|
|
|
|
|
|
by marshray
5225 days ago
|
|
|
I really doubt that "only HDD access" is a secure position in cases where your cloud provider CSR is pwned. If that's even the case here. We don't have much indication that the attacker couldn't have taken a snapshot of a running system (or that that will be how it happens next time). So, sure, use a loopback crypto filesystem. It just doesn't provide much in the way of a security guarantee (but it adds some measurable costs). |
|
|