[saalweachter]

Yeah, there's always a dividing line.

Between two servers in the same rack? Between two racks in the same datacenter? Between two datacenters in the same physical complex? Between two complexes connected by fiber you installed yourself?

If the security state keeps on keeping on, I expect companies which care about privacy to keep tightening it in. One day not long from now it might be considered ludicrous to transfer data from one server to another server within the same datacenter unencrypted. One day not long after that we may perfect secure multi-party computation, and a server might perform meaningful computation upon an encrypted dataset without any ability to decrypt it.

The goalposts are moving.

[MichaelGG]

If you own the entire datacenter (like I'm sure Google does in most scenarios) and you're having racks compromised, then you probably have much larger issues that crypto won't solve.

[saalweachter]

Datacenters aren't poofed into existence. The networking hardware could be compromised at the factory, which would compromise the datacenter's network security without compromising its physical security or any of the servers.

[MichaelGG]

By that logic, the networking hardware on the NIC could be compromised as well, giving an attacker DMA capabilities on a server, too.