Cloud poses a risk to privacy that you cannot and must not ignore in business. Ignore everyone that says otherwise. --- If you are a fabless company, for example, it is easy for a cloud sysadmin to exploit the latest vulnerabilities to read your data bank and sell your secrets. Email (yahoo, hotmail, gmail, you name it) is another example of cloud service: sysadmins do not need to exploit anything, because the contents are stored in plain text. --- If you need a cloud, you better make your own.
Sent from ProtonMail Mobile
On Thu, Mar 8, 2018 at 11:51, Kevin Chadwick <m8il1ists@gmail.com> wrote:
> We all know Bare metal is more secure (ignoring physical security) especially with OpenBSD but if you need cost effective global resources on tap then I believe you need cloud. We all know microsoft have a huge user base and userland issues that are problematic however despite some recent Linux kernel mitigation adoption attemps, Linux focus on kernel mitigations have been lacklustre whilst microsoft have been comparatively active albeit enabling and enforcing mitigations (even ASLR) for all applications by default has been lacklustre. As cloud services are free from microsofts userland it is a *hopeful* assumption that their security mitigation works applies to their cloud too whereas I expect it is unlikely with Amazon and Google (AFAIK Android fairs better than Linux for mitigations due to Google however??) Perhaps OpenBSD mitigations still apply effectively to ec2 instances and cloud services isolation is good enough to never undermine this, though I find that hard to believe. Perhaps new processor developments will solve this issue. None of this matters if you cannot get things done. I know there is OpenBSD AWS client availability but I am unsure about Azure, Google etc. Any advice and experience is welcome, Thankyou.
No comments:
Post a Comment