Hetzner is great for dedicated servers, but for those of us who need smaller-scale secure/confidential VMs I'm afraid that there isn't really any other choice than hyperscalers.
Does anyone know if there is a VM vendor that sits somewhere in between a dedicated server host like Hetzner in terms of performance + cost-effectiveness and AWS/GCP in terms of security?
Basically TPM/vTPM + AMD SEV/SEV-SNP + UEFI Secure Boot support. I've scoured the internet and can't seem to find anyone who provides virtualised trusted computing other than AWS/GCP. Hetzner does not provide a TPM for their VMs, they do not mention any data-in-use encryption, and they explicitly state that they do not support UEFI secure boot - all of these are critical requirements for high-assurance use cases.
Interested to hear more about your use case and threat model, if you are willing to share. I ask because although I've looked into (and done some prototyping) with secure cloud hosting, I/we came to the conclusion that there's no current technology that is "actually secure" and so abandoned the approach. Curious if things have improved now, or if you're operating in some security theater context where it's ok.
The basic principle is to ensure that any machine/workload which joins the network (and processes customer data, in this case extremely sensitive PII) has a cryptographically verified chain of trust from boot to the application-layer to guarantee workload integrity.
NixOS is used for declarative and more importantly deterministic OS state and runtime environment, layered with dm-verity to prevent tampering of the Nix store. The root partition, aside from whatever is explicitly configured in the nix store, is wiped on every reboot. The ephemerality prevents persistence of any potential attacker, and the state of the machine is completely identical to whatever you have configured in your NixOS configuration, which is great for audibility. This OS image + boot loader is signed with organisation-private keys, and deployed to machines preloaded with UEFI keys to guarantee boot integrity and preventing firmware-level attacks (UEFI secure boot).
At this point you need to trust the cloud provider to not tamper with the UEFI keys or otherwise compromise memory confidentiality through a malicious or insecure hypervisor, unless the provider supports memory encryption through something like AMD SEV-SNP. The processor provides an AMD-signed attestation that is provided to the guest OS that states "Yes, this guest is running in a trusted execution environment, and here are the TPM measurements for the boot" and you can use this attestation to determine whether or not the machine should join your network and that it is running the firmware, kernel, and initramfs that you expect AND on hardware that you expect.
I think I'll put together a write-up on this architecture once I launch the service. There is no such thing as perfect security, of course, but I think this security architecture prevents many classes of attacks. Bootkits and firmware-level attacks are exceedingly difficult or even impossible with this model, combine this with an ephemeral root filesystem and any attacker would be effectively unable to gain persistence in the system.
Oracle Cloud Infrastructure tries to fill exactly this sweet spot. Cheaper compute than the other hyperscalers, while still offering similar security features (TPM, Shielded Instances, Measured Boot) and a bare-metal-first focus.
Disclaimer, just joined Oracle a few months ago. I'm using both Hetzner and OCI for my private stuff and my open-source services right now. I still personally think they've identified a clever market fit there.
"The root problem with conventional currency is all the trust that’s required to make it work. The central bank must be trusted not to debase the currency, but the history of fiat currencies is full of breaches of that trust. Banks must be trusted to hold our money and transfer it electronically, but they lend it out in waves of credit bubbles with barely a fraction in reserve." - Satoshi Nakamoto
I don't know about the author but I have a feeling that the track record of central banks isn't exactly stellar, and I'd much rather trust a decentralised system with zero ability for sustained debasement than trust a small centralised group of people who have time and time again abused that trust.
Satoshi vanished more than a decade ago. He didn't get to comment on what became of his creation.
The current state is:
* Bitcoin (BTC) development is driven by a very small development team.
* Main discussion spaces (eg, /r/bitcoin) are owned by a small team.
* NFTs are almost exclusively sold on centralized marketplaces with the capability of banning a NFT from it if they don't like it.
* Miners aggregated into something like a dozen relevant mining pools.
* The main way of obtaining BTC is at large, centralized exchanges. Who often hold your balance in a database and not in the blockchain, because BTC transactions are expensive.
Yup, he completely fixed it. Rather than trusting an elected government in BTC people put their trust in whoever now gets to commit to the github repo.
And how is the track record of decentralized "currencies"? Buying drugs, money laundering, rampant speculation, rug pulls, fraud, high fees, inefficiency, horrible UX, irreversible SFYL, and destroying the climate.
>Buying drugs, money laundering, rampant speculation, rug pulls, fraud, high fees, inefficiency, horrible UX, irreversible SFYL, and destroying the climate.
Every one of these charges happens every day and in some of them to a much greater scale in fiat, especially climate destruction due to inflationary monetary policy, which encourages consumption and waste and punishes thrift and savings.
This is just another form of the "we should ban encryption because criminals use it" argument.
Criminals and wrongdoers will always exist. Statists and financiers are just another category of them, who have a system that conveniently covers their crimes. I will put all my weight behind anything that weakens their power over me: I.e cryptography and cryptocurrency.
