Today we announce that we have completely removed all traces of disks being used by our VPN infrastructure!

    • viking@infosec.pub
      link
      fedilink
      arrow-up
      51
      ·
      1 year ago

      Not at all. Of course their operating system has to be booted from some kind of solid state disk, but all actual operations are carried out in the RAM, meaning that nothing is ever written to the disk. Since the RAM is periodically overwritten and doesn’t hold any data in case of a reboot or power failure, they are de-facto not logging a single thing.

      • 4am@lemm.ee
        link
        fedilink
        English
        arrow-up
        10
        ·
        1 year ago

        I believe the edge devices would use netboot, so they load the kernel and user land into RAM over a network and have no disk in them at all.

        Here’s hoping that image stays clean😉

        • viking@infosec.pub
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          Right, I mean that the boot image is stored somewhere in a solid state. Whether that’s on a centralized server or locally, no clue. But makes sense to load it remotely, easier to maintain proper versioning that way and ensure cross-compatibility.

    • MotoAsh@lemmy.world
      link
      fedilink
      arrow-up
      24
      ·
      1 year ago

      One big enough to fry running RAM, especially if they’re using real servers with ECC: RAM that can fix data corruption.

      If a solar flare is frying server RAM, the power grid itself is going to be on fire. All of it.

    • 👁️👄👁️@lemm.ee
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      It’d turn the servers off obviously, but that’d be true if it was on disk or not. The source code is stored elsewhere probably on multiple data servers they access with git.

    • Nollij@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      It’s a valid question, even if your scenario isn’t plausible. The very point is that all data is ephemeral - there is no “data at rest” to be compromised. But the problem is that this data is very, very important. It would include (among other things) account information. If all of the servers power off simultaneously (for whatever reason), then yes, it would likely destroy them. More likely is a software fault that causes each system to crash, or lose/corrupt that data.

      But there are ways around this, too. I have no idea which (if any) of these they are doing, just that these are options. They already probably sync data among running servers, it will just now be done exclusively in RAM. They can have “seed” distributed servers, running an entirely different codebase, simply to house this data. They would also be diskless, but mostly unconnected to the standard operational servers. From an architecture and design standpoint, these would work a lot like disks.

      Distributed is also a key word - it wouldn’t be a single server, rack, or even datacenter that would need to collapse. It would be to be all of them, or at least sever their connections to each other.

      (Side note: Going diskless addresses concerns about data security for data at rest. It does nothing about data in motion)

      TL;DR: Theoretically yes, but it would take a lot more than that.