Such a weird discussion because we're talking about a company that is going from the very fundamentals of operating system design and the boot process of bare metal machines in order to get more security.
I am extra skeptical of a company that pushes this. They and I know they can't side step lawful requests which raises the spidey senses even further so I believe it is a valid question.
Containers, btw, cannot be snapshotted.
I did not say they could be. Their memory contents however can be accessed, even if the host memory is encrypted.
They've also discussed booting UEFI directly to VPN nodes:
That in no way precludes having VM's. I have run VM's on PXE Diskless nodes. The boot method is orthogonal to this.
It's completely weird to argue that they might introduce a layer of insecurity here.
Weird maybe? But completely logical and valid question nonetheless. They are leaving 53 characters out of their documentation unless I missed it. My questions could be solved by saying "We do not any form of virtual machines or containers". That is only 53 characters and should fit on their document site.
>They and I know they can't side step lawful requests which raises the spidey senses even further so I believe it is a valid question.
They have been able to turn down lawful requests previously, which is (at the very least) a positive indicator that may lower your spidey senses a bit.
>On April 18 at least six police officers from the National Operations Department (NOA) of the Swedish Police visited the Mullvad VPN office in Gothenburg with a search warrant.
>After demonstrating that this is indeed how our service works and them consulting the prosecutor they left without taking anything and without any customer information.
I remember that and that case was cool. I will leave my questions in place though because I recall Apple doing the same thing when a terrorist phone was locked and they claimed to not be able to access with a big public show/fight it but turns out they could and so could the FBI. My theory is that they did not want the public to lose confidence in their phones.
Apple would've had to create a specific OS update with a security hole the FBI could've exploited and distributed that.
Courts couldn't force them to do that -> FBI went another way. This was in the iPhone 7 era IIRC.
Currently their stuff is locked down even tighter and Apple has even less ability to hack anyone's phone. Barring a full-on backdoored software update targeted to a specific person - which they refused to do once already.
Yeah, that Apple case was really interesting. I always guessed that Apple could simply push a software update (possibly to everyone) that happens to open a backdoor for a specific phone. I wonder if that's what they did.
What happened in that case is the FBI went to a different vendor, and they broke into the iPhone either with a zero day they had developed or more likely, they just cloned the phone hardware thousands of times until they could guess the password.
Maybe - depends on how secure enclave is built. It may have hardware defined limitations on # of tries for the passkey and no way to circumvent that in firmware even.
> I am extra skeptical of a company that pushes this. They and I know they can't side step lawful requests which raises the spidey senses even further so I believe it is a valid question.
"Here is a subpoena compelling you to disclose the data you have on XYZ."
"Sure. Here is the data we have on XYZ." hands over blank page
It's not sidestepping the request. They literally do not have the data, because they don't retain it. And unless there is a specific law mandating that they retain the data, law enforcement have no grounds for punitive action.
I am extra skeptical of a company that pushes this. They and I know they can't side step lawful requests which raises the spidey senses even further so I believe it is a valid question.
Containers, btw, cannot be snapshotted.
I did not say they could be. Their memory contents however can be accessed, even if the host memory is encrypted.
They've also discussed booting UEFI directly to VPN nodes:
That in no way precludes having VM's. I have run VM's on PXE Diskless nodes. The boot method is orthogonal to this.
It's completely weird to argue that they might introduce a layer of insecurity here.
Weird maybe? But completely logical and valid question nonetheless. They are leaving 53 characters out of their documentation unless I missed it. My questions could be solved by saying "We do not any form of virtual machines or containers". That is only 53 characters and should fit on their document site.