Dubbed TrustedServer, this new server platform runs on system memory without having to rely on local storage devices. In other words, TrustedServer uses the machine’s Random Access Memory (RAM) rather than storing data on physical hard drives.
Built For Privacy-Conscious Consumers
Calling the new platform an “industry-first,” the company stated that TrustedServer stores user data only temporarily during an active session. Because all data is stored in volatile memory, the information is wiped clear as soon as the machine is powered off.
The approach is clearly radically different from the conventional hard drive-based approach which cannot get rid of user data unless it is manually erased or written over once the drive is full. Of course, this older approach poses serious security threats as any breach of these servers could potentially give the attackers access to sensitive and possibly identifiable user data.
Worse still, ExpressVPN said in a blog post, the attackers could even place a secret backdoor, gaining access to the server indefinitely until detected.
To quote the company:
“ExpressVPN TrustedServer technology addresses those security threats by making sure that absolutely nothing—neither information nor intruders—can remain on a server when it is rebooted.”
Network-Wide Upgradation Complete
ExpressVPN also confirmed that it has deployed the new platform across its entire server range comprising more than 3,000 machines worldwide.
To add to the built-in security apparatus, TrustedServer also ensures that all ExpressVPN servers run on the same and most up-to-date software and configuration.
“Each time a server powers up, it loads the latest read-only image containing the entire software stack, operating system (OS) and all. This is similar to how the ‘Tails’ operating system boots itself. In our case, the image is also cryptographically signed by ExpressVPN, and servers will not operate if that signature isn’t valid.”
While TrustedServer might very well be (arguably) the closest the VPN industry has technologically come to delivering a 100% secure server, it is still vulnerable to certain types of attacks.
More specifically, it could fall victim to a Spectre-type vulnerability which involves attackers exploiting a running program to gain access to the system memory. That being said, odds of any such breach happening is comparatively low as it would require catastrophic failures on multiple fronts.
ExpressVPN also said that it will soon publish more details outlining the technology behind the new platform.