I created a droplet and then destroyed it with the 'Scrub Data' checkbox enabled, and was surprised when I noticed it had been turned into a "temporary snapshot" rather than eliminated entirely in a secure, irrecoverable manner as the text around that UI element would have suggested.
I then went ahead, to prove a point, in restoring said snapshot onto an instance called 'test' and what you are seeing in terms of lingering data is from 'test' as very primitive proof that the snapshot did indeed occur and 'Scrub Data' doesn't behave how I think it should.
tl;dr - raiyu is being perfectly forthcoming and DigitalOcean is not reusing droplets to avoid erase/reset, we're just quibbling over the semantics of whether the 'Scrub Data' box should have a safety net or not, and whether the presence of a safety net could be deemed a security issue.
I read the blog quickly and didn't understand that you restored the snapshot either. I think that's something you should highlight better, because it completely diminish the level of the issue.
Agreed. It took me a while to figure out and it basically makes your post moot, from what I can tell. I thought you made a brand new droplet and found your old data on it.
I created a droplet and then destroyed it with the 'Scrub Data' checkbox enabled, and was surprised when I noticed it had been turned into a "temporary snapshot" rather than eliminated entirely in a secure, irrecoverable manner as the text around that UI element would have suggested.
I then went ahead, to prove a point, in restoring said snapshot onto an instance called 'test' and what you are seeing in terms of lingering data is from 'test' as very primitive proof that the snapshot did indeed occur and 'Scrub Data' doesn't behave how I think it should.
tl;dr - raiyu is being perfectly forthcoming and DigitalOcean is not reusing droplets to avoid erase/reset, we're just quibbling over the semantics of whether the 'Scrub Data' box should have a safety net or not, and whether the presence of a safety net could be deemed a security issue.