No sniffing allowed
Google won't like that one bit
Computer scientists in Ireland have developed a technology for Google Docs that allows for the "real-time" encryption of data before it is uploaded to the Google servers. The CipherDocs system, developed by computer scientists at Trinity College, Dublin, is designed so that Google would not have access to the keys necessary to …
British courts can order someone to turn over the encryption keys for their data. There's no fundamental right to silence, to prevent self-incrimination, as there is in the US. British courts really can force you to choose between imprisonment for contempt of court/obstructing the course of justice or for whatever it is you're being charged with.
Your company allows you to post/backup/distribute sensitive material through 3rd party services like dropbox and google rather than their own sftp ?
If ever need be, i heard you could encrypt archives for just the occasion...although its a good idea, i dont see it being needed/used in business environments, but maybe thats just my opinion.
Dropbox "saves" space and bandwidth on their servers by scanning files / checksumming them so it's not necessary to upload or store a file if another user has already uploaded that same file. If I encrypt a bunch of mp3 (or other files) then the output will be different for each user, so Dropbox's storage costs could increase, passing that increase to Joe Public.
... it leaks quite a bit of information, so doesn't really provide any confidentiality to write home about, much less stake anything important on. In roughly the same sense that encrypted voip (and skype) might be encrypted, but boffins recently figured out (as was reported by el reg too) how to turn it into a transcript with high probability nevertheless.
So it's an interesting idea but despite using "AES" not quite strong at all, for now. And that's before considering all the mayhem and havoc possible with javascript. Right now this is really nothing more than a proof of concept. Caveat emptor, do not use in production, etc.
Other than that, people have burned more cash on lesser ideas. It'd be interesting to see if they can come up with something more robust, something actually usable, because $deity knows we could use it.
Info is certainly leaked - timing patterns plus formatting information. I think this is mentioned in their FAQ. Also there is no security against active attacks. Might be interesting though for specific sensitive fields like social security numbers etc..., but at the moment this beta shouldn't be used for confidential info.
I like the nuclear option better.
http://www.rustprivacy.org/TakingWorkHome.pdf Wrote this 5 years ago. It's not hard to set up OpenOffice to redact either ODT (text) or ODS (spreadsheets).
It's so much more fun to exercise the "right to be forgotten" by letting them vacuum, then posting the redacted document in the same place, and letting them vacuum again overwritting the "old" information.