On Sat, Feb 4, 2012 at 8:09 PM, Marco Gruß <[email protected]> wrote: > with https://cloud.torproject.org/ actively promoting it, > I have been thinking about Tor vs. EC2 for a while.
I'm unqualified to say anything about the specific questions wrt VM system security... but I thought it might be worthwhile to offer a bit of caution related to risk saliency. Whatever risks you decide exist in EC2 here probably also exist in many other services (certainly ones that are similar to EC2, but probably also in ones that look less like it). Arguably they exist in all cases where the operators don't have physical control over the machines. If these risks are discussed as risks of EC2, rather than more general risks of virtualization, or systems owned by third parties then people may avoid EC2 in favour of alternatives which are less secure in practice. If I were a hostile force which was able to compromise some hosting providers but not EC2, raising public concerns about the security of EC2 specifically would be a smart tactic on my part. :) Food for thought. _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
