this post was submitted on 20 Sep 2023
912 points (98.9% liked)

Privacy

32028 readers
1069 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Today we announce that we have completely removed all traces of disks being used by our VPN infrastructure!

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 1 points 1 year ago

It's a valid question, even if your scenario isn't plausible. The very point is that all data is ephemeral - there is no "data at rest" to be compromised. But the problem is that this data is very, very important. It would include (among other things) account information. If all of the servers power off simultaneously (for whatever reason), then yes, it would likely destroy them. More likely is a software fault that causes each system to crash, or lose/corrupt that data.

But there are ways around this, too. I have no idea which (if any) of these they are doing, just that these are options. They already probably sync data among running servers, it will just now be done exclusively in RAM. They can have "seed" distributed servers, running an entirely different codebase, simply to house this data. They would also be diskless, but mostly unconnected to the standard operational servers. From an architecture and design standpoint, these would work a lot like disks.

Distributed is also a key word - it wouldn't be a single server, rack, or even datacenter that would need to collapse. It would be to be all of them, or at least sever their connections to each other.

(Side note: Going diskless addresses concerns about data security for data at rest. It does nothing about data in motion)

TL;DR: Theoretically yes, but it would take a lot more than that.