this post was submitted on 20 Sep 2023
783 points (99.0% liked)

Technology

62853 readers
6245 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
783
We have successfully completed our migration to RAM-only VPN infrastructure - Mullvad VPN (mullvad.net)
submitted 1 year ago by [email protected] to c/[email protected]
96 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 22 points 1 year ago (28 children)

Can someone explain to me what this means? I’m technologically inept when it comes to privacy, slowly getting better day-by-day thanks to Lemmy.

[–] lustrum 88 points 1 year ago (3 children)

What does “without any disks in use” mean?

  • If the computer is powered off, moved or confiscated, there is no data to retrieve.
  • We get the operational benefits of having fewer breakable parts. Disks are among the components that break often. Therefore, switching away from them makes our infrastructure more reliable.
  • The operational tasks of setting up and upgrading package versions on servers become faster and easier.
  • Running the system in RAM does not prevent the possibility of logging. It does however minimise the risk of accidentally storing something that can later be retrieved.
    https://mullvad.net/en/blog/2022/1/12/diskless-infrastructure-beta-system-transparency-stboot/
[–] [email protected] 31 points 1 year ago (2 children)

While mostly true, there are ways to preserve ram if the device is confiscated.

Your local PD likely couldn’t pull it off, but if one of the larger abbreviation agencies were to get involved, data on RAM isn’t a huge hurdle. Assuming no one flips the power switch, at least.

[–] [email protected] 20 points 1 year ago

Yeah, freezing and dumping RAM is a well known attack, even happening at some airports with laptops. But it still requires very recently powered ram, basically still in operation before extraction. It's a big step toward security at least.

[–] lustrum 13 points 1 year ago* (last edited 1 year ago)

I guess it's going to stop any standard agencies with a warrant. Confiscating the machine for it to sit in a warehouse until some forensic techs get their hands on it.

[–] [email protected] 3 points 1 year ago (1 children)

There are devices that allow moving and confiscating computers without powering them off.

The rest are true.

[–] [email protected] 4 points 1 year ago (1 children)

That's assuming those computers weren't already powered off first.

[–] [email protected] 3 points 1 year ago (1 children)

Sure, but how often does that happen to servers running 24/7? They'd have to set up some sort of dead man's switch, movement sensors, or something. It's unlikely they'd get a day's notice that the servers are going to be confiscated for forensic analysis.

[–] [email protected] 2 points 1 year ago (1 children)

How long do you think it takes to broadcast a network wide shutdown command over the management network?

[–] [email protected] 2 points 1 year ago

How long do you think would you have? Also, any manual action on your part would be obstruction, while an automated system could be defended as anti-theft protection.

load more comments (24 replies)