Google To Encrypt Cloud Storage Data By Default

jfruh writes "Worries about snooping are now a permanent part of our computing landscape, but Google is attempting to ameliorate those fears by encrypting all data on its Google Cloud Storage service by default. Data is encrypted with 128-bit AES, and you can manage the keys yourself or have Google do it for you. A Google spokesperson said that the company "does not provide encryption keys to any government."" (Also at SlashCloud.)

what about decryption keys

or the government's non-power-of-2 computers

Re:what about decryption keys

They don't provide any keys. They provide the decrypted data.

Re:what about decryption keys

That's funny, because here I thought that Google's Cloud Storage was going to be hosted in NSA's new data center. Brilliant really. Why bring the NSA to you when it's less trouble to let the NSA host your shit for you.

Re:what about decryption keys

Its AES. Its a symmetric-key algorithm. The encryption key is the decryption key. Whats with all the jokes about decryption keys?

Anyway, you can already do this for Chrome's sync data. I setup a pass phase for my sync data thats only known to my browser, and never sent to Google. Of course, that means I trust Chrome, but at least I don't have to trust them to protect the data on their end.

This (letting the user hold the keys) is exactly what we should be rooting for. I'm amazed how negative the posts here are.

Re:what about decryption keys

[maxwell+demon]

Where are the keys generated? If they are generated at Google and then transmitted to you, then this doesn't really give additional security. Only if the key is generated on your computer and provably never goes to Google, it gives better security than just trusting Google. Of course that means you have to manage it yourself (back it up — not on the cloud, of course —, copy it onto all of your devices — again, not per cloud synchronization, but either through a direct encrypted connection like ssh, or in a way not involving the internet (e.g. per LAN or USB stick). Any solution that doesn't give you that burden also doesn't give you the associated security.

Re:what about decryption keys

[rtfa-troll]

If you manage your own keys and you use a client that isn't written by Google, how does Google get at the decrypted data? As I understand the system there's nothing they could do and they do allow third party clients?

If so it would be a very good reason to insist your cloud data provider is not the same as your OS vendor. In the end though it's your OS vendor you have to trust for everything since they clearly do have (indirect) access to the keys. Another good reason to use Ubuntu rather than Windows or Cyanogenmod/Replicant rather than Android I guess.

Re:what about decryption keys

[Znork]

According to TFA and the blog post it's server side encryption. Which, of course, does absolutely nothing for security as the NSA will just get the data before it's encrypted.

If you don't want your data read you encrypt it before sending it to someone else.

Re:what about decryption keys

[rtfa-troll]

I guess you are saying that this:

"Of course, if you prefer to manage your own keys then you can still encrypt data yourself prior to writing it to Cloud Storage."

is meaningless; In other words, what they are saying is just that you could encrypt your whole file, not that you can encrypt your whole storage remotely?

Re:what about decryption keys

[kangsterizer]

Most of the people will have "google managing their keys". Which means google has both keys and data. Which doesn't really help more than before.
For users who are advanced enough to set their own keys, nothing changed.

Re:what about decryption keys

[DrXym]

Its AES. Its a symmetric-key algorithm. The encryption key is the decryption key. Whats with all the jokes about decryption keys?

And the fact the keys are symmetric and held by Google renders the entire exercise entirely worthless. If Google have the key to encrypt/decrypt data then they can just hand it to the NSA or whomever at the same time they hand over the data.

The proper and correct thing to do is to provide a pluggable API in their client apps that allows an extension running client side to manage the key and encrypt / decrypt the data. And similarly for their cloud APIs for languages like Java.

Google would have absolutely no idea what the data contains and absolutely no way to retrieve it either. It might mean certain functionality in their apps / services is affected in some ways (e.g. encrypted folders are inaccessible via a browser) but I assume they could spell out the consequences and people motivated to encrypt data would recognize those limitations.

Re:what about decryption keys

According to TFA and the blog post it's server side encryption. Which, of course, does absolutely nothing for security as the NSA will just get the data before it's encrypted.

If you don't want your data read you encrypt it before sending it to someone else.

...a nd just to make 110% sure nobody else can read your data, Google will be handing the NSA copies of the encryption keys.

Re:what about decryption keys

well, i was thinking.. it's a new feature so they haven't yet been asked for customer or master keys.

