I've applied a change in Ansible at 99616d0c80b0b11211a1ed8fba160af7f79e9409 and hope to see a change in dopy as well.
Meanwhile, I'd welcome feedback about whether this warrants continued inclusion in Ansible, as I do view inclusion on the "cloud" sidebar as something close to advocacy, and simply cannot fathom the conscious design decisions made in the above blog post and especially the denial of the breach. Thoughts welcome. On Mon, Dec 30, 2013 at 7:47 PM, Michael DeHaan <[email protected]>wrote: > This is not explicitly Ansible related (we'll be making a code change > because of it) but is worth sharing as I know there are a lot of Digital > Ocean users out there who may have not seen this report: > > https://digitalocean.com/blog_posts/transparency-regarding-data-security > > It turns out digital ocean has not been erasing past customer disk space > before giving customers new virtual instances, which makes passing an > optional "scrub" flag on deletion important -- something we weren't aware > Digital Ocean was not doing on machine creation and did not have as part of > our community module (like fog). > > Here they are wrongly placing blame on various client libraries for not > passing a flag that should have a sensible default in the API, but that's > beside the point -- scratch space has not been cleaned up on machine > creation in the past, and regardless of provider, your data with this > particular cloud provider is not safe. > > Note: we do not host any of our infrastructure on Digital Ocean and I'm > seriously considering whether we keep modules in core for this. Here was a > past issue: > https://www.digitalocean.com/blog_posts/avoid-duplicate-ssh-host-keys > > > -- > Michael DeHaan <[email protected]> > CTO, AnsibleWorks, Inc. > http://www.ansibleworks.com/ > > -- Michael DeHaan <[email protected]> CTO, AnsibleWorks, Inc. http://www.ansibleworks.com/ -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
