Comment on Notes on full disk encryption on a Hetzner cloud VPS
lnxtx@sopuli.xyz 21 hours ago
Still better than nothing.
But there is also a possibility to dump the RAM and recover a key or data.
If you can, store only pre-encrypted data.
Comment on Notes on full disk encryption on a Hetzner cloud VPS
lnxtx@sopuli.xyz 21 hours ago
Still better than nothing.
But there is also a possibility to dump the RAM and recover a key or data.
If you can, store only pre-encrypted data.
versionc@lemmy.world 21 hours ago
If I can use E2EE, I will. This VPS will never be exposed to the internet, it will only be accessible through Netbird. The main reason for setting up FDE is for Immich which doesn’t support E2EE, so that the data won’t be (as easily) recoverable should the VPS be recycled. But yeah, it’s not perfect, but like you said it’s better than nothing.
I don’t really take physical access (including Hetzner and law enforcement) into account in my threat model.