Popular VPN provider ExpressVPN has introduced a new server platform called TrustedServer, one which runs on system memory (Random Access Memory) without the need to have local storage (hard disk drives or solid state drives).
Doing so means that as soon as a computer is shut down, all the information on the server vanishes and cannot – in theory – be recovered. The next time the server is rebooted, a fresh version of the stack (the operating system and the VPN infrastructure running above it) is spawned, like a brand new PC.
This is an inhouse technology developed by ExpressVPN, an industry first for the market, but one that has proved popular in enterprise where in-memory computing (IMC) helps businesses speed up transactions- SAP HANA relational database management system being perhaps the most well known example.
A new dawn in privacy for VPN
The software stack has been deployed on the entire server range (3000+) that ExpressVPN operates and comes from a single cryptographically signed read-only image, which eliminates any risk associated with misconfigurations or obsolete/unpatched software.
This approach, ExpressVPN explains, is different from traditional containerization on bare metal servers as there’s no host OS to speak off as the stack integrates the host OS and is loaded every time.
The TrustedServer initiative brings the concept of a 100% secure server closer but is still – technically – vulnerable to Spectre-type vulnerabilities when an attacker uses a running program to access the system memory. But the chances of this happening are infinitesimal and would first require a catastrophic chain-of-events to happen.
ExpressVPN has confirmed that it will be releasing more details about TrustedServer and we will amend this article with relevant updates in due course.
- ExpressVPN is currently ranked as the top VPN in our best VPN buyers guide and they've let us have a special offer just for TechRadar readers…