Re:what about decryption keys

It's useless anyway unless the data is encrypted on your machine before upload. If it's encrypted after the upload, then they're probably siphoning off a copy for fun and exciting law-breaking (a.k.a. wiretaps).

Re:what about decryption keys

If they did this, how would the index or process it? Of course these are services given in exchange for privacy--for some kinds of data it's worth it, for others it's not.

Re: what about decryption keys

Yes, for a minority of users nothing has changed.

Re:what about decryption keys

[yamum]

Google would have absolutely no idea what the data contains and absolutely no way to retrieve it either.

They could ensure the first n bits of the data are exactly the same (a header, meta data etc) making brute forcing so much easier.

Re:what about decryption keys

[DrXym]

Well that's the point. People would have to decide if the data is worth protecting. If they share it with Google they are essentially sharing it with any government party which has reason to take an interest in it. Maybe that doesn't matter if you're storing weather readings. It might if you are storing personal data about or produced by people.

Re:what about decryption keys

[IMJustinKern]

the essence of zero-value encryption ... I do wonder if this is really changing any minds on the business side, or if their eyes already glaze over at the mention of encryption?

Lies Lies Lies

Just like how they already lied the first time. Lies Lies Lies. But I don't care. Go ahead and do that NSA thing.

Re:Lies Lies Lies

Of course it WILL be encrypted, no lie. Though..

Re:Lies Lies Lies

[onyxruby]

That this comment got modded +4 insightful shows how far Slashdot has fallen.

Re:Lies Lies Lies

[gnupun]

Server-side encryption is for the stupid and naive people. The cloud is just a lame service designed to spy and steal your data.

Re:Lies Lies Lies

Lies indeed.

And 128bit keys, seriously? That's a joke, and they know it. They know the NSA will have little trouble with that.

Re:Lies Lies Lies

Of course, because when they comply with a NO-MENTION-ORDER they simply will not tell you they cooperated and stolen your credentials to access the data.

Re:Lies Lies Lies

You mean +5 insightful !

Re:Lies Lies Lies

Just like they lied about no reading your email. Just like they lied about not tracking MAC addresses and IPs. On and on and on. Fuck Google.

Re:Lies Lies Lies

BRAVO! BRAVO! Now just lose a 128 bit long and LOSE all those texts AT ONCE!!! A plaintext copy MUST be kept outside the system for REAL data security or it can be lost just like that. Try reading your own encrypted texts from a corrupted and recovered hard drive, eh? - djb

Re:Lies Lies Lies

In all fairness, making nonconstructive comments instead of making a more complete comment explaining yourself or your problem with the post. is helping to prove some of the problems with slashdot.

Why should we trust you?

[Mr.+Freeman]

And we have what guarantee, exactly, that they're telling the truth?

Re:Why should we trust you?

its the decryption keys i worry about most.

Re:Why should we trust you?

You have the keys. Simple enough.

Re:Why should we trust you?

They still hand data over to the government.

From the article:
A Google spokeswoman said via email the company does not provide encryption keys to any government and provides user data only in accordance with the law.

"Our legal team reviews each and every request, and we frequently push back when the requests appear to be fishing expeditions or don't follow the correct process," she wrote. "When we are required to comply with these requests, we deliver it to the authorities. No government has the ability to pull data directly from our servers or network."

Re:Why should we trust you?

AES is symmetric
decryption key = encryption key

Re:Why should we trust you?

[maxwell+demon]

Well, the question is whether only you have the keys.

Re:Why should we trust you?

... because if they're not, that's fraud and they could get into some serious shit?

Re:Why should we trust you?

[hutsell]

And we have what guarantee, exactly, that they're telling the truth?

Following up on your rhetorical question: None really; that's why the expression "Trust, but verify." exists. Without some type of enforceable checks and balances in place, our only hope is for the operators to be benevolent. Even then, we're not in the decision making process; they may think their decisions are in our best interests and we might be lucky enough once in awhile for it to be the right one. Usually though, without informed personal experiences to temper the outcome, it won't; especially if there aren't any incentives to be benevolent.

What would happen if someone figured out a perfectly enforceable verifiable transparency without creating any compromise — and they still don't want to do it? For myself, it would confirm what I've always strongly suspected: Any modicum of accountability has disappeared. There're too many disinterested well financed draft exempt connected families in government, snickering behind our backs about what they do and say to the rest of us. Someone will probably yawn out, "We're not doing it. Your problems are none of our business. Love it or leave it."

