Reply to post: Re: "perceived threat from foreign companies ripping the government's current regulations to shreds"

May: UK data slurp law is fine, but I still need EMERGENCY powers

Anonymous Coward
Anonymous Coward

Re: "perceived threat from foreign companies ripping the government's current regulations to shreds"

What does "ripping the government's current regulations to shreds" mean,

Moving to AES256 on all server to server connections which in the absense of heartblead (or using gnutls negotiated keys) is proving to be a bit tedious to crack brute force for _ALL_ communications.

Up to 6 months ago the boys from Glostershire could snoop on anything and everything traveling in Amazon, Google, Yahoo, etc internally by tapping into the correct dark fiber. While this tap is not useless today (you can still apply brute force if you know where to look), it is proving not as useful as it used to be (when everything is encrypted and you no longer have the exploits to give you the keys you can no longer read everything).

This is one of the problems with total information awareness. It is like absolute power - corrupts absolutely. If someone suddenly turns the lights off you panic.

So all we need to know is who turned on internal datacenter-to-datacenter encryption this month. Google already had it, Yahoo already had it, Microsoft already had it. This leaves the odd man out (who also does not speak about the encryption of its internal comms) - Amazon. It is also a particularly interesting object for "information awareness" freaks as it yields economical espionage (on all those corps using public cloud) as well as espionage against the conventional set of targets already on the hit list - Greenpeace, rights groups, Liberty - you name it. They are all Amazon users.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019