Sure, but ransomware is just extortion and that is a concept that has existed for time immemorial. I think ransomware is a relatively small part of the global volume of generalised extortion which is almost certainly mostly settled in fiat and not crypto.
I find it strange that so many cryto people get so emotional when such comments are made. It makes it rather difficult to have an actual discussion on the issues.
It's difficult to have an actual discussion when the same old platitudes keep reappearing in every crypto discussion.
I can rephrase as a question: Should we stop using groundbreaking and individual-empowering technologies just because some criminals benefit? Every single technology is exploted by criminals. I fail to see how that is an argument for its disavowal. If anything, we need to normalise privacy and encryption among virtuous everyday individuals.
Have you not ever read financial history and what things were like without central banks?
No one that knows what they are talking about can possibly think we were better off without central banks. It is a childish and clueless view.
House Of Morgan, History of Interest Rates from Wiley. Try reading some books instead of looking up things on wiki to back up your already nonsense beliefs. You can not read those books and come away thinking getting rid of central banks is a good idea.
You are just making the old clueless gold bug argument repacked in digital form.
Financial crises have been more severe, longer, and more sustained since the introduction of central banking. Let us also not forget that the industrial revolution and the extraordinary growth of Western economies in the late 1800s were mostly conducted under free banking without a central buyer and lender of last resort, and in some jurisdictions where a central bank existed it was regulated to follow a strict gold standard.
> Financial crises have been more severe, longer, and more sustained since the introduction of central banking.
I admit that I'm not willing to even look into your argument too deeply, although I have severe doubts about its validity. The reason is you omit one order-of-magnitudes factor: The economy has increased exponentially beginning with the industrial revolution, and world population similarly. So of course any disaster, including natural ones, without anything else impacts ever more people and is ever more complex to solve.
This is the major factor that you have to address before any other, but you simply ignore it. Like all the pro-crypto arguments, they always leave out extremely easily accessible points that are not hard to find, which I find strange, and which makes these discussions so tiresome.
And by the way, when it was new I looked into blockchains to the point of even taking programming courses for it, so it's not like I'm completely "armchair" about it. I rejected it only after doing active research.
"The root problem with conventional currency is all the trust that’s required to make it work."
Trust is required to make cryptos work too. Yes, a blockchain is "immutable", as long as the network isn't hacked w/ e.g., a 51% attack in Bitcoin's case. However, the price of Bitcoin isn't really anchored to anything, i.e., there's no natural demand for it like there is for fiat currencies (since people must pay their taxes in fiat), so basically, only the collective trust and hope of people is making it valuable.
In addition to that, current cryptos are lacking in either decentralization, efficiency, or both, nevermind the various decentralized applications that operate like any traditional company, which you'll have to trust in order to use the app. So as of now, a truly decentralized and efficient blockchain network is only a dream.
I'm not saying fiat currencies are without problems though -- they very much aren't. The regulation is problematic, but the bigger underlying issue stems from the expectation of infinite growth. Money in the modern economy is basically debt, whose interests are paid off with newly created debt. This cycle works only if the loan money is, on average, invested profitably, i.e., (in very rough terms) the GDP rises along with the money supply. This is difficult to begin with, but since compounding interests grow exponentially, it means that the GDP should rise exponentially too, which, since exponentially growing curves approach infinity relatively fast, means that the planet is fucked due to exponentially growing demand of energy and natural resources.
To make an analogy, long distance travel also has a checkered history over the past 300 years. Today, most people hop on a plane or a bus with little thought about its safety, and manageable concerns about its arrival time. Likewise most of us expect our salary to hold steady in between payday and when we spend it, with manageable expectations about what it will be worth in six months.
>From my point of view serfdom is the (block)chain. Only people with enough stake or those who pays are in control.
I disagree with this but even if one assumes this to be the case, I'd much rather prefer a monetary system subject to the control of free market forces rather than the modern monetary system which is subject to a small group of unelected and unaccountable technocrats operating under the feeble assumption of central bank independence and whose power is extended through coercion and not voluntary association.
If crypto replaces fiat can you really say it is voluntary still if you need to pay your taxes in bitcoin or whatever currency your government wants to collect to pay for things?
>Furthermore, I take issue with the emphasis on "property damage" as property is fairly meaningless when you fear for your live or live paycheck-to-paycheck. America has an unhealthy obsession with "property damage" as if it should be the driver for any sort of discussion on societal issues, when in fact, it should not be.
Ah right, so the ends justify the means. It is OK to vandalise and destroy a small business if you feel bad and frustrated, but only if you share the corporate-approved politically correct opinion. Do you not see where this road ends?
Completely ridiculous. If a major corporation in concordance with other entities bans speech that does toe the party line - that is quite literally fascism and something straight out of 1984.
BLM and their like was burning down cities for months with support from these same corporates, and that is suddenly OK and not morally questionable because orange man bad? I'm not defending the Trumpers who stormed the capitol, but the double standards are extremely blatant.
