal data"? Of course nobody has a file with their mother's last name and bank card pin.
However, every single web page I've written carries information that would identify me personally by looking at spaces, punctuation, and writing style. There is software for this. On top of that the very fact that I use an ICANN domain name is about as good an identifier as anybody would need. That I didn't pay for my services with well mixed bitcoin is a slam dunk. Anonymity is hard, if you actually want to assure it.
So yes, I'm one of those people who store personal data on virtual machines. How many people here don't? Probably none.
For one, login details to any third party service. Sometimes people use a VPS as a remote desktop machine, you can launch your browser and IM client there. But would you login to all the usual websites and services which you use (possibly including management panels for other VPSes and servers, or even Paypal) from that VPS -- in effect giving all those usernames and passwords to your VPS provider? I wouldn't, which greatly reduces the usability of such "remote desktop" usage scenario for me. But apparently some people do.
There's more to "personal data" than knowing who the f*ck you are. Basically, it means any piece of private/secret information that you wouldn't ever publicly post.
Hum, I do have such a file on my server at home. Easier to remember and also more convenient to copy-paste the card number and expiration from a file, than pecking in from a physical card each time. But of course I won't store it on a VPS (or even anywhere remotely).
Exactly. And personal data is also the connections between all the information that can be gathered, much of which is even just plain ordinary metadata.
You mean you don't encrypt the backups of your machines before uploading them to offsite storage?