|
|
|
|
|
|
by knyt
4238 days ago
|
|
|
Don't think that'd add anything. The people investigating you would presumably look at your network traffic and see all of the non-anonymized TLS packets traveling between your VPS and the real server. And they shouldn't need to bring the VPS down to get an image of its disk (or its RAM). |
|
|
And the saving memory contents (could hold config files on tmpfs for example) seems to be a difficult process, from wikipedia "Holding unpowered RAM below −60 °C helps preserve residual data by an order of magnitude, improving the chances of successful recovery. However, it can be impractical to do this during a field examination."
It would be interesting to get perspective from any forensic experts.
The key imho is to put as many hoops in attackers path.