| 1 |
On 2020-08-28 19:43, Grant Taylor wrote: |
| 2 |
> |
| 3 |
> The only way to get the key is to extract it out of the running VPS's |
| 4 |
> memory. Something that I think is beyond the capability of many, but |
| 5 |
> definitely not all, people. |
| 6 |
> |
| 7 |
> ... |
| 8 |
> |
| 9 |
> As long as STARTTLS is used (and validated) between the MTAs and the VPS |
| 10 |
> provider doesn't have a way to get the keys (because they are on an |
| 11 |
> encrypted disk), then the contents of the transmission should be fairly |
| 12 |
> secure. |
| 13 |
|
| 14 |
I think I see where we're diverging: I'm assuming that the employees of |
| 15 |
the VPS provider can hop onto any running system with root privileges. |
| 16 |
|
| 17 |
I suppose you can make that pretty annoying to do. If you're willing to |
| 18 |
encrypt everything, then you can even put /boot on the encrypted disk, |
| 19 |
unlocking it in (say) grub. The VPS provider can still replace grub with |
| 20 |
something that faxes them your password, but it's not totally trivial. |
| 21 |
(How are you accessing the console at boot time? Is it using software |
| 22 |
from the VPS provider? It's turtles all the way to hell.) |
Archives