Re: Why should we trust you?

Like some serious shit the NSA's head has got into for lying to Congress?..

Re:Why should we trust you?

[jones_supa]

Yep, there's the catch. They don't pre-emptively give encryption keys or direct access to their servers. But when specifically requested, they will deliver anything requested in a pretty package.

Re: Why should we trust you?

i am not sure that question is rhetorical, and i am not sure why people use the phrase "to answer your rhetorical question" except to imply indignation. But more importantly, your answer is to rely on a quip dreamed up by a hollywood actor and fed to another brood of unsuspecting dolts who lapped it up. I remember seeing Reagan utter the "trust but verify" line. It drew an immediate laugh from me, as I recognized instantly the millions of sheep on both sides that just had the wool pulled over their eyes again. Your dependence on it as meaningful phrase to justify an equaly absurd problem is laughable

Re:Why should we trust you?

But when specifically requested, they will deliver anything requested in a pretty package.

It's naive to think ANY company will refuse the government. If it's legal then you need to change the law, if it's illegal then you need to expose the government in the act and drag all those responsible into jail. You should not expect a for profit company to fight for your liberty.

What you SHOULD ask for however, is provable cryptographic algorithms that work end-to-end and refuse business to companies that don't provide it. "Encrypted cloud storage" is a bogus technology with an unclear threat model. Who is the enemy, Paco the janitor with server room access ? For any worthwhile enemy like the government, competitors or Google itself, the fact that Google needs the key to provide the service is a fatal weakness that breaks any security.

What you should ask for:
  - Perfect forward secrecy for transport (HTTPS with ECDHE key exchange). Even if the government has a copy of all SSL certificates in the world, they can't sniff data at major internet exchanges. They need an active attack (MIM) that would be easily detected if done on a wide scale.
  - Opportunistic encryption everywhere, with zero key maintenance. Again, MIM is possible but unfeasible.
  - Encrypted communication which is decrypted only on the customer's machine (HushMail, cryptocat). Google will never provide this willingly since it drastically limits their data-mining opportunity

  - Anonymous payment and usage, no tracking cookies, no tracking browser signatures (bitcoin, no 3rd party cookies, panopticlick)

Put your money where your mouth is and companies will start implementing a free internet and "cloud".

Re:Why should we trust you?

Last time I read the scoop of what happens when a company is blocking something the government wants or needs, the government doesn't threaten the company with prison, but some human person in charge. This is astronomically larger than teaching someone to pass or fool a lie detector test, right? That is why this is a little hard to believe.

Re:Why should we trust you?

[AmiMoJo]

It's hard to see how they could get yours keys without someone noticing. The client software will be scrutinized in detail by various third parties to verify it does what it claims to do. If they locally generated key is ever sent over any network connection we will find out about it pretty quickly.

The more attack vector is a flaw in the implementation of the crypto that gives the NSA a back-door even without the key.

Re:Why should we trust you?

[jalopezp]

It's hard to see how they could get yours keys without someone noticing.

RTFA, they're using server-side encryption. If they don't get your keys, nothing is encrypted. They also say that if you like, you can manage your own keys. But obviously there's nothing stopping you from doing that anyway.

Re: Why should we trust you?

[hutsell]

The purpose in the first part of my reply was to express that I was not oblivious to and in agreement with the point being made in the question's intent posed by the parent comment. It had nothing to do with the improperly used sophomoric indignation done by some people to counter an idea they disliked. I've rarely used the word with others, perhaps at most 3 or 4 different times in my life; once in writing — the one (properly used) in the previous comment — and the rest verbally (and improperly used) as a way to "diplomatically" challenge a stranger or the police checking me out with a fake question. Regardless of the meaning's accuracy, this is what it was supposed to have meant.

This seemed to be a polite way to segue into the remaining part of my comment: opining about trust being relative to how much risk is involved on what's being gambled. The idea of the phrase, represented as a sound bite, has been around for a long time and used by a lot of people with differing political views; it's originally attributed to the Russian people. I'd forgotten it had been used by Reagan as a slogan (he didn't dream up) when dealing with the Soviet Union. There wasn't any intent meant on my part to support the idea by identifying it with Reagan, then subsequently getting side-tracked with debatable qualities of unrelated issues about his Presidential accomplishments.

