Technology

68991 readers

4220 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related news or articles.
Be excellent to each other!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
Check for duplicates before posting, duplicates may be removed
Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago

MODERATORS

[email protected]

783

We have successfully completed our migration to RAM-only VPN infrastructure - Mullvad VPN (mullvad.net)

submitted 2 years ago by [email protected] to c/[email protected]

91 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 87 points 2 years ago (2 children)

What does “without any disks in use” mean?

If the computer is powered off, moved or confiscated, there is no data to retrieve.
We get the operational benefits of having fewer breakable parts. Disks are among the components that break often. Therefore, switching away from them makes our infrastructure more reliable.
The operational tasks of setting up and upgrading package versions on servers become faster and easier.
Running the system in RAM does not prevent the possibility of logging. It does however minimise the risk of accidentally storing something that can later be retrieved.
https://mullvad.net/en/blog/2022/1/12/diskless-infrastructure-beta-system-transparency-stboot/

[–] [email protected] 31 points 2 years ago (2 children)

While mostly true, there are ways to preserve ram if the device is confiscated.

Your local PD likely couldn’t pull it off, but if one of the larger abbreviation agencies were to get involved, data on RAM isn’t a huge hurdle. Assuming no one flips the power switch, at least.

[–] [email protected] 20 points 2 years ago

Yeah, freezing and dumping RAM is a well known attack, even happening at some airports with laptops. But it still requires very recently powered ram, basically still in operation before extraction. It's a big step toward security at least.

[–] [email protected] 13 points 2 years ago* (last edited 2 years ago)

I guess it's going to stop any standard agencies with a warrant. Confiscating the machine for it to sit in a warehouse until some forensic techs get their hands on it.

[–] [email protected] 3 points 2 years ago (1 children)

There are devices that allow moving and confiscating computers without powering them off.

The rest are true.

[–] [email protected] 4 points 2 years ago (1 children)

That's assuming those computers weren't already powered off first.

[–] [email protected] 3 points 2 years ago (1 children)

Sure, but how often does that happen to servers running 24/7? They'd have to set up some sort of dead man's switch, movement sensors, or something. It's unlikely they'd get a day's notice that the servers are going to be confiscated for forensic analysis.

[–] [email protected] 2 points 2 years ago (1 children)

How long do you think it takes to broadcast a network wide shutdown command over the management network?

[–] [email protected] 2 points 2 years ago

How long do you think would you have? Also, any manual action on your part would be obstruction, while an automated system could be defended as anti-theft protection.