Re: Werner McGoole Re: Clouds - nope!
"But if you read about the cyberwar capabilities the US has and is planning to extend, you start to realise that data may be no safer on your own system than in the cloud anyway....." You need to start thinking about how the NSA et al will be targetting clouds, how they will be selecting targets for more aggressive monitoring and possible hacking. I expect their selection criteria will be something like this:
1. Are the actual cloud systems in a non-friendly (i.e., one that does not allow NSA/GCHQ snooping)?
2. Is the cloud provider owned or funded by a person or persons of interest (at the moment, that probably includes being funded by a Qatari-based investment bank)?
3. Do other people of interest already buy services from that cloud?
4. Are there encrypted streams not using OTS encryption tools exiting or entering the cloud in question (and where do they go to)?
5. Do any of those encrypte streams exit to TOR, non-friendly nations, or other clouds/companies/people already of interest?
Other possible reasons for the NSA to take an interest are if your cloud provider employs only foreigners from certain groups (such as Pakistan). Whilst you may not know these thing when you sign up for a cloud, and they are unlikely to tell you up front as your legitimate business may be being used to provide cover for their nefarious activities, when the Police turn up with a search warrant it is your business that will be offline whilst all the servers and storage are searched.