In hindsight, it would have been better to have replaced the unsuspected "loaded" terminology done to shorten writing time in my previous comment with a type of definition that's personalized as a descriptive phrase. It may or may not work. However, since it's something I'll consider from now on, perhaps I'll find out then, when there's a next time with similar conditions. (Fwiw, I know this is a standalone reply, since an AC doesn't get an email notification. The clarification is done to avoid the slim possibility of getting improperly tagged with inaccurate spin. It's also possible the AC is the parent comment, but making that assumption and replying to it instead would create ... problems.)

of course not

Of course they don't provide encryption keys to any government, they just hand over the plaintext.

Patriot act?

[hilather]

A Google spokesperson said that the company "does not provide encryption keys to any government.""

As Google is a U.S. based company, I'm pretty sure this is a bald faced lie due to the "Patriot Act".

Re:Patriot act?

Read what he quoted again; it has nothing to do with encryption being legally forbidden.

Re:Patriot act?

[Darkness404]

Since when does the FBI/CIA/NSA care about laws? As long as there isn't another Snowden, the media will ignore it and anyone who says otherwise will be dismissed as a mere conspiracy theorist.

Re:Patriot act?

[rahvin112]

Conspiracy theorists give people that expose real conspiracies a bad name. When you have crackpots out there claiming the moon landing never happened and other such BS the real conspiracies are lost in the noise.

There could even be a government conspiracy to hide real conspiracies in the noise of fake ones. Or it could just be a bunch of nut jobs with paranoia, I put my money on the nut jobs..

Re:Patriot act?

[maxwell+demon]

But I can prove the moon landing never happened! Because otherwise they would have found the Nazis hiding on the moon and waiting for the chance to come back! And BTW, the Nazis have made a contract with the aliens which guarantees them exclusive access to the moon. Any attempted landing by anyone but a Nazi on the moon would cause an alien attack. That's the true reason why the Americans hired Wernher von Braun: They tried to convince the aliens that it would actually be the Nazis landing if the US land on the moon. But the aliens are not that easy to trick. Kennedy was the driving force behind the moon landing plans and couldn't be convinced to stop the efforts, therefore the aliens arranged him to be shot (yes, it was aliens who were on that hill). The following president had a problem: They knew a landing was no option, but they couldn't just tell the people that the aliens won't allow it, given that the existence of aliens was top secret. But they also couldn't think of a good public reason to stop it. Thus they decided to fake it. The Russians came to similar conclusions. The reason why the USA won the "moon race" was that while the Russians had the superior rocket technology, the USA had the better filming technology, thanks to Hollywood. The aliens helped with the fake by actually sending the pre-recorded signals from the position where they had to originate, so everything looked real. The rocket starts were real, but the space ships actually entered an earth orbit and switched to silence on earthly communication channels; they could still communicate using alien communication technology which was not detectable by amateurs. The aliens took the part of sending the pre-recorded messages and images, as well as as relaying any live communication as needed for keeping the illusion, from exactly the places where they should have come from had the moon landing actually been performed. That's why nobody could notice the fake by checking the origin of the signals.

SCNR ;-)

(And for those who didn't get it: None of the above is meant seriously, of course.)

Re: Patriot act?

"And for those who didn't get it: None of the above is meant seriously, of course."

This is /. most of know a good joke when we read one. No need to let the cat out of the bag.

Hmmmm...wait a second. It's a double reversal. *smackshead*

You are in on it. You know something. The truth is out.

Re:Patriot act?

[aaaaaaargh!]

You'd be wrong if you believed that. There's no law that says they can't encrypt a users data.

Nice phrasing. But there is a law that says they have to decrypt it for the US government without anyone ever telling about it, which is exactly the reason why Lavabit and Silent Circle gave up their business.

Re:Patriot act?

I thought nazis were supposed to be at the center of the earth.

Re:Patriot act?

[Larry_Dillon]

They way this usually works is the precise statement is true, but they leave the encryption keys where the government can find them.

does not provide encryption keys

Until they receive a National Security Letter and a gag order to boot.

Re:does not provide encryption keys

The Patriot Act(tm) does away with the need for a National Security Letter, and the gag order is automatic.

Re:does not provide encryption keys

[AmiMoJo]

If you set up your system is such a way that you really absolutely cannot provide encryption keys what happens?

