• 0 Posts
  • 3 Comments
Joined 1 year ago
cake
Cake day: June 3rd, 2023

help-circle
  • Rowan Thorpe@lemmy.mltoLinux@lemmy.mlVPS encryption
    link
    fedilink
    arrow-up
    6
    ·
    edit-2
    2 months ago

    If you’re only talking about Storage (data at rest) or Network (data in transit) then encrypt/decrypt offsite and never let symmetric keys (or asymmetric private keys) near the VPS, or for in-transit you could similarly setup encrypted tunnels (symmetric/private keys offsite only) where neither end of the tunnel terminates at the VPS. If you’re talking about Compute then whatever does the processing inherently needs access to decrypted data (in RAM, cache, etc) to do anything meaningful. Although there are lots of methods for delegating, compartmentalising, obfuscating, etc (like enclaves, TPM/vTPM…) the unavoidable truth is that you must trust whomever owns the base-infra ultimately processing your data. The one vaguely useful way to use “other people’s computers” trustlessly is with SMPC (secure multi-party computation) spread sufficiently widely across multiple independent (preferably competing - or even adversarial!) virtual-computation providers, with an “N-of-M keys” policy that avoids any single provider being able to attain a meaningful level of access to your data independently, or being able to view tangible portions of your data while providing functionality during SMPC. That stuff gets super-niche though.



  • I’ll answer the “why would it now lead to disaster” part, and by shuffling names, places, & contexts around I believe much of that can be obliquely backported to the same question with respect to runup to the world wars of yore.

    USA’s multi-decade cultural imperialism and dogged pursuit of economic hegemony led to it imposing itself as a global barometer and gatekeeper (despite being famously incompetent at both). The upshot is that now, even though philosophically it would be wonderful for the US to finally stop enforcing a petrodollar-driven serfdom on so much of the world in the name of “infinite (US economic) expansion”, pragmatically speaking a magical and abrupt “pull out” would be wildly irresponsible, much like yanking an arrow out of a wound in the direction from which it entered (causing a Jackson Pollock’s worth of collateral damage). That would largely be because the sudden power vacuum would not be able to be filled in time by other countries (who are under-resourced due to aforementioned hegemonic squeezing), leaving not enough people to “not tolerate the intolerant”, leading to explosive expansion of the “ignorant bullies masquerading as politicians” brigade (not unlike Hitler’s opportunistic power-grab while the politicians who should have been the ballwark against him hubristically sat on their hands). See: https://www.ournationalconversation.org/post/explaining-the-paradox-of-tolerance