If the computer is powered off, moved or confiscated, there is no data to retrieve.
We get the operational benefits of having fewer breakable parts. Disks are among the components that break often. Therefore, switching away from them makes our infrastructure more reliable.
The operational tasks of setting up and upgrading package versions on servers become faster and easier.
While mostly true, there are ways to preserve ram if the device is confiscated.
Your local PD likely couldn’t pull it off, but if one of the larger abbreviation agencies were to get involved, data on RAM isn’t a huge hurdle. Assuming no one flips the power switch, at least.
Yeah, freezing and dumping RAM is a well known attack, even happening at some airports with laptops. But it still requires very recently powered ram, basically still in operation before extraction. It’s a big step toward security at least.
I guess it’s going to stop any standard agencies with a warrant. Confiscating the machine for it to sit in a warehouse until some forensic techs get their hands on it.
Sure, but how often does that happen to servers running 24/7? They’d have to set up some sort of dead man’s switch, movement sensors, or something. It’s unlikely they’d get a day’s notice that the servers are going to be confiscated for forensic analysis.
How long do you think would you have? Also, any manual action on your part would be obstruction, while an automated system could be defended as anti-theft protection.
It means that even though Mullvad already doesn’t log anything about their users activities, there is no persistent storage on the servers, so as soon as it is powered off or raided by The Agencies, there is absolutely nothing to retrieve from it.
If the computer is unplugged, there’s nothing left on a hard drive to show what state it was in. This means nobody malicious can physically remove their servers and gain information about customers.
Can someone explain to me what this means? I’m technologically inept when it comes to privacy, slowly getting better day-by-day thanks to Lemmy.
What does “without any disks in use” mean?
https://mullvad.net/en/blog/2022/1/12/diskless-infrastructure-beta-system-transparency-stboot/
While mostly true, there are ways to preserve ram if the device is confiscated.
Your local PD likely couldn’t pull it off, but if one of the larger abbreviation agencies were to get involved, data on RAM isn’t a huge hurdle. Assuming no one flips the power switch, at least.
Yeah, freezing and dumping RAM is a well known attack, even happening at some airports with laptops. But it still requires very recently powered ram, basically still in operation before extraction. It’s a big step toward security at least.
I guess it’s going to stop any standard agencies with a warrant. Confiscating the machine for it to sit in a warehouse until some forensic techs get their hands on it.
There are devices that allow moving and confiscating computers without powering them off.
The rest are true.
That’s assuming those computers weren’t already powered off first.
Sure, but how often does that happen to servers running 24/7? They’d have to set up some sort of dead man’s switch, movement sensors, or something. It’s unlikely they’d get a day’s notice that the servers are going to be confiscated for forensic analysis.
How long do you think it takes to broadcast a network wide shutdown command over the management network?
How long do you think would you have? Also, any manual action on your part would be obstruction, while an automated system could be defended as anti-theft protection.
It means that even though Mullvad already doesn’t log anything about their users activities, there is no persistent storage on the servers, so as soon as it is powered off or raided by The Agencies, there is absolutely nothing to retrieve from it.
No data is supposed to be readable after you shut it off. There are ways to restore it though but it’s still vastly better in leaving no trace.
If the computer is unplugged, there’s nothing left on a hard drive to show what state it was in. This means nobody malicious can physically remove their servers and gain information about customers.
Here you go.