Re:does not provide encryption keys

You get forced to put traffic snoopers on your network or be forced to shut down. (e.g. Lavabit)

What does it matter...

What does it matter if they encrypt it all and then give the keys to the government?

Re:What does it matter...

[aaaaaaargh!]

It's not totally useless. If the NSA officially provided encrypted cloud storage for free or cheap, this might be interesting to US American companies and people who want to protect their data against others and have nothing against being snooped on by their own government. Heck, some people would probably give up their freedom and democratic principles for a glass of free beer.

What does this mean exactly?

[synir]

"A Google spokeswoman said via email the company does not provide encryption keys to any government and provides user data only in accordance with the law."

What does this mean, exactly? That they would provide encryption keys in accordance with the law? That they could?

A robust system would mean the hosting company wouldn't be more able to decypher encrypted damage than anyone else. Are they offering that?

Re:What does this mean exactly?

[Zynder]

You don't understand what they mean? "Ok Gov, here's the data for one Emmett Brown, PHD, all 1.21 GB of it. I hope you got the keys otherwise you're wasting HDD space...". I know you're just trying to be "skeptical" cause that's the in thing now but seriously it isn't that hard to comprehend.

Re:What does this mean exactly?

[jeti]

It means that they don't provide the encryption keys. And the unencrypted data is provided to government agencies in accordance with the law. Since there are secret laws, we don't know under what conditions the data is provided.

Re:What does this mean exactly?

[icebike]

"A Google spokeswoman said via email the company does not provide encryption keys to any government and provides user data only in accordance with the law."

What does this mean, exactly? That they would provide encryption keys in accordance with the law?

It means they will decrypt the data and then hand it over.

Its server side encryption. The server has the keys.

Re:What does this mean exactly?

[mpe]

A robust system would mean the hosting company wouldn't be more able to decypher encrypted damage than anyone else. Are they offering that?

About the only obvious way to do this in a secure way would be "client side". Such that all that is ever stored (and transmitted) would be cyphertext. (Without it being knowlable to Google or the "spooks" even what encryption algorithm was used.)

Re:What does this mean exactly?

There is the nexus of our problem. We cannot or do not want to administer our services(email, voip, hosting, search, the connection itself). Boss cant do it, then its not going to be profitable, even if it the "right" thing to do.

Re:What does this mean exactly?

Hohokie.. Sounds really secure to mee!

One-time pads or client encryption is just, work, you know? Costs money those thangs..

Captcha: pierce

Re:What does this mean exactly?

[bob_jenkins]

Does Google charge more for data that doesn't compress? (Encrypted data doesn't compress, so if you're going to encrypt your data yourself you should compress it yourself too first.)

The fix

[sgt+scrub]

A Google spokesperson said that the company "does not provide encryption keys to any government... yet.""

fify

Call me paranoid

[TubeSteak]

"If you require encryption for your data, this functionality frees you from the hassle and risk of managing your own encryption and decryption keys," Barth wrote. "We manage the cryptographic keys on your behalf using the same hardened key management systems that Google uses for our own encrypted data, including strict key access controls and auditing."

That sounds meaningless.
All that it prevents is interception of data to/from your computer.
It does nothing to stop the NSA from requesting your data from Google, who would control your encryption keys.

A Google spokeswoman said via email the company does not provide encryption keys to any government and provides user data only in accordance with the law.

Which is exactly my point. If they control your key, they have access to your data.

Re:Call me paranoid

[Chalnoth]

It will be difficult to avoid such requests entirely, but this technology, implemented well, prevents the NSA or others from intercepting the data en route and reading it without a court order.

I'd also point out that Google has, in the past, pushed back against data requests.

Re:Call me paranoid

This offer is still pretty sure to make a good impression on the mainstream for PR moderate damage control... some people are now on the fence but locked in. They will look the other way with right buzzwords and a pat in the back.

The reluctant geek will more easily move to offshore alternatives knowing what you've mentioned. I mistrust the OS I'm typing this in, and even if it were clean, google probably still installs a system service or two with some non-Chrome programs ("just" for auto-updates).

Even with a clean OS, those of us who would encrypt data before handing it for storage have a big problem. The cloud these days means daily use and post-processing more than storage. There's lots of syncing for on-the-fly music playing, spreadsheet editing, calendar processing, file attachment handlers for pictures and video, etc. I heard Apple does tons of stuff that way too. Real encryption on my side means they'd just have a blob that is useless to my android device.

