Amazon assigned you the x.509 cert and you tell them what password to
use. They have direct access to decrypt your image since they know the
secret.
On another note.. I run some servers on a remote OpenVZ host for cheap
amounts per month.. I enjoy it.. I store all my encrypted stuff in
encrpyted formats or overlays (encfs rocks my world) and my root user
doesn't have a password. If they need to set one they can do it on a
whim - they have direct access to do whatever they want with my server.
This is about the same with Amazon. They are more security minded,
obviously, and may make for a more secure hosting environment with a
lower exploit factor. But encrypted data ALWAYS needs to be decrypted
to be put to use. I appreciate what Amazon is doing, I think it's
pretty spiffy. But it's also just a start to a more secured off-site
computing environment. Massive amounts of stuffs will have to change
before on-site or off-site computing can be uncrackable, unrootable, and
security flaw free. I'd hate to think Amazon is guiding people into a
false sense of security. However they have developed a system similar
to a secure copy ala ssh for their own means, using x.509 cert
standards. The difference being I don't control the cert used to upload
and mount the image.
Damien, I think I'm going to test out Amazon EC2 now.
Shane
Damien Hull wrote:
> My server doesn't have a password. Not when it starts anyway. The details are a bit fuzzy but there is an X.509 cert that goes with the server. You need that to boot it.
>
> Even if an admin at Amazon is able to boot the server there's nothing their for them to see...
>
> ----- Original Message -----
> From: jonr@destar.net
> To: aklug@aklug.org
> Sent: Monday, May 18, 2009 10:05:26 AM GMT -09:00 Alaska
> Subject: [aklug] Re: My virtual server on Amazon
>
> They would easily be able to log into your VM. They would just change
> the root password.
>
> Jon
>
> Quoting Damien Hull <damien@linuxninjas.tv>:
>
>> Hmm... Never thought if it that way... In any case, no data is
>> stored on the image. nothing important anyway. When you shut down
>> the virtual server all data is lost. Any data you want to save must
>> be stored on an EBS.
>>
>> If the EBS is encrypted an admin at Amazon won't be able to look at
>> backup data or mount the EBS. Again, it all depends on how paranoid
>> one wants to be. And yes, I know that a running server gives one
>> access to the EBS or all my data... Assuming they have a way to
>> login to my virtual server...
>>
>>
>> ----- Original Message -----
>> From: "Shane R. Spencer" <shane@bogomip.com>
>> To: "Damien Hull" <damien@linuxninjas.tv>
>> Cc: "Arthur Corliss" <acorliss@nevaeh-linux.org>, aklug@aklug.org
>> Sent: Sunday, May 17, 2009 3:19:27 PM GMT -09:00 Alaska
>> Subject: Re: [aklug] Re: My virtual server on Amazon
>>
>> Your X.509 cert determines your authenticity to start the virtual
>> machine.. but the machine image itself is not encrypted once it's stored
>> @ S3. Not unless they chose to use a crypto loopback device to handle
>> your image. Sounds like a waste of cycles since they end up decrypting
>> it anyways.
>>
>> Also.. Amazon gives you your X.509 cert that you generate using their
>> servers. Authenticated against their trusted master keys. Sigh.
>>
>> I have no idea why the images are even encrypted. Anybody? Other than
>> marketing and false senses of security can anybody tell me why the
>> amazon encryption methods work and how they protect your data, and from
>> who? Sure it keeps the stream pretty as it gets uploaded.. lower MITM
>> attack rate if it's done that way. That's why I use ssh/scp.
>>
>> Shane
>>
>>
>> Damien Hull wrote:
>>> True... However, so much of what we do is in the cloud. Email and
>>> shopping are good examples. There's encryption for email but people
>>> don't use it. Our credit card info is encrypted during the
>>> transaction process but it's sitting on a server somewhere. That's
>>> how the bad guys get it.
>>>
>>> I think it depends on what kind of data we're talking about. What I
>>> post on my blog doesn't need to be encrypted. Documentation about
>>> server settings is another story. I might want to keep that safe...
>>>
>>> Data security will be come a big issue as more and more people use
>>> web based applications. Google docs is a good example. How safe are
>>> ones doc's on Google?
>>>
>>> There's no simple answer. I'll watch what I put in the cloud but
>>> I'm not taking the paranoid approach.
