Interesting topic, especially looking at the current cloud trends. We've been discussing this internally and came to the conclusion, that as long as someone has physical access to a server, he will always be capable of reading the data on that server with more or less effort.

Even using a high level of physical security to ensure, nobody has physical access to the box can be broken with enough time and effort, especially from the people housing the box.

In the end, all you need is trust. If you trust the people housing your box and if you trust their ability to keep the bad guys physically away, everything is fine. If you can't trust them you are lost in any case.

Kind regards,
Viktor

Am 02.06.2012 01:05, schrieb Stanislav Sinyagin:

security by obscurity?

you know, with a JTAG adapter and a bit of knowledge, one can read the onboard flash from those plugs too.

so, probably a better approach is to have a system which doesn't expose your data when the disk is compromised. The simplest example is SSH with public key authentication and authentication forwarding (-A flag).