I'm not too confident in their well-meaning NSA-backed intentions. There's no mention of how middleware would take my pre-encrypted data, decrypt it and hand it to my phone for that cloud-y on-the-fly processing. Will Google throw in some half-baked offer with a flawed process that sneaks my keys away from me with the guise of convenience?

Re:Call me paranoid

[TheGratefulNet]

I'd also point out that Google has, in the past, pushed back against data requests.

and you know that, exactly, how?

oh right, they said so. yeah. ok. we're done here.

Re:Call me paranoid

[Mitreya]

A Google spokeswoman said via email the company does not provide encryption keys to any government and provides user data only in accordance with the law.

And once US starts to publicize their laws, that would maybe mean something

For now, "in accordance with the law" means nothing because of all the secret laws or secret law-interpretations that are out there.

Re:Call me paranoid

[smhsmh]

Ummm, if you want to store your data in Google's cloud, or anyone else's, then all you need do is encrypt it before uploading. Then the responsibility for keeping the key secret is yours. If Google reencrypts your data, there is usually no significant gain or loss of security. You can even share documents with anyone else who has the key, perhaps delivered by carrier pigeon. (Surprisingly, multiple different encryptions can sometimes be weaker than any of the individual encryptions - read that somewhere on Usenet long ago -- but I don't think this matters much in practice, otherwise a standard cracking technique would be to try reencrypting the encrypted data.)

Of course, this strategy won't work with Google's application suite (Google Docs, etc.) because your thin client talks unencrypted data with the application running in Google's cloud, even if the connection is ssh -- the data is unencrypted in the server until saved under encryption. Someone should explain to me again why accessing cloud-based apps from a thin client is such a win...

Re:Call me paranoid

[Tr3vin]

The thin client can be a little bit fatter, though. Since Google provides a web browser, why not add support to it to use your key to decrypt the data on your end? That way, the data on the server is always encrypted. They could provide similar functionality for other browsers via a plugin.

Re:Call me paranoid

[mpe]

You can even share documents with anyone else who has the key, perhaps delivered by carrier pigeon.

PGP/GPG have always had the ability to generate a cyphertext which can be decrypted by multiple keys. Which might be another option if the number of people who need to share is small.

Re:Call me paranoid

[smhsmh]

Yes, but this prohibits use of Google's many server-side tools for editing documents, spreadsheets, calendar, etc. If confidentiality of your data is to be preserved, that data can never be transferred unencrypted out of machines you control. That prevents the server-side application from checking your spelling, evaluating your spreadsheet calculations, or anything else. The cloud becomes nothing but a distributed filesystem.

But Google wants to read your data in order to advertise to you. That's why they provide the free service and have implemented all of it server side. They are not dishonest about this, but their denial that they share your data with government authorities seems to ignore the fact that a government can force them secretly to disclose anything.

Re:Call me paranoid

Ummm, if you want to store your data in Google's cloud, or anyone else's, then all you need do is encrypt it before uploading. Then the responsibility for keeping the key secret is yours.

What you suggest is to give away your money to known crooks who 'promise' to store it in their vault for you, but for security you lock it in a little box of your own first. Still not a wise choice. There is a bit more to data security than "uhm, just encrypt it, dude".

Re:Call me paranoid

It's farcical. What next, Google Meal, where you arrange for your groceries to be delivered to Sergei's house so he can eat them for you? Google Home Defense, where they keep a cricket bat under their bed in case of zombie apocalypse so you don't have to? That's not how this shit works.

TFA

[PPH]

Of course, if you prefer to manage your own keys then you can still encrypt data yourself prior to writing it to Cloud Storage.

Which is how it should all be done. Relying on Google's honesty, or some Google employee who doesn't want his fingers broken one by one, is just false security.

Re:TFA

[martin-boundary]

Which is how it should all be done. Relying on Google's honesty, or some Google employee who doesn't want his fingers broken one by one, is just false security.

No.

That is not how it should be done.

It should be done as follows:

You DO NOT give Google your data IN THE FIRST PLACE.

They have no business keeping your data for you. The sooner you learn this, the sooner you can start on the path to become a free man.

