Interesting topic, especially looking at the current cloud trends. We've
been discussing this internally and came to the conclusion, that as long
as someone has physical access to a server, he will always be capable of
reading the data on that server with more or less effort.
Even using a high level of physical security to ensure, nobody has
physical access to the box can be broken with enough time and effort,
especially from the people housing the box.
In the end, all you need is trust. If you trust the people housing your
box and if you trust their ability to keep the bad guys physically away,
everything is fine. If you can't trust them you are lost in any case.
Kind regards,
Viktor
Am 02.06.2012 01:05, schrieb Stanislav Sinyagin:
security by obscurity?
you know, with a JTAG adapter and a bit of knowledge, one can read the
onboard flash from those plugs too.
so, probably a better approach is to have a system which doesn't
expose your data when the disk is compromised. The simplest example is
SSH with public key authentication and authentication forwarding (-A
flag).
_______________________________________________
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog