oxeo0/blog-contributions
1
0
Fork 0
mirror of http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions.git synced 2025-07-02 11:56:40 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

conclusion update

Browse source
This commit is contained in:
midas 2025-02-04 10:29:52 +01:00
parent 7fed349ca9
commit ba29e231ff
1 changed files with 17 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

18
opsec/cloud_provider_adversary/index.html
View file

@ -264,7 +264,18 @@ in this post we are going to do a threat modelling exercise:<br><br>
Following her analysis, Alice understands that having a VPS gives her no privacy from her cloud provider. That all of her traffic and data can easily be seen, copied or moved. Following her analysis, Alice understands that having a VPS gives her no privacy from her cloud provider. That all of her traffic and data can easily be seen, copied or moved.
<br><br> <br><br>
A bare-metal server would give her more privacy and better protection from a malicious cloud provider. She can still put in place mitigations measures through her SOPS (standard operating procedures). Thus, if she needs to run a sensitive service on a VPS it will only ever be a short-lived one. Such a VPS will live on borrowed time from the moment it is started because as soon as the service provider will decide to look into it it will be easily identified and shut down. <br><br>
One way to avoid such issues and the availability implications is to run a fleet of VPSes with load balancers and redirectors. That way, any instance being shutdown by the cloud provider becomes a non-event that does not impact overall availability. This requires the following:
<ul>
<li>Automation: spinning up a new instance must be fast, automated and standardized</li>
<li>Logistics: you must identify various providers and have a way to create dormant accounts with them and schedule a "cool off" period when one shuts down an instance</li>
<li>Monitoring: you must be immediately made aware when a service goes down in order to spin up a new one </li>
</ul>
<br>
Keep in mind that availability is only a third of the equation, integrity and confidentiality are also in jeopardy as soon as the cloud provider takes notice. You will have to put in place mitigations measures through your SOPS (standard operating procedures).
<h2><b>Organizational mitigations</b></h2> <h2><b>Organizational mitigations</b></h2>
@ -274,6 +285,11 @@ in this post we are going to do a threat modelling exercise:<br><br>
<li>Use of a separate server with higher security requirements for critical data</li> <li>Use of a separate server with higher security requirements for critical data</li>
</ul> </ul>
<h2>Bare-metal options</h2>
A bare-metal server would give her more privacy and better protection from a malicious cloud provider.
</div> </div>
</div><!-- /row --> </div><!-- /row -->