Re:TFA

And if you don't care about the data enough to encrypt it yourself (most won't, and honestly most data doesn't merit the inconvenience of doing so), letting Google do it for you is better than not, right? At least they have a track record of trying to push back against excessive government intrusion, and by encrypting all data at rest they limit the amount of data a rogue or coerced employee can give up without sufficient authorization and auditing.

All decryption must be done offline

The only way to secure the cloud is to have a private key on a portable device with limited network ability. Use the thing as a proxy, with an app that runs on the offline machine.

No keys, no issues.

Fool me once....

[larry+bagina]

Given what we know about the NSA, NSLs, and Lavabits, " [we do] not provide encryption keys to any government" is a worthless statement. With an NSL, Google will turn over everything and won't be able to say anything about it. With an NSL, Google will be required to lie (like claiming data is encrypted when it's not). Lavabits received an NSL and chose to shut down rather than honor it and sell out their customers. Google compiles with their NSLs.

You cannot trust Google or the cloud with your data.

Re:Fool me once....

[tftp]

You cannot trust Google or the cloud with your data.

If you store your data in the cloud, it means that:

• The 3rd party knows that you have some data stored, and they know its size, and they know how often you modify it or add to it. The observer does not need to have access to your private key to see that.
• You can never be sure that the data that you deleted was in fact deleted. In most cases, due to existence of tiered backups, it will take a long time to purge your data from an honestly operated system. If the system is ran by a Google-like entity, nothing ever gets deleted.
• If the observer wishes to decrypt your data, they can always use the $5 wrench, or (if they want to stay undetected) they can send people to duplicate your HDD or to install a keylogger.

The best way to store your data is on your own HDD, encrypted. The observer still can break into your house, but they would have to do it without any information leading to that. (Such as they wouldn't know that you even have a computer, let alone how often you modify certain files.) Modern terabyte drives (USB 3.0 or eSATA) remove every reason to bother with cloud storage - unless you want an additional bottleneck in form of the Internet link and a bunch of additional vulnerabilities, often for a small extra fee. Most people would be perfectly happy with an encrypted USB Flash disk (IronKey etc.) that they can always carry with them.

Re:Fool me once....

[Sperbels]

You cannot trust Google or the cloud with your data.

Doesn't this really boils down to, you can't trust your government? Nothing is safe.

Re:Fool me once....

[TubeSteak]

http://www.foreignpolicy.com/articles/2013/07/16/the_cias_new_black_bag_is_digital_nsa_cooperation

During a coffee break at an intelligence conference held in The Netherlands a few years back, a senior Scandinavian counterterrorism official regaled me with a story. One of his service's surveillance teams was conducting routine monitoring of a senior militant leader when they suddenly noticed through their high-powered surveillance cameras two men breaking into the militant's apartment. The target was at Friday evening prayers at the local mosque. But rather than ransack the apartment and steal the computer equipment and other valuables while he was away -- as any right-minded burglar would normally have done -- one of the men pulled out a disk and loaded some programs onto the resident's laptop computer while the other man kept watch at the window. The whole operation took less than two minutes, then the two trespassers fled the way they came, leaving no trace that they had ever been there.

It did not take long for the official to determine that the two men were, in fact, Central Intelligence Agency (CIA) operatives conducting what is known in the U.S. intelligence community as either a "black bag job" or a "surreptitious entry" operation. Back in the Cold War, such a mission might have involved cracking safes, stealing code books, or photographing the settings on cipher machines. Today, this kind of break-in is known inside the CIA and National Security Agency as an "off-net operation," a clandestine human intelligence mission whose specific purpose is to surreptitiously gain access to the computer systems and email accounts of targets of high interest to America's spies.

Stealing passwords with a key logger or phishing e-mail undoubtedly involves less paperwork than using the rubber hose.

Re:Fool me once....

I use dropbox with encfs; it's nice for files that I'm currently working on, as it gives me automated off-site encrypted backup.

Re:Fool me once....

[TheGratefulNet]

Google compiles with their NSLs.

interesting. the rest of us use gcc. does nsl optimize better?

Re:Fool me once....

[fast+turtle]

I also use dropbox but don't bother with encryption simply because I don't trust em to not share the data with everyone at the drop of a letter. If I need it encrypted, then I keep it off-line completely because the old saying about "a Secret is only secret if No One Else Knows it" applies.

Re:Fool me once....

[mlts]

What might be a good use for cloud is backups. Not live storage like box.net or Dropbox, but an encrypted blob of data [1] that is tossed onto a remote site and read from it as one large object.

