thoughts on security of running bitcoin-bash-tools in google cloud shell ephemeral mode?

[petjal]

To me, for regular low-value-target folks, using bash in google cloud shell ephemeral mode seems like a reasonably secure way of using bitcoin-bash-tools.
https://cloud.google.com/shell/docs/using-cloud-shell#choosing_ephemeral_mode

Indications

• if you don't have or can't trust your local host instance command line bash (example: my Chromebook)
• if you are unable or unwilling to boot from trustworthy-enough fresh clean media

Process/thoughts

• can start from any fresh clean local host instance (example: Chromebook Guest mode)
• tls security is pretty good
• google infrastructure security is pretty good
• fresh clean remote vm security is probably pretty good
• easy to install or import any tools needed ("dc", gpg public keys)
• can pipe bitcoin-bash-tools output directly to gpg public key encryption (no leaking of secret output or password entry)
  • then send encrypted bundle elsewhere
• security of remote vm wiping at end of session probably pretty good

Contra-indications:

• not for use by high-value targets of nation states

What do you think? What am I forgetting?

[grondilu]

I really don't see why anyone would trust Alphabet more than they would a local machine with a standard GNU/linux OS.

But who knows. I actually don't know much about security. What I believe in this regard is kind of based on my gut feeling.

I wouldn't use any cloud service to generate or handle private keys. I think there are people who only use offline computers when dealing with private keys. It all depends on your level of paranoia.