undefined | Better HN

0 pointscorresation12y ago0 comments

No one would intentionally make the choice of having their data shared with other users, and if that is a business model they rely upon they need to find another.

This is a profound, never-ever-should-happen gap in data security, and it is yet another instance where DigitalOcean comes out looking remarkably amateurish.

Conversationally, I would have expected their hypervisor to have been doing thin provisioning: That until you write data to a block the block is 0s (having no provisioning on actual storage). And if you write 0s, that too isn't actually provisioned on real storage. And when you write actual data, well that is what the block now contains.

0 comments

3 comments · 1 top-level

gizmo68612y ago· 2 in thread

>No one would intentionally make the choice of having their data shared with other users, and if that is a business model they rely upon they need to find another.

Unless they do not care if their data is shared, and would be willing to let it be shared for a reduced cost.

corresationOP12y ago

If there were a box that said "share your data" that you had to click, I cannot imagine the users who would click it. Further no one was ever told that the value proposition of DigitalOcean relies upon a complete and utter lack of data integrity.

That is a dishonest angle. It is not in any way how this has been sold. Further you don't get a discount for choosing not to scrub, but instead essentially get tricked into it by the magical law of defaults.

gizmo68612y ago

I do not mean to say that it was justified in this particular case. I was responding to the idea that all products must be secure, even for users who do not want to pay for the added security. Also, it is not so much that I think a service should offer a discount for handling your data insecurely (although in this particular case, the insecure handling is actually cheaper on a per user basis). Rather, there is a place in the market for products that are not secure, and therefore do not have to pay to develop and maintain the security aspects of the service.

j / k navigate · click thread line to collapse