[quenix]

I'm not really sure how I feel about this. An issue that immediately jumped out at me is privacy, especially when they advertise web browsing (Brave, Chrome, Firefox) as a good use of this product.

I wouldn't feel OK doing around 90% of my web browsing on what is basically someone else's machine. I wouldn't feel safe logging in to websites, exchanging cookies, secure tokens, and just being in control of my browsing history. It's kind of akin to doing your everyday browsing on a library computer—it's a no-no.

We don't know how secure their VMs are, the VM-to-VM separation (can other instances use exploits/loopholes to peek into my home directory?) and at-rest data protection (encrypted at rest? can the owners see the saved data?).

[igniteram]

All apps on our platform are either ephemeral or persistent as the user chooses. Ephemeral workspaces by nature are short-lived as long as the user is using them and would be deleted (along with all the user data) immediately after the session ends while persisted workspaces will persist user data across sessions with multiple layers of security. Please read the faqs and privacy policy.

[benjaminwai]

I am curious as well with the last questions: Encrypted at rest? And can the owners (service maintainers) see the saved data? Scanning through the faqs and privacy pages, the only bit I found relevant is in Privacy Policy section 14 "Data Security" which, as most privacy policies, is quite vague on details. I'd say I would be wary about putting in my Github key to download my repo to use Android Studio or IntelliJ, or credentials/keys to access services for testing my codes, whether the session is ephemeral or persistent. It's hard to tell.