Currently, if you want your data to survive instance termination you should store it in an EBS volume. But it's not automatic.. yet. The next major feature we'll add into the Hub is automatic backup and migration which will take care of that usage scenario and many others.
Regarding security, that's a good question. I think it would make a good idea to dedicate a blog post to this but I'll cover the main points right now:
Security background: We, the developers, come from a computer security background. You can Google us to find the full details. For example, Alon, which is the lead developer for the Hub founded a computer security training company. Before that he worked as a penetration tester, and before that he was responsible for network security in the Israeli air force. My background is similar. Security is a big priority for us and we are not naive regarding the risks.
High-level language and webapp framework: The Hub is implemented in a high-level language (Python) using the Django framework. which contains a range of security mechanisms you can use to protect from all sorts of common web application attacks (e.g,. SQL injection, XSS, XSRF, etc.). Using a high-level language wipes out a large class of security vulnerabilities (e.g., issues with out-of-bound pointers, etc.)
Encryption: All of your network traffic to and from the Hub is encrypted.
Isolation: We've setup the Hub to run in a separate server from the rest of our network infrastructure. It's isolated. If the CMS that runs this web site is compromised, or our mail server, etc, that doesn't effect the Hub.
Security audits: We've run extensive security audits on the Hub prior to launch including manual code inspection AND a gauntlet of automatic tools.
Reputation: We have a reputation to maintain and understand the consequences of failure. If the Hub's security fails that will be a huge setback for the viability of the service. This is a risk we take very seriously.
The precautions we're taking, coupled with our background mean that it's far more likely in my opinion that your access keys / credit card / bank account credentials will be stolen via malware running on your PC (for example). Nothing is perfect but if you already accept the risk of doing any sort of commerce on the Internet you shouldn't loose any sleep over the Hub storing your AWS keys.
Note that Amazon allows you to create a separate set of Amazon keys you can use just for the Hub if you believe this reduces your risk. You can then revoke the keys at any time.
Data persistence and Security of the Hub
Currently, if you want your data to survive instance termination you should store it in an EBS volume. But it's not automatic.. yet. The next major feature we'll add into the Hub is automatic backup and migration which will take care of that usage scenario and many others.
Regarding security, that's a good question. I think it would make a good idea to dedicate a blog post to this but I'll cover the main points right now:
The precautions we're taking, coupled with our background mean that it's far more likely in my opinion that your access keys / credit card / bank account credentials will be stolen via malware running on your PC (for example). Nothing is perfect but if you already accept the risk of doing any sort of commerce on the Internet you shouldn't loose any sleep over the Hub storing your AWS keys.
Note that Amazon allows you to create a separate set of Amazon keys you can use just for the Hub if you believe this reduces your risk. You can then revoke the keys at any time.