Researchers from Microsoft, the University of California, Irvine and Brown University have proposed a technology that should make it harder to derive value from data stored in the cloud. In a paper titled The Melbourne Shuffle: Improving Oblivious Storage in the Cloud, authors Olga Ohrimenko, Michael T. Goodrich, Roberto …
I get the feeling that MS are actually seriously about user privacy if for no other reason than that they know damn well it's a huge USP and also a massive differential from Google who exist because they mine your data.
So I'm not going to sneer at this. They almost certainly mean it.
However, it's still a half measure. There's only one way to restore confidence in the security and privacy of user data on MS's cloud and that, Satya Nadella, is to do the unthinkable and move Microsoft out of the USA.
I know, that's a serious wtf statement, isn't it?
But while MS can be compelled by US law to tell the US government absolutely everything they have on you and even compelled to collect statistics where they would rather (for sales reasons) not, they are at a competitive disadvantage.
So where can they go? Somewhere small. Small enough to be the country's major revenue earner and thus influence legislation away from intrusive.
Nepal might work.
Re: Half measures.
> Nepal might work.
I was considering this statement and realized that actually, Iceland would work much better. And they can have carbon-neutral data centres.
@dogged -- Re: Half measures.
Iceland of course, they've the right attitude too.
It beats me why people use cloud storage at all. Honestly, for 90+% of all computer users, I just can't see any sensible reason for it. On a phone (or equivalently storage-crippled other device), OK, but on a real computer? Why would you want to do that?
It's basically outsourcing your backup. Not in itself a terrible idea.
The obvious, non-storage-capacity related benefit is that I can access my CV or OneNote thingys like WiFi codes etc. when I am not at home rather than leaving my laptop on 24/7 and using remote access (remote access is unavailable to many, many people because of their OS, routers, knowledge etc.)
Other benefits exist like near-total automated recovery after failure/replacement of phone/tablet and zero (monetary) cost.
Apart from that, no benefit at all.
They can look at my data if they want, as long as they don't delete it.
If they do, my laptop has the same image locally, automatically in sync, appearing as part of the file system - brilliant.
Microsoft Research co-develops cloud data scrambler -
Calls it 'Azure'.
It is interesting that Apple, Google et al, can store all their profits offshore out of reach of the US government with no apparent difficulty, but not the customers data.
BTW there is absolutely no truth at all in the rumour that googles new oceanic fibre is actually a Lamson tube for smuggling bitcoins.
Only way to be sure...
...of security/privacy is not to let your data out of your own hands. Even encryption isn't necessarily a guarantee that your data won't be visible to someone, somewhere as a result of spying and malicious back doors. I can't even be sure that a personal cloud server on my own internet connection isn't susceptible to hacking.
Of course, it's all a matter of degrees. There will be some data that isn't sensitive and it doesn't really matter who sees it, but there will be other times when the data is in need of care about where it goes. I might be willing to put a music file or two on a cloud share, but not a CV (too much risk of identity theft). I might be willing to put game saves in the cloud, but not my medical records.
Really not that complicated
You'll need your scientific calculator and rather advanced mathematical knowledge to make sense of the next few of the paper's pages.
Really, Simon? Pages 2-3 have nothing more complicated than some very straightforward big-O complexity formulas and a couple of simple probabilities - the sort of stuff they teach in undergrad CS. Things get a bit more complicated after that, but anyone with the basic mathematical literacy you'd expect from a technical baccalaureate should be able to follow it.
The problem they're addressing is this: You don't want an adversary to be able to discern information about your data by watching your access pattern (traffic analysis). The defense against this is to rearrange the data so your access pattern is indistinguishable from random. This is like shuffling a deck of cards, except that you don't want the shuffling process to be reversible, from the cloud server's point of view, so straightforward swapping-based shuffles won't do. (The server could keep a record of the swaps.)
The conventional way to approach this is to assign a random key to all the records, then sort the data using that random key. That's expensive, because sorting is expensive.
What this team have done is devised a relatively cheap shuffle that doesn't involve sorting and isn't reversible by the server. From the paper: "Our Melbourne shuffle algorithm is instead the first data-oblivious shuffle method that is not based on a data-oblivious sorting algorithm." They also show related results, such as using the Melbourne shuffle with various oblivious access algorithms.
The algorithm itself involves taking N input records and distributing them among N buckets along with a number of dummy records, according to a pseudorandom permutation. That's followed by a "clean-up" phase that removes the dummy records and rearranges items in each bucket into the correct order. The paper has the complete algorithm (along with variants with different performance characteristics), diagrams, etc. Actually understanding it to the point of implementing it would probably require some head-scratching from most folks, but it's hardly the most obscure thing to come down the pike.
- One HUNDRED FAMOUS LADIES exposed NUDE online
- Google flushes out users of old browsers by serving up CLUNKY, AGED version of search
- Twitter: La la la, we have not heard of any NUDE JLaw, Upton SELFIES
- China: You, Microsoft. Office-Windows 'compatibility'. You have 20 days to explain
- Apple to devs: NO slurping users' HEALTH for sale to Dark Powers