top | item 34503578

(no title)

half0wl | 3 years ago

I'm in the process of standing up my own hardware (1U server/some simple compute box + FreeNAS) for doing this.

There's a variable I don't understand with self-hosted cloud/storage: what guarantees do you have that they're not peeking at what you store? Why do you trust them over $CORP? Do you encrypt your data at-rest (dm-crypt, fscrypt, etc.), and do block storage providers support this?

edit: fix typo

discuss

jtode|3 years ago

It's an issue, for sure. My thinking is I would include some sort of in-house encryption for stored objects; encryption is never perfect and rolling your own is usually a recipe for failure, but it would get in the way of intrusions of the "bored employee poking around the servers" variety. Such a lazy nose would move on to easier pickings, and nothing I'm doing matters enough to steal - even my creative work is CC so if you want my 3D asset files, they're all yours buddy.

bombcar|3 years ago

99% of people are never going to have anyone interested in anything they do, but if you're really paranoid you'd want to host everything at home and use a VPN or cloud server to redirect to it.

However, if you go with a really small cloud/server provider, you may run the risk of a bored employee poking around. The larger ones will have auditing in place to catch stuff like that.

hdjjhhvvhga|3 years ago

Of course you take care to set up encryption at erst and in transit, it's not that difficult. In case of virtual machines they can still peek at the memory of your system just like AWS and others, the question is why would they take the trouble.