As usual, el reg dodged the real question
How will this hack affect house prices?
12 publicly visible posts • joined 21 Jun 2009
There was a chap at work who had a wig. Up until now, that was the least plausible thing I've ever seen in my life. Its just so stupid on so many levels. ASUS couldn't even reflash my BIOS without messing it up with the benefit of source code. What hope for something to have hundreds of BIOS patches, patches for affecting multiple OSes and all ready fit inside one BIOS.
I feel like I'm bucking the general trend here of the comments and about to be shot down. However, I actually agree with the NSA chap that the decision to use SharePoint was an extremely large reason for administrators being able to leak information.
I know nothing about SharePoint administration so I am expecting to be shot down in flames, but to have just a few basic thoughts on how I might design a security focused collaboration tool. I'd probably ensure that all the content was stored and served up encrypted. There would obviously be no need for someone with root on the machines serving content to be able to see the unencrypted content for backup or permission related issues. I'd probably delegate the actual job of decrypting the content that was being served up for particular user tokens to separate servers with more restricted access that only managed decryption and re-encryption of "resource {token} stored on source {token} being requested by {token}" to separate out and simplify the authentication job and limit the attack surface of what actually matters if it is compromised. I'd also probably split up keys storage into a number of different and disjoint fiefdoms under different control and use the academic research on byzantine generals problems to ensure that it required a majority of systems (and people) to be compromised before information was leaked beyond the intended targets.
The point I'm trying to make is that the design of a secure system for the NSA would seem to be very different to (my imagination of) a simple microsoft collaboration tool. It seems they were remiss in going for the easy option and not putting the possibility of spies at the heart of their IT policy. And thank god for that, now we know what we always suspected. :)
Yeah they've got the region "us-east" (virginia) availability zones a -> d. If only one zone in the region went down i don't see this as a real issue. There's a phrase involving eggs and baskets that springs to mind.
I cant see how this would drive people to move to other public clouds for reliability either. At least from the EC2 perspective, Amazon's cloud is failing in the way its advertised to fail. Again with Azure, unless T&Cs have changed since I last looked, you get no SLA unless you've got your stuff deployed in different azure reliability zones anyway.
I wonder why none of them seem to encourage full backups. It seems quite a reasonable use. I've got a couple of TiB of data total, but I bet 95%+ of that is duplicated on other machines with the same old apps, games and pr0n as other people.
I'd be interested to know if any of them were smart enough to recognise that they already had the files you had somewhere (hash it?) on their cloud and not make you upload it if so. The only downsides I can see are:
1) They'd know what files you had, which dependant on how its done with uploads they wouldn't necessarily know.
2) It'd be harder to explain pricing to customers if they started charging for what the service cost rather than just per GiB. It presumably costs them next to nothing to store the same identical file as another 1000 customers have.
Actually it kindof was. Remember that stuff with enhanced mode for 386?
Windows 3.0 had a kernel that ran in 32-bit protected mode and ran 2 subsystems under there. Windows (16-bit) and DOS (also 16-bit). Ever wonder how you could run multiple dos boxes at once? It was pre-emptive multitasking even back then.
Still its all a bit academic given that all the apps were 16-bit cooperatively multitasked...