The primary reason I see for encryption is because all of the disks are shared. ... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

Bedon292 on Dec 16, 2022 | parent | context | favorite | on: Problems with disk encryption in AWS

The primary reason I see for encryption is because all of the disks are shared. Encrypting at rest is to make sure that the next user of the disk is not able to find any of your data. Even if the odds are low, you still don't want any private information leaking on accident. And you have to be able to guarantee it for things like HIPAA or PCI compliance.

rwmj on Dec 16, 2022 [–]

Are you saying that EBS exposes previous tenant disk contents when you provision a new disk? I've never heard of that happening. It would be incredibly insecure if true.

lazide on Dec 16, 2022 | [–]

It shouldn’t. But do you want to be the example ‘oops’?

If FDE is easy to do, it’s usually worth it to reduce the risk to zero.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact