Linked by Thom Holwerda on Fri 21st Mar 2014 16:56 UTC
Internet & Networking

Microsoft has lost customers, including the government of Brazil.

IBM is spending more than a billion dollars to build data centers overseas to reassure foreign customers that their information is safe from prying eyes in the United States government.

And tech companies abroad, from Europe to South America, say they are gaining customers that are shunning United States providers, suspicious because of the revelations by Edward J. Snowden that tied these providers to the National Security Agency’s vast surveillance program.

Right. Because, as we all know, European governments did not fully comply with the US spying programs, nor have they similar programs of their own.

High time some smart company develops a very simple and straightforward 'personal cloud'; a simple, large box with loads of storage that you dump in the basement somewhere, with pre-configured email, internet storage, and so on. Also offer the ability to have multiple of these things tied to the same account for data duplication, so you can, say, dump one of them at a trusted friend's home. Make it platform-agnostic and encrypted, et voila.

Doesn't sound like something that's terribly hard to do.

Thread beginning with comment 585111
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[5]: Personal Cloud
by ricegf on Sun 23rd Mar 2014 12:00 UTC in reply to "RE[4]: Personal Cloud"
ricegf
Member since:
2007-04-25

I've been fascinated by quantum computing and quantum encryption for some time, but I don't see it as a solution I can afford to deploy today.

Unless you are solving some other logistics problem, I don't think having an "offline computer" enhances security in this case.


Consider the scenario where the computer generating the one-time pad has been remotely compromised - I contend this is not an unlikely case. If online, the pad is immediately copied to the NSA (or whoever). If offline... well, they'd need physical access.

This is the same rationale for keeping the private key for your virtual currency on an off-line computer. Do you consider that to add no value, either? I respect your opinion, but I believe you're missing a significant threat in this case.

I think an SD Card is less secure than transferring the keys to an internal disk/device, consider that the SD card is easier to physically swipe/copy.


One of us isn't thinking this through. Sure hope it's not me! ;-)

Consider my one-time read SD card, as discussed recently on this site (to wit, the firmware in an SD card can be hacked).

If an adversary remotely accessed and copied the SD card, what would that accomplish? When I attempted to establish an encrypted link, the link would fail - the SD card would be blank. This is similar to quantum encryption, which doesn't actually prevent interception of data, it just ensures that you know it has been intercepted (because you can no longer communicate).

I selected a hacked SD card as a cheap way to add one-time read-only storage to the device. If you just stick the pad on your disk, as you suggest, then your server can be hacked and the pad copied. As far as I know, a hacked SD card can't be re-hacked via a remote connection. (I've actually designed a similar system for secure communication in a corporate environment - the hacked SD card is just a cheaper solution that occurred to me while writing earlier in this thread.)

Of course, if physical access to the server is gained by your adversary, the card could be copied and a new hacked SD produced and placed in the server. But then, even if you were using quantum encryption, you're screwed if the adversary has physical access to an end point!

Am I missing something?

Reply Parent Score: 2

RE[6]: Personal Cloud
by Alfman on Mon 24th Mar 2014 03:16 in reply to "RE[5]: Personal Cloud"
Alfman Member since:
2011-01-28

ricegf.

I've been fascinated by quantum computing and quantum encryption for some time, but I don't see it as a solution I can afford to deploy today.


For quantum computing you are right, after hundreds of millions of dollars in research, humanity still doesn't have viable quantum computing yet. However quantum encryption is already here. It is still in the domain of early adopters, but in a few years it will just be another commodity component that we will throw away when it's time to replace our computers (like ram, disk, wifi radio, etc).



Consider the scenario where the computer generating the one-time pad has been remotely compromised - I contend this is not an unlikely case. If online, the pad is immediately copied to the NSA (or whoever). If offline... well, they'd need physical access.



This doesn't make sense to me in context of the previous example though. The online client and server computers NEED copies of the one time pad, this is unavoidable. A compromised server or client will defeat a onetime key pad security regardless of what happens to your offline computer. I really don't understand how the offline computer is going to enhance your security, it's one ADDITIONAL copy of the key pad that you'd have to protect.


One of us isn't thinking this through. Sure hope it's not me! ;-)

Consider my one-time read SD card, as discussed recently on this site (to wit, the firmware in an SD card can be hacked).

If an adversary remotely accessed and copied the SD card, what would that accomplish? When I attempted to establish an encrypted link, the link would fail - the SD card would be blank.



This seems illogical to me. If the legitimate machine can read & use one time key on the SD card, then why can't the attacker? Conversely, if the attacker cannot read the SD card, then how can the legitimate machine do so?


I selected a hacked SD card as a cheap way to add one-time read-only storage to the device. If you just stick the pad on your disk, as you suggest, then your server can be hacked and the pad copied. As far as I know, a hacked SD card can't be re-hacked via a remote connection. (I've actually designed a similar system for secure communication in a corporate environment - the hacked SD card is just a cheaper solution that occurred to me while writing earlier in this thread.)


I'm not really clear what you mean, can you give a link to what you are referring to? When it comes to one time key pads, what security advantage would read only SD cards give you?


Of course, if physical access to the server is gained by your adversary, the card could be copied and a new hacked SD produced and placed in the server. But then, even if you were using quantum encryption, you're screwed if the adversary has physical access to an end point! Am I missing something?


For example, with colocated servers, it might only take 250ms to swipe your SD card without staff seeing. Having an external SD card permanently exposed seems to just be tempting fate.

Reply Parent Score: 2

RE[7]: Personal Cloud
by ricegf on Mon 24th Mar 2014 04:44 in reply to "RE[6]: Personal Cloud"
ricegf Member since:
2007-04-25

Ah, I see where you lost me. I'm not talking about a read-only SD card, but a read-once SD card.

SD cards contain a microprocessor that can be reprogrammed, given physical access to the card. Read this before continuing:

http://www.zdnet.com/sd-cards-hacked-7000024686/

So, a reasonably competent hacker, for little money, could program the SD card to allow data to be written to the card normally, but to delete data as it is read.

Thus, a one-time pad written to this hacked SD card is destroyed as it is used. If your server is hacked remotely, and the attacker copies the one-time pad, he also destroys the one-time pad - so that compromised keys can't be inadvertently used for communication.

This is similar to quantum encryption, which destroys the payload when read (even by an interloper), except that my approach is technically achievable today by a competent hacker for little incremental cost relative to a common personal server.

As to the advantages of an off-line encryption key generator, I can't explain that more clearly than the many papers on virtual currencies, so I'll just suggest that you read those instead. Bottom line is that encryption keys that you really want to protect should be generated offline, and then the private key zealously protected.

Hope this clears up what I'm suggesting. The use of a read-once SD card in this context is an original idea as far as I know, so I understand why you didn't follow. I should have started with a link to the article on hacking the microprocessor in an SD card - sorry.

Reply Parent Score: 2