Can the vps provider not read everything on your server, unless it’s explicitly encrypted?
I’m asking because I’m interested in self-hosting mainly as a way to get privacy respecting services where good hosted ones don’t exist. I’m not sure I really want to deal with running my own hardware
I’m not talking about snapshots. I’m talking about viewing the RAM of a running instance and having that be useful for anyone who managed to get it. And let me give you two simple reasons why it’s not going to be useful:
Unless you were to go and be on that instance at the exact moment something was happening (or shortly thereafter), that memory is going to be useless.
Now, if someone were absolutely stupid, disabled CPU security extensions at the Hypervisor, AND did something like make a RAM disk and stored something on that-which is really just going out your way to leave a trail-then yeah, maybe you’d get something.
The default of every hosting provider I’m familiar with is encryption by default on absolutely everything from the Hypervisor up except the disk, so I’m seriously doubting the claim of OP unless there is otherwise non-TMB information.
Disk snapshots are another story if unencrypted.
Here’s a snapshot of the memory of a running live cd of Ubuntu. I ran a script to load 0123456789abcdef over and over and it’s clearly readable. Nothing special is required for this, as the Hypervisor has access to anything that the VM does. If the VM loads the encryption key for your disk into memory it will be available to the provider.