I think companies who are operating in spaces that may be targeted for wrongthink (pornography, arms dealers, even crypto to an extent) should seriously consider contingency plans (avoid vendor/platform lock-in, have a backup progressive web app in case your app gets booted etc.) in the event the leftist/SJW/mainstream media mob targets them and kicks them off large platforms (including infrastructure - AWS/GCP/Azure is NOT safe).
>The central bank have not power to stimulate the economy in this situation, that's the reason central bankers are pushing the governments to spend directly.
Sounds very political for a supposedly independent central banking system!
This system is a disgrace and is governed by unelected technocrats who are able to yield a crazy amount of power over the economy without ever being subject to inquiries from the public, all in the interest of experimenting on the population with highly questionable economic models.
In my opinion we would never have been in this situation in the first place were it not for the artificial credit growth and consequent boom caused by central bankers.
>> The central bank have not power to stimulate the economy in this situation, that's the reason central bankers are pushing the governments to spend directly.
> Sounds very political for a supposedly independent central banking system!
The phraseology makes it sound political, but it is not political.
Basically when a central bank cuts its rate down to 0.25%, 0%, or even negative (e.g., Switzerland), it's a signal that the central bank has done all it can do to get the economy going. (There are some other mechanism employed in recent years as well ("quantitative easing"), but the message is the same: we are at the limits of monetary policy.)
After that it is up to governments, if they so choose, to also do fiscal policy initiatives, e.g., Keynesian economics: create economic demand through public spending (since private business spending/demand is in the toilet).
Of course government are free not to do anything at all, which would generally entail lower economic growth and higher employment.
But central banks have a mandate to make sure the economy is in a certain middle-ground: not too hot to induce a lot of inflation, and not too cold to have a lot of people out of work.† Everyone agrees to these goals ahead of time:
> The Federal Reserve works to promote a strong U.S. economy. Specifically, the Congress has assigned the Fed to conduct the nation’s monetary policy to support the goals of maximum employment, stable prices, and moderate long-term interest rates.
The "unelected technocrats" are doing what they were hired to do. They each have a fixed term (though renewable), and if they don't do what they're supposed to they are replaced.
They did not sneak into these positions: they were told to work towards certain goals, and they are using the tools at their disposal. They are no different than the Board of a corporation hired by the shareholders of the company: it's just that the "shareholders" are elected representatives (Congress, parliaments, etc).
If the Board is not doing a satisfactory job it can be sacked with cause if necessary.
† Sometimes you actually have both: see "stagflation".
That's what the site author claimed he does. Others claim that what he actually does is just adding a few percentage points to the official stats[1]. Among academic economists, the site author is largely regarded as some kooky conspiracy theorist[2].
Personally I just see him more as small time business man making a nice living from satisfying some market demand for figures that proof government is lying to you. For those who want to find out for themselves, here's the raw BLS data[3] and methodology[4].
It cannot be repaid, ever, because the interest exceeds the amount of money that is currently in existence, which means they will always have to borrow more money (which is created out of thin air) to service the debt.
Interest on the national debt is $400-$600 billion per year depending on what you count (a lot of it is paid to the federal government itself). It's a lot of money, but it's a small fraction of the federal budget. It's also less than the amount of money in existence - M1 is $5.5 trillion and can easily be expanded, as mentioned.
(It also wouldn't necessarily matter if the interest per year were greater than the total amount of money in existence. If the money supply were $20, that wouldn't make it impossible for me to pay you $21/year; I could pay it in 21 $1 payments.)
>The Fed has doubled (!) the number of assets on its balance sheet by creating new monetary instruments and using some of them to purchase financial assets like treasuries and mortgage backed bonds. In fact, the Fed has created more new monetary assets during the past five months than in 2008-2009, during the worst of the global financial crisis.
This is printing money and it is not inaccurate to say that they have created U.S. Dollars out of thin air to finance their asset-purchases and "lending" (a debt that will never be paid off) to the U.S. government.
Because they are pocketing the difference by arbitraging between the government (who issue the treasuries) and the Fed (who is the ultimate buyer) since the Fed cannot buy treasuries directly from the government. It's just a complicated way for the government to print money and hand it out and in this case banks are able to act as the middleman and earn money on the spread.
It's a disgraceful system that is extremely morally questionable.
Does anyone know if there is a VM vendor that sits somewhere in between a dedicated server host like Hetzner in terms of performance + cost-effectiveness and AWS/GCP in terms of security?
Basically TPM/vTPM + AMD SEV/SEV-SNP + UEFI Secure Boot support. I've scoured the internet and can't seem to find anyone who provides virtualised trusted computing other than AWS/GCP. Hetzner does not provide a TPM for their VMs, they do not mention any data-in-use encryption, and they explicitly state that they do not support UEFI secure boot - all of these are critical requirements for high-assurance use cases.