How does this reassure concerns...
when Google (and anyone they choose) still holds the keys?
Google has tossed a crumb of reassurance to people with cloudy security concerns by adding automatic server-side encryption to Google Cloud Storage. The free security measure was announced by Google on Thursday and spun as a way to "make securing your data as painless as possible," according to a blog post by the company. The …
when Google (and anyone they choose) still holds the keys?
There will be a backdoor for anyone with a 'legitimate' reason for requesting the data.....
Pretty much means any Government Agency that wants to know and you won't even know they are doing it.
Also I'm very surprised the article text itself doesn't contain this info.
" Google has taken a lead on cloud rival Microsoft, which does not offer such a service"
erm no. Microsoft offer StorSimple which is a far more powerful solution - and that uses AES 256 bit encryption....
and Storsimple allows control of the encryption keys...
Precisely my first thought.
Google seems to think that privacy is something we shouldn't expect when dealing with 3rd parties. I'm just surprised that they're taking any steps at all to secure what they're holding.
"the data is automatically and transparently decrypted when read by an authorized user"
Such as the NSA?
Or some other company employee, who just happens to be a hacker on the side. The encryption and all keys should be held only by the person using the service. Otherwise, it cannot be trusted.
I dunno. I am less bothered about "the state" looking through my underwear draw than I am by Google. At least the state is democratically elected, has some accountability and is meant to serve our interests as citizens. Google has none of that.
I feel more comfortable with James Bond occasionally trawling my PC for evidence of spying than Google routinely gouging my whole digital life as a matter of course. Bond is going to ignore your pictures of Scarborough. Google isn't.
"has some accountability"
You don't live in the US do you? :D
If you're a US citizen then you have fair protection against the depredations of the CIA and NSA, even on the cloud or when using your cellphone, and those protections are about to be strengthened. If you're not a US citizen, then you have no protection at all, you're fair game and that will not change.
The NSA, CIA and British counterparts aren't interested in your pr0n collection or your pirated episodes of Lost, unless perhaps if you're someone important and it can be used to blackmail you, so for most of us it matters less that these government agencies snoop than if companies (interested in targeting us with commercials or spam) do - but there *is* potential for it to bite you in the ass nonetheless.
The BBC Technology Editors?
This provides no reasurance... google is the NSA's bitch. They'll decrypt the data for the feds and the langley people when ever they are asked to.
"This provides no reasurance... "
Yes, that was the point of the article. As most reg readers would have spotted.
Read the last paragraph.
@John Smith: no, not really: the last paragraph was about using quantum computing to attack the encryption.
I suspect RISC OS's concern (and certainly it would be mine) is Google just handing over the key to the 3 letter agencies - no crypto attack required.
I have to read the entire article? Pah. I'll stick to reading just the headline and subtitle when drawing my opinion thankyouverymuch.
With it taking place on Google's end, all the reassurances in the world aren't going to make anyone with half a brain believe that they won't provide the NSA access to your data.
Even if they still held to Don't Be Evil (which they clearly abandoned years ago) they could be subject to a secret interpretation of a secret law by a secret court, and be legally obligated to keep the fact they're providing access to the NSA secret. Welcome to the USsr!
Poor Google/Amazon/Apple/IBM and everyone else in the cloud storage game based in the US. They are doomed to play second/third fiddle to someone setting up in Switzerland or an Eastern European country who doesn't have to play ball with the NSA and their Echelon friends.
They don't provide NSA access to the data. The NSA gets it by splitting the traffic going to Google, which is out of Google's control.
Why do you assume this? The documents Snowden leaked made clear that Google (and Microsoft, Apple and others) were actively providing information to the NSA. True, the NSA captures the traffic on the Internet, but also gets help from Google to get the information. After all, splitting SSL traffic isn't going to give the NSA much, but giving them their SSL master key will.
Google's assurances here are worthless, they would be legally prohibited from telling us if they were providing the NSA access to our data.
Problem is encryption can't be on the client side since processing occurs on the server side -- the data needs to be decrypted to be processed.
This is the fatal flaw of the old practice of time sharing computers (time sharing, what is today fashionably called "the cloud").
How do you know?
Just encrypt on the client and don't process on the server then. Though you'd then need your key in the cloud to decrypt to actually make it useful off device for other cloudy services.
Encryption on cloud storage is not really much interest to me. The chances of someone nicking one of their discs and leaking the data, or some member of staff copying it off, is slim or at least prosecutable.
My concern is far more about the device when syncing my private data to the cloud.
exactly - if you don't control the encryption then it is as good as plaintext.
What sort of attacks is this cloud encryption meant to prevent? Why are they only using 128bit AES?
I use Google Drive, which is likely not the same as Google Storage. Everything sensitive I store on Google Drive gets run through Syncdocs first to AES256 encrypt it.
So many people here with data of such importance that the NSA is eager to get their hands on it.
I feel so humble.
I would say that the larger-than-average number of programmers, administrators and other IT-types on this site means that there are a quite high proportion of people here who will be accessing sensitive data as part of their job, and may not want state sponsored industrial espionage ruining their day.
Just because it's the IT equivalent of Seal Team Six, doesn't mean you don't put boobytraps on all the doors and a few hundred kilos of anfo buried in the yard. Don't make it easy for 'em.
Please consider the way this situation allows govs to know most of what you do or think. Think gerrymandering on steroids. Or the way this shit can be used to perform industrial espionage on other countries, including but not limited to western democracies -It's in the PRISM mission statement, for Chrissake!-.Think about blackmail to politicians, journalists and civil servants...
If you think you can have this and a -more or less- working democracy at the same time, you're delusional.
I guess you have not been following the news much since you don't know what the NSA is doing.
