I'm gun-shy of Linode's many security issues, but hopefully this further drives down RAM prices of competitors. I'd love a $10 2G DigitalOcean instance.
> I'm gun-shy of Linode's many security issues, but hopefully this further drives down RAM prices of competitors. I'd love a $10 2G DigitalOcean instance.
To be fair, unless you are running critical infrastructure and/or processing things involving money...Linode's quality of security is adequate. (i.e. For hobbyists and small businesses that don't touch take payments but rely on ad revenue )
Security is pretty terrible everywhere in the hosting business unless you colocate your own stuff in a locked cage or pay the tier-1 vendors who cost 100% more than Linode.
> unless you colocate your own stuff in a locked cage
How much is a locked cage really needed?
To me the risks are really someone messing with your cables and taking you off line, or accidentally pulling a power plug, which is QOS really. Not security. Can't remember when I heard of someone carting off a server or plugging in a cable to the console port (once they have gotten even into the racks and are on cameras) and doing any harm. Even if this does happen it seems fairly remote and not a concern unless you are really doing something so important that you need to lock up the servers. Sure price not being an object why not lock them up.
You can definitely run PCI compliant infrastructure on services such as AWS. Stripe runs on AWS IIRC. Many (most?) AWS services are PCI compliant and using them won't prevent you from being PCI certified.
they've had issues with security around their own systems (payment info leaked, IIRC). And if their systems are compromised, because they have the ability to touch my systems (root password reset, for example), there's a potential breach there.
and they had their own massive DDOS attack which went on for days last winter (dec 2015?)
Their DDOS was so bad that we had to migrate all of our servers from Linode to Google, which wasn't particularly fun during the weeks of intermittent connectivity. I think it was on the order of weeks, rather than days.
Atlanta seemed to be the primary target. We had something at LA and never had a problem. Servers in Atlanta were down for days, then up for a bit, then down for days again. I do believe in total it was probably 2ish weeks...
London was affected too. I have since moved on to other VPS providers and would suggest Linode ONLY for hobby projects. It's not just their security issues, it is mostly their disclosure policy...
You're right, and the downtime was inexcusable. We've learned from what happened and are continuously working to upgrade and better protect our network, and periodically report on our progress on our blog: https://blog.linode.com/2016/05/02/network-status-updates-ap...
To be fair, unless you are running critical infrastructure and/or processing things involving money...Linode's quality of security is adequate. (i.e. For hobbyists and small businesses that don't touch take payments but rely on ad revenue )
Security is pretty terrible everywhere in the hosting business unless you colocate your own stuff in a locked cage or pay the tier-1 vendors who cost 100% more than Linode.