Today we announce that we have completely removed all traces of disks being used by our VPN infrastructure!

  • viking@infosec.pub
    link
    fedilink
    arrow-up
    51
    ·
    1 year ago

    Not at all. Of course their operating system has to be booted from some kind of solid state disk, but all actual operations are carried out in the RAM, meaning that nothing is ever written to the disk. Since the RAM is periodically overwritten and doesn’t hold any data in case of a reboot or power failure, they are de-facto not logging a single thing.

    • 4am@lemm.ee
      link
      fedilink
      English
      arrow-up
      10
      ·
      1 year ago

      I believe the edge devices would use netboot, so they load the kernel and user land into RAM over a network and have no disk in them at all.

      Here’s hoping that image stays clean😉

      • viking@infosec.pub
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        Right, I mean that the boot image is stored somewhere in a solid state. Whether that’s on a centralized server or locally, no clue. But makes sense to load it remotely, easier to maintain proper versioning that way and ensure cross-compatibility.