On Mon, Jun 18, 2018, 1:50 PM Tomas Kuchta <tomas.kuchta.li...@gmail.com> wrote:
> I have heard that security versus physical HW in colo argument so many > times. > > In my opinion, a padlock is way less secure than well implemented crypto. > > The only security benefit I see from physical HW would be hosting it on > premises - if your threat vector is suponea. Both VM or HW in colo can be > legally accessed without your knowledge, which shouldn't be possible when > hosting on premises. > > Cost or special snowflake HW would be another consideration. If one gets to > rent 15U for $300 a month and if you can fully utilize that volume - you > could save considerable $$ in certain load scenarios. > > Just my thoughts on possible value of real HW outside mainstream and > home/office. > > Tomas > > > If you want a cheap subpoena resistant setup. > https://github.com/privacylabs/oasis > On Mon, Jun 18, 2018, 12:41 PM Louis Kowolowski <lou...@cryptomonkeys.org> > wrote: > > > > > > > > On Jun 18, 2018, at 1:38 PM, Michael Rasmussen <mich...@michaelsnet.us > > > > wrote: > > > > > > To stress "As others have suggested, you may be able to use a VM" - at > > my final job before retirement (Large bank, Fortune 500, etc) everything > > possible was migrated to in-house VMs. > > > I want to say mail services were an early migration. In any case, the > > entire mail infrastructure was run on virtual servers. > > > > > > There's no need for a physical server. > > > > > This is your opinion. We're not trying to determine if a VM is capable of > > running *a* mail server. We're trying to determine what the requirements > of > > *his* mail server are, because that drives whether a physical server is > > required. > > > > There may be a security requirement such as "no AES key leakage to other > > tenants". In this case, he may not be able to use a VM. There are people > in > > the crypto community who believe that any system that needs secure crypto > > should not be virtualized. > > > > Again, I'm trying to gather what the requirements are before stating what > > the solution is. > > > > -- > > Louis Kowolowski lou...@cryptomonkeys.org > > Cryptomonkeys: > > http://www.cryptomonkeys.com/ > > > > Making life more interesting for people since 1977 > > > > _______________________________________________ > > PLUG mailing list > > PLUG@pdxlinux.org > > http://lists.pdxlinux.org/mailman/listinfo/plug > > > _______________________________________________ > PLUG mailing list > PLUG@pdxlinux.org > http://lists.pdxlinux.org/mailman/listinfo/plug > _______________________________________________ PLUG mailing list PLUG@pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug