RIPE discovers that you can skip the HSMs and just use Linux FDE if you define away the problem HSMs solve.pic.twitter.com/LCiqpW3LuA
You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more
You can totally design reasonable systems that use filesystems instead of HSMs, but pretending that FDE somehow solves the problem is ludicrous.
Indeed.
Main value HSMs provide in most uses is process isolation. You can certanly provide key isolation without a HSM. That said a HSM provides other values too, and as a result such approaches are not equivalent to use of a HSM. Either way FDE doesn’t even help with process isolation.
Right, I totally agree with this summary! But you don’t get process isolation with Linux FDE.
In fact, FDE addresses basically none of the risks this key-holding server faces.
For sure. Wasn’t suggesting FDE provides any process isolation.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.