Self Hosted - Self-hosting your services.

11598 readers

5 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules

No harassment
crossposts from c/Open Source & c/docker & related may be allowed, depending on context
Video Promoting is allowed if is within the topic.
No spamming.
Stay friendly.
Follow the lemmy.ml instance rules.
Tag your post. (Read under)

Important

Beginning of January 1st 2024 this rule WILL be enforced. Posts that are not tagged will be warned and if not fixed within 24h then removed!

Lemmy doesn't have tags yet, so mark it with [Question], [Help], [Project], [Other], [Promoting] or other you may think is appropriate.

Cross-posting

[email protected] is allowed!
[email protected] is allowed!
[email protected] is allowed!
[email protected] is allowed if topic has to do with selfhosting.
[email protected] is allowed!

If you see a rule-breaker please DM the mods!

founded 3 years ago

MODERATORS

[email protected]

How private is a vps? (lemmy.ml)

submitted 3 weeks ago by [email protected] to c/[email protected]

33 comments fedilink hide all child comments

Can the vps provider not read everything on your server, unless it's explicitly encrypted?

I'm asking because I'm interested in self-hosting mainly as a way to get privacy respecting services where good hosted ones don't exist. I'm not sure I really want to deal with running my own hardware

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 15 points 3 weeks ago (13 children)

If it is in the RAM, they can read it. Since it is a virtual server they can freeze and clone the current state and connect to that copy and read all data that is currently encrypted/opened without you even knowing.

[–] just_another_person -3 points 3 weeks ago (8 children)

While this is technically true, there is no provider on the planet that can freeze state of RAM in a way that would be useful for this.

It's technically feasible to recover data on a laptop's RAM, but not from a virtualized multi-tenant instance tied to a specific user.

[–] theit8514 6 points 3 weeks ago (1 children)

Dunno what rock you were hiding under but this is absolutely possible in a hosted environment. There's even ESXi documentation on how to do it. Taking a snapshot can be detected, but can't be prevented. These memory dumps can include encryption keys, private keys (such as SSL certificates) and other sensitive data.

Unless you can physically touch the drive with your data on it, I would not store any sensitive data on it, encrypted or not.

load more comments (6 replies)

load more comments (10 replies)