The NSA has incredibly low standards in what it considers relevant information on terrorism.
You, me, everyone here is within 3 hops of Snowden. (I post in Ars Technica Forums, Snowden apparently posted there too, and you and me post in forums here. I also imagine that The Register, like every other newspaper in existence, has one or more journalists who are on the same mailing lists as Robert Greenwalt: unions, press associations, press release bureaus.)
This means that even if we were US-persons (i.e. real humans entitled to human rights) the contents of all our emails and data would be accessible without warrant by the NSA under its interpretations of the rules.
You, me and everyone here -- mundane as we our lives are -- exceeds the NSA's minimum level for being actively spied by humans upon without warrant.
Everyone on the planet exceeds the NSA's minimum level for being actively spied upon by machines without warrant.
So unless your definition of "exalted" includes "everyone on the planet" your incorrect in your assumption.
This is kind of the same argument as "if you have nothing to hide..." argument.
The NSA, I would think, have no interest at all in my data. But the point is that isn't stopping them collecting it, just in case, or giving themselves the legal right to collect it at any point they like in the future. I have to just like it or lump it, and trust that the governments never ever use it for any other "War Against ... " project they dream up in the future. And by that time it will be pointless to complain, it will already have happened.
The time to put at stop to it is now.
And let's not forget that in times past people have been subjected to the very worst treatment for the simple 'crime' of wearing spectacles, this happened in Cambodia under the Khmer Rouge and in China during the Cultural Revolution because needing eyesight correction was seen as the mark of an intellectual and we all know that the thinking people are not wanted by those that like power.
It isn't difficult to encrypt the most sensitive data yourself and then store it remotely, but it doesn't help you to keep it out of the clutches of the government because of legal compulsion. Ultimately rubber hose cryptanalysis would nearly always win, but ephemeral keys and perfect forward secrecy should help a lot with data in flight. It's the stuff you need to store and access later that is a problem.
It isn't perfect, but its better than none.
As long as you don't hold the encryption keys, you may safely assume there is no encryption.
Yesterday Google's users had no expectation of privacy, today they're talking crypto. What changed Google?
"Yesterday Google's users had no expectation of privacy, today they're talking crypto. "
It's no contradiction. The flow is like this:
1. user uploads data
2. Google indexes on the fly (for targeted ads... I mean... search)
3. based on keywords (or context) NSA might receive a message/copy
4. data is encrypted with a key Google controls
5. data is stored
NSA, or even some Hollywood film studios or any other paying customer's of the US gov want access? Google has the keys and will happily provide any files you thought were safe, if that didn't already happen in step 3
I would have been laughed at for posting this 6 months ago. Now it doesn't seem so unreal any more, does it?
Google signed its own death warrant yesterday when it said users (i.e. customers) has no expectation of privacy.
Sure they said it regarding a different product, a "free product" but it reveals a corporate attitude that has little or no regard for client confidentiality.
How could any one explain to their VP, CEO or board of directions why they trusted Google with company data?
I don't even trust their search engine on my personal computer at home any more.
Google's legal team doomed itself by revealing Google ethics to the business community.
All users of email must necessarily expect that their messages will be subjected to automated processing. This is the price we pay for not having an inbox full of spam. There is legally no difference between a spam filter performing statistical analysis of text looking for tell-tale signatures of spamminess, and advertising filters performing statistical analysis of text looking for tell-tale signatures of personal interests that can be used to better target advertising.
That I suspect is what Google means when it says that customers have no expectation of privacy, and they are entirely correct. All mail handlers read your mail, but only the government employs humans to do it.
BTW As I'm presuming most of you are not posting from within the US you are by NSA rules
subhuman scum furriners, whose data they can study and mine at their leisure, not like American citizens.
Who'd they'd need to get one of their sister agencies abroad to trawl through instead.
Could we get the Google definition of "an authorized user"?
"Could we get the Google definition of "an authorized user"?"
Check their T&C's, quoted up stream.
Of course THE PATRIOT act makes pretty much any part of the USG an "authorized user."
The most interesting and reassuring word in this article is "crumb".
Do they encrypt before or after making a copy and sending a copy to the NSA ?
To write a chrome plugin that handles en/decryption client-side as a wrapper to Google Drive
Possible, surely, unsure off the top of my head exactly what'd be needed to achieve it beyond some download hooks.
Full disclosure: our specialty at Porticor is key management for cases like this e.g. we have a solution for Amazon AWS S3.
It is gratifying to see so many people pointing out the need for key management. We have actually been working on that for several years - before the NSA / PRISM / Snowden scandal put the limelight on the topic.
There are solutions that can allow you to control your data e.g. in S3 with keys that are outside the cloud. Today it is technically feasible to homomorphically encrypt the KEYS before they enter the cloud. http://www.porticor.com/homomorphic-encryption/
The definition of Homomorphic encryption you have on your web site is incomplete. Yes, that system can do processing on encrypted data, but what you fail to mention is that requires an algorithm where no two resulting encrypted pieces of data have the same result.
There is no current homomorphic algorithm that guarantees no duplicate results. If there were, a Nobel prize would be hanging on your wall.
Oh and you can't do square roots with H.E. yet either.
This is a completely meaningless change since Google is:
* Fundamentally a US led company with close ties to their security services. The NSA and friends still have full access to your data.
* Well known to co-operate with other countries law enforcement and censorship efforts as well (eg China and others)
Cloud vendors don't like client-side encryption because it prevents them from
gouging deduplicating your data.
with valid indexes which remain valid.
I think that's pretty challenging but it's the only way. I am clueless how you would do this.
*What? You didn't realize how much info you can get off that metadata?