|
|
|
|
|
|
by greenthrow
1285 days ago
|
|
|
This is a low quality article. Disk encryption at rest has a bunch of reasons to be required besides someone breaking into AWS to steal the disk (and someone could bribe an employee to do that as easily as bribe an employee to steal your data digitially.) This blog post is like someone complaining "parameterized queries are so much more of a pain than just using string interpolation to build my queries. I'd never allow SQL injection in my app." Hubris of an inexperienced engineer imho. |
|
|
This seems unnecessarily hostile. I've worked with cloud infrastructure and security for more than 10 years. If you have experience of unencrypted disks being stolen from AWS I'm very interested to hear about it.
Note, though, that I don't claim one shouldn't encrypt disks, but I consider it to be very low on the list of priorities when it comes to lowering risk. There is almost always risk-lowering actions with better cost:benefit ratio than encrypting disks in the cloud, since that risk is already so low.