Open main menu

Linux and Unix Users Group at Virginia Teck Wiki β

Changes

Hosting

97 bytes removed, 16:37, 25 September 2013
Digital Ocean
* For some reason, [http://digitalocean.uservoice.com/forums/136585-digital-ocean/suggestions/2814988-give-option-to-use-the-droplet-s-own-bootloader-?page=1&per_page=20 the VPS's bootloader is not used] so users must explicitly prevent the Linux kernel from updating in their package manager. This is particularly concerning because users must wait for DigitalOcean to provide updated kernels after vulnerabilities are discovered. In the case of CVE-2013-2094, a new kernel was not available for over a week.
* Users are limited to the images provided by Digital Ocean and cannot upload their own ISO or use a custom kernel. BSD, Gentoo, and many other Linux distributions are not supported.
* Root passwords are emailed to users in plain text, and [http://digitalocean.uservoiceunless you set up public key authentication.com/forums/136585-digital-ocean/suggestions/3566070-add-a-checkbox-to-not-email-root-password there is currently no way to disable this feature]* There appears to be Initially, there was no network isolation for at least some and it was possible to ARP spoof users, as determined by an IPv6 broadcast pingon the same LAN. ARP poisoning is likely possibleThis problem has now been resolved.* There is currently no bandwidth measurement(but you are not billed for bandwidth either)
* No IPv6 addresses are provided
* In the past, DigitalOcean reused disk images between customers without securely wiping data. This enabled one to extract sensitive information by running <code>cat /dev/vda1 | strings</code>
Anonymous user