New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
VPS providers / Hosts peeking at your private data
I assume they aren't suppose to but can they? And if so, is there a way to know if they did? Like is it safe to store personal data with these lowend providers?
Is there a way to encrypt everything and allows full functionality of all apps once a singular decryption key is entered to ensure ease of use?
Comments
If it is decrypted, it is also decrypted on the host
but it's still better to have like an "on/off" encryption / decryption than an 24/7 all you can access private data buffet right?
If you don't trust your provider don't host there, plain and simple. They have physical access to your data, so if anything goes in and out unencrypted they can access. Only exception is , the data is encrypted way before it hits their network and your server.
Yes.
No.
Depends on whether/how much you trust them.
Yes. For example LUKS. But the provider could read the key from RAM, so it's not 100% safe, but your data is of course encrypted at rest then.
You should see if you can store the information there inside of an encrypted archive of sorts. Be it a password, or maybe a backup system that supports client side encryption.
That way at worst the host has a blob of data they can't do anything with.
Francisco
If you really care about keeping your data private get a colocation or even a private cage.
How to do that? What do you recommend?
That's the fun part.
What are you trying to store here? Is this you storing files there as backups? Or as an FTP of sorts that you mount?
We need more info
Francisco
2 servers.
For backup cloud server / to share files with others with. I think this i would prefer more 'security'.
Another server that runs apps like VPN and store some occasional private Media for direct stream Plex with (like personal photos & videos). This I'm less concern about security but preferably if there is a reasonable solution without destroying apps functionality or making things too different to use then I would want it too.
Yes, the data stays encrypted at disk, but once you decrypt it the key is in memory and accessible.
As others wrote it is about trust
Why not?
Of course!
Yes but you may not necessarily have the ability to, esp if the provider took steps to make sure you don't find out.
It's not safe (from snooping) to store private data with any provider. It might not even be safe to store it at your home, depending on how sophisticated your adversary is.
Assuming your provider or an adversary is not sophisticated enough to break the encryption, it may be possible to pre-encrypt everything before sending it to the provider and then for an app to download only encrypted data to be decrypted on the app-user's system. The provider would still be aware of the encrypted data and some networking details of where it came from and where it's going.
If the decryption information is on the provider's system, the provider can decrypt the data.
Anyway, try to figure out the actual problem and try to solve it as best as you can. Maybe you can assume some providers are more honest than others. I wouldn't assume that. But I do think your users expect you to do your best to protect their personal information by limiting potential access to it to a small, likely trustworthy group of people. It's also a best practice to make sure data is encrypted both in transit (usually with TLS) and at rest (encrypted on disk) with decryption information as well hidden / unreadable as possible for anyone who might have compromised a server. In some cases (like as is required with some payment info) it's better to let an organization better equipped at security than you store the actual data, and for them to perform a limited set of functions on your behalf.
Has there ever been public cases of such peeping by providers?
You could do full disk encryption, but the keys still stored in memory, meaning if someone REALLY wanted to see your stuff, they could dump your VPS' memory and go from there.
If this stuff is national secrets level private then you should colocate your own servers somewhere. Past that, I think FDE is good enough.
Francisco
I'm a noob but if my understanding is correct, a full disk encryption would make it only useful for transfers of files right?
Like, apps (i.e. vpn, music, videos, etc) wouldn't function or run anymore?
If anyone's looking for strictly encrypted storage (not FDE) , rclone is awesome and super easy to get up and running (and free!)
If you have something like Google Drive, OneDrive or something of the sort and want to encrypt seamlessly, highly recommend Cryptomator - https://cryptomator.org/ - Linux/Windows/Android
Could also use something like a multi server Nextcloud setup. In Nextcloud enable encryption on external storage and mount the other servers as external stores with sftp or similar. Keys should stay on the Nextcloud server and the data in the data stores will be encrypted (doesn’t encrypt file names though)
I thought rclone is just a way to transfer files from A to B in a encrypted way, I didn't know the file themselves are encrypted?
It has built in encryption (if you choose to configure it)
https://rclone.org/crypt/
For people running Proxmox (or anything that runs the QEMU guest agent really), try doing
qm guest exec <NUMERIC_VM_ID_THAT_RUNS_QEMU_GUEST_AGENT> <SOME_COMMAND_LIKE_LS>on the host.Yes:
Usually it's either privacy/security or the ease of use.
From which a dump / snapshot can easily be created, too.
One time Hetzner gave me a KVM to a server that was not mine. FDE on a dedicated server is the way to go and the only way to secure your data.
I worked at a few hosts and it was always policy that unless it was asked for us to look at something we wouldn’t. The main reason is plausible deniability.. if we don’t know it can’t be held against us.. if we do then action must be taken
Not public, but I recall reading somewhere (maybe here) that someone used to work for a big company that supplied VPS' and they knew of a colleague that was extracting crypto info from a customer's account.
I also have seen a provider that equips that supplies a monitoring service for their VPS and dedicated servers, which sounds good, but made me think I would never do personal banking on that server for that reason. Who knows what is set up and what is monitored and who has access to it.
That's just because it was Hetzner!
You, on the other hand, run a tight ship! None of that happening over at AdvinServers
If you're doing file backups you can encrypt it on your computer and then upload it to the VPS. Keep a record of the file sizes and hashes on your PC so that when you download your files later you can verify that they haven't been deleted or tampered with.
If you absolutely need to store sensitive data unencrypted, then consider running your own VPS using your own hardware.
If you absolutely have to use cloud, then consider something like AWS.
For a backup/file sharing server I think you can encrypt the files on your own PC before uploading them to the VPS. Then you can share the encryption key with your friends.