Let's be clear about what this is: they are charging their customers after their customers have deactivated a service (destroyed a VM) to not create the situation wherein they give that data to another customer later.
What sort of mental gymnastics are required to make that a reasonable choice?
>they are charging their customers after their customers have deactivated a service (destroyed a VM)
They are charging their customers for the number of minutes it takes to safely destroy the VM. This is not a charge for something coming 'after'. It's fundamentally a charge for their actual server use, not a bonus fee.
>What sort of mental gymnastics are required to make that a reasonable choice?
They aren't charging for security, they are giving you the option to buy less server time if you don't need security, or handle it yourself by wiping only the sensitive files. There are no mental gymnastics here.
I think you hit the nail on the head here: offering the option to buy less server time if you don't need to wipe data is probably reasonable.
Now, the problem here is that DO turned that choice around, and are therefore not providing security by default, but offering you the option to pay more to get it.
Additionally, this is poorly advertised (the API docs do not clearly state "Your data may be accessible by other users!"), and that explains why many customers are (reasonably) a bit pissed at DO.
Looking at their pricing page, it looks like an instance with 512MB RAM comes with a 20GB disk. Depending on host load, IO and process niceness etc, I can see a `dd if=/dev/zero of=...` taking ~10 minutes easily.
If the hardware is spending its cycles on your workload, then it definitely makes it a reasonable choice. Its not like they can sell those cycles to someone else until your job is done.
Besides we are not talking about a high margin business here. $5 vms when most providers are charging 4x times that. Its not unreasonable to expect that your going to have to pay for extras. Similar to a budget airline, you get what you pay for. You want a service that includes that cost in your other fees... then use AWS, rackspace or one of the 1000s of others.
The basic offerings should be secure. You shouldn't have to know what all the bits and pieces of a custom interface mean before you start using a service in order to use it safely.
Seriously, there should not be an option "Shall we pass your latent information onto the next user?" left active by default. If people want to save that trivial amount of money, then let them turn off safety themselves.
If you care about your information I think you should also take responsibility for it. I can't see the point about blaming others for their defaults, it is made quite clear when you destroy a droplet.
Hrm, I should also add that for a $5/month VM, 10 minutes of time is worth $0.0012. And that 10 minutes doesn't require the RAM or CPU component, just the SSD, so it's much cheaper than that in actuality. It's silly to squabble over pricing that low. It would take a million destroyed VMs (at list price) for the cost to be much more than what's in the office's petty cash box, and it's worth it for the security implications, not to mention PR.
What sort of mental gymnastics are required to make that a reasonable choice?