New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
LowEndBox & LowEndTalk.
Comments
Very true.
Another case for why FDE matters even if it may seem pointless at first. The provider is usually expected to wipe the drives after the service is cancelled, but there is no way of verifying they were erased properly. Here, it could be a mistake but if the OP did not report it, who knows what could happen with the data of previous customers...
It would not be possible if the disk was encrypted from the start, since no sensitive plaintext data would be present on it.
The other scenario I also thought about recently is that newer NVMe drives go to read-only mode if drive detects unrecoverable failure. In some cases that could mean the data is actually not erasable since the drive blocks any write attempts.
I mean yeah, but if you just use providers you trust this isn’t an actual issue.
For example, I highly doubt OVH or even some smaller providers like @tentor would miss stuff like this.
Good advice. But what if the server goes down as result of hardwarefailure? Then you have no chance shredding your data and wiping disks is left to the mercy of the provider.
I highly assume previous customer bought server from provider, server broke, customer got other server or refund, old server fixed by provider, disks in the same state before breakdown and sold to new customer, following the salesthread from provider and the problems buyers ran into.
That's the best approach. Admittedly I am lazy about this, so I skip this part most of the time, depending on the provider. For example I trust Hetzner to properly clean up the drives both physical and logical.
For what it's worth, Hetzner gave me a KVM to a completely random server that wasn't mine one time.
I don't understand, can you elaborate?
More than just Hetzner...
I requested a KVM for my dedicated server at Hetzner.
Instead of getting a KVM that was attached to my server, I received a KVM that was attached to some random server that was running Windows. I did not have any servers running Windows.
I brought it to their attention and they corrected it.
If I was malicious, I could have mounted an ISO, booted it to rescue, and retrieved the data through the KVM. However, I am not malicious. Full disk encryption would stop this.
Ouch, I see. How long ago was that out of curiosity? I guess I need to be less lazy from now on....
July 2023. It was a while ago, but just be aware that these types of things can happen at any provider. People can and will make mistakes, especially with manual processes like mounting KVMs.
If you are hosting anything sensitive at all, you should do FDE.
I do it on the most important ones, for example the server I use for Nextcloud, Immich and Gitea, since all my documents, photos and source code are stored there. But for example I forgot to do it with the mail server.... so I need to fix that especially after reading this.
Buy our camera.
Juicy stuff may be inside.
https://www.ebay.com/itm/226931340841
Not surprised at all.
It does matter, yes but if you have a VPS with constant reboots...this might be a headache since you will have to regularly unlock it, otherwise it will not boot.
You both right!
glws
I always reinstall first so I don't know if I ever got server with some existing data on it. But way too often there are reverse IP records still attached which should be also deleted.
The other day I had this question and thought of a remote server that sends unlock key to encrypted clients. Apparently this kind of key management is key escrow, but there's one better called network-bound disk encryption.
It's hilarious what some people out there do and especially not do. I literally used a provider a couple of months ago that exposed their own backups of internal VMs to customer VMs with the same VMID. Happened to 3 VMs of mine from them.
sad you didn't find the stored porn. Had this server from the Charityhost you could have enjoyed some private time. wink wink.
the problem is not the let prices, the problem is VPSSLIM!
can happen, maybe. but at vpsslim, bullshit is the core business.
Share it as a proof
@VPSSLIM
This is, of course, unacceptable. But sometimes automated procedures may not work properly, so I guess the provider needs to check what happened in this particular case. Usually, not only is the format required, but also wiping at least 10% of the disk space.
the double taxation issue with vpsslim remained unresolved for over a year, even though the topic was brought up repeatedly. it simply does not appear to be a reputable provider, but rather a fly-by-night operation.
This provider is not recommended! Backup data fast!
Black Friday is less than a week away - this is a perfect opportunity to find another provider.
Legal documents: HostSlim B.V. (NL)
Contact page: HostSlim OÜ (EE)
Source:
https://www.hostslim.eu/documents/termsofservice.pdf
https://www.hostslim.eu/about
Taxable turnover: 10,921 EUR (over 5–6 months), yet they claim to have 20,000 customers on their website.
source: https://ariregister.rik.ee/eng/company/17023991/HostSlim-OÜ?search_id=af5580d&pos=1
It’s starting to smell like a deadpool.
We would like to clarify a few important points regarding this situation. First of all, we would have greatly appreciated it if you had contacted us immediately after noticing something was wrong. You did not open a ticket at any point about this issue, nor did you reply to our last ticket where we provided explanations and requested feedback. If you had reached out, we would have resolved this for you right away.
After conducting an internal investigation, we found that the older Supermicro motherboard used in this server had an incorrect BIOS configuration. Prior to handing this hardware to the previous user, the BIOS was configured correctly. That previous customer did not renew their service and left invoices unpaid, which caused the server to enter our termination cycle. During that cycle, the server should automatically wipe all disks.
To double-check, we tested this process in our environment on another server with the exact same setup, and the disk wipe worked as intended. We then corrected the BIOS configuration on your server, ran a wipe again, and it completed successfully. Your system now has a clean, fresh installation since yesterday.
We have also carried out a thorough investigation across all other systems and can confirm that no other servers are affected by this issue.
We are very sorry this situation gave a very bad impression and I want to make clear this is an isolated incident and something we can learn from.
Additionally, it’s important to mention that you purchased a very low-cost deal (128GB RAM with an E5 CPU for €24 per month). Despite that, we went the extra mile and provided you with an additional free month due to earlier issues with your other server. This is precisely why we would have appreciated if you had reached out to us first through a support ticket instead of making this public post without giving us the opportunity to assist you.