Ask HN: How to secure a server without physical control of the hardware?

7 points

13 years ago

I've seen a lot of DIY alternatives to GMail, Dropbox, etc. lately (most recently: https://github.com/al3x/sovereign), all focused on the software aspect of replicating those services. However, the most practical way to do this is to spin up a cloud box on EC2 or Rackspace, or a VPS on Linode or Media Temple and install it there.

The problem I have is that for all the effort, you're still keeping your data at a third party, who 1) can be ordered to provide a backdoor to your data, and 2) would invalidate your expectation of privacy by the Third Party Doctrine (see: http://en.wikipedia.org/wiki/Stored_Communications_Act).

Short of owning every bit of hardware up to the fiber, is there any way to secure a virtual box such that a service provider could not achieve or grant others access to it?

6 comments