>>>
>>> NOTE
>>> My Ubuntu server image on Amazon is encrypted. It can't be started
>>> with out my X.509 cert.
>>>
>>> ----- Original Message -----
>>> From: "Shane R. Spencer" <shane@bogomip.com>
>>> To: "Damien Hull" <damien@linuxninjas.tv>
>>> Cc: "Arthur Corliss" <acorliss@nevaeh-linux.org>, aklug@aklug.org
>>> Sent: Sunday, May 17, 2009 2:29:38 PM GMT -09:00 Alaska
>>> Subject: Re: [aklug] Re: My virtual server on Amazon
>>>
>>> Somebody somewhere has a funny saying about "Better than nothing".
>>>
>>> Just remember that your encryption key is in memory on a box somewhere
>>> that's out of your control.. And cryptsetup needs to be validated
>>> against your package repository before being used. Virtual server
>>> environments are fun because of all the security problems they impose.
>>>
>>> When storing data to an offsite backup system I always back up the
>>> result of an encrypted block device, file, or stream. Like when using
>>> ecryptfs or encfs, you back up the encrypted directory using tools like
>>> rsync since you'll never be able to decypher the names using, say, tab
>>> completion. You just have to back up the entire thing.
>>>
>>> When using duplicity you pipe the output of their stream archive format
>>> through GPG running on a local host. This way you control everything
>>> assuming you are in control of your own box.
>>>
>>> Anyways.. it doesn't need to be this tight if the data doesn't require
>>> it. But encryption is next to useless if you're doing the processing on
>>> a virtual machine on top of a host that you have no control over.
>>>
>>> Shane
>>>
>>> Damien Hull wrote:
>>>> This is true. Couple of things to remember...
>>>> 1. This is all web data...
>>>> 2. No different then a real server in some far off data center
>>>>
>>>> There are exceptions...
>>>> 1. Email
>>>> 2. Groupware applications that allow users to upload files etc...
>>>>
>>>> I'm looking at encrypting my data. That doesn't include /etc...
>>>> Amazon has a service called the "Elastic Bloc Service" or EBS for
>>>> short. Luks Format for block level data encryption... If the EBS
>>>> block device is mounted my data is wide open. However, snapshots
>>>> would be encrypted...
>>>>
>>>> It's better then nothing...
>>>>
>>>>
>>>> ----- Original Message -----
>>>> From: "Arthur Corliss" <acorliss@nevaeh-linux.org>
>>>> To: "Damien Hull" <damien@linuxninjas.tv>
>>>> Cc: aklug@aklug.org
>>>> Sent: Monday, May 11, 2009 10:12:07 PM GMT -09:00 Alaska
>>>> Subject: Re: [aklug] My virtual server on Amazon
>>>>
>>>> On Mon, 11 May 2009, Damien Hull wrote:
>>>>
>>>>> I think this is the wave of the future. I don't have to worry
>>>>> about hardware... Or fast Internet connections. Very cool!
>>>> :-) It sounds interesting, but remember, all things within reason.
>>>> Remember, now someone other than you has direct access to any private data
>>>> you put on that cloud, whether it be private SSL or SSH keys, your shadow
>>>> file, etc.
>>>>
>>>> Something to think about before you use the same passwords as you
>>>> do on your
>>>> own systems.
>>>>
>>>> --Arthur Corliss
>>>> Live Free or Die
>>>>
>>>
>>
>> --
>> Damien Hull
>> Linux Ninja
>> Open Source Assassin
>>
>> http://linuxninjas.tv
>> http://elite.linuxninjas.tv
>> http://www.digital-overload.net
>>
>> ---------
>> To unsubscribe, send email to <aklug-request@aklug.org>
>> with 'unsubscribe' in the message body.
>>
>>
>
>
>
>
> ---------
> To unsubscribe, send email to <aklug-request@aklug.org>
> with 'unsubscribe' in the message body.
>
>
-- Attached file included as plaintext by Ecartis --
-- File: signature.asc
-- Desc: OpenPGP digital signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkoRxb0ACgkQXK/vGhypreI2vgCgtRKEevcm8o05BVLbawnhWjiI
Y+oAnRWYEm1sd969/8a1N9IU6ZXCipY7
=BE1Y
-----END PGP SIGNATURE-----
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Mon May 18 12:30:04 2009
This archive was generated by hypermail 2.1.8 : Mon May 18 2009 - 12:30:04 AKDT