|
|
|
|
|
|
by rallison
4560 days ago
|
|
|
Indeed. The non-scrub option simply should not exist. Are there use cases for non-scrub? Yes. Are the risks worth it? No, at least in my opinion. Forget to check that box? Oh well, better hope the next droplet doesn't go and read your data. Moderately competent developer doesn't realize the implications of not checking that box? Oh well, better hope that developer didn't have too much sensitive data on the droplet. Etc etc. Security is the big area where the default should be to err on the side of caution - often removing choices that are simply too dangerous (when, for example, the tradeoff is a tiny amount of performance gain). I say this all as someone who likes and is a customer of DO. I am disappointed. |
|
|