With this in mind, managing remote data becomes an issue of key management. If each remote file is stored with a different key, just erasing that key (could be a password, or an actual keyfile as in the case of TrueCrypt) would ensure that the remote data isn't usable by anyone short of a complete AES break.

The advice from the parent is very good. However, hard disks are not archival media, so it doesn't hurt to use a known good utility (gpg for example) to make an encrypted tarball, then throw that onto a DVD or Blu-Ray disk every so often. Of course, this in combination with a backup program (Time Machine is one example) that can write to an encrypted HDD. What this gives is the ability to restore the whole OS from scratch if need be or a file. If both the drives in use and the backup drive get trashed, there is always pulling data from the optical media.

For data that needs to be stored and forgotten about (tax records), there is always GNU Privacy guard or NetPGP and Amazon Glacier, which will store a terabyte of data for about $10 a month. Of course, this shouldn't be the only archive for critical documents, but if someone's house burned down and all disks, optical and such were destroyed, stuff would be still accessible, assuming the encryption password or keys were obtainable in some fashion.

[1]: To help with size, the data can have some padding or chaff added before encryption. For example, a TrueCrypt container that has 512 megs in it could be full, empty, or anywhere in between... A gpg/PGP file can have some stuff from /dev/urandom thrown in so one can't tell the data inside from the file length.

Re:Fool me once....

yeah its true i agree...

i m from:
http://hackrulezz.blogspot.in/

Re:Fool me once....

[icebike]

Backup is all i use cloud storage for.

Some of it mildly proprietary. For that I use SpiderOak.com. Its client side encryption and They. Don't. Have. The. KEY.

Re:Fool me once....

Sure, as an individual you cannot protect yourself against a targeted attack. It's impossible because you lack electromagnetic shielding equipment and physical security, and your machines are too vulnerable on the Net anyway.

But we're talking about protection against generic, automatized mass surveillance and data collection. The OP is right, keeping your information on an encrypted HD at home is safest.

Re:Fool me once....

[aaaaaaargh!]

Doesn't matter at all. It's a US company and they have full access to your machine. Or is the endpoint software open source and has been compiled and security audited by yourself?

Re:Fool me once....

yes ... I've noticed over the years that the quality of (they call it 'editing') news articles has shriveled terribly ..

On any day I peruse at least several fauxnews sites including NYTimes, Wash*Post, MotherJones, WSJ, among others .

There never fails to be a significant grammatical or logical mistake. I don't recall having these thoughts during the first half-century of my life, but now 2/5ths into my 2nd I'm definitely seeing things differently ..

Re:Fool me once....

[jones_supa]

Some of it mildly proprietary. For that I use SpiderOak.com. Its client side encryption and They. Don't. Have. The. KEY.

Can you be fully sure you are protected? It seems they use their own proprietary client to transfer the data. At that point, well, they can do pretty much anything. Maybe there is another "NSAKEY" which works as an alternative universal key to decrypt any backup. Or maybe a three-letter-organization forces them to deliver a secret patch which contains an exception for your user account and suddenly makes it send everything unencrypted.

Re:Fool me once....

[chihowa]

SpiderOak derives your key from (only) the password that you log into the website with. That password is also stored as a hash on their webserver. Make sure you choose a good password, because that few bits of entropy are all that are protecting your data, and it's very probable that the NSA have ever-growing rainbow tables to bypass the hash.

But really, like all third parties, you have to take SpiderOak's claims at face value and decide whether you really want to trust a third party with sensitive data. You have to trust that their security implementations and policies are well-designed and followed properly. You have to trust that they will not cooperate with other agencies and betray you, which they could easily do without you knowing.

For example, you claim that "They. Don't. Have. The. KEY." but they could easily get it without your knowledge. They could capture the password as you enter it into their website or the client and then "They. Would. Have. The. KEY." If they were compelled to do so, as perhaps Lavabit was, then your data would no longer be secure and you wouldn't even know it.

If a CA issued a phony certificate for SpiderOak.com or the NSA got the private keys for the website, they could intercept the password when you log in and then "They. Would. Have. The. KEY."

I have no beef with SpiderOak (except that they aren't terrible upfront about the use of key derivation and reuse of the website password for it), but ultimately you are responsible for your own security and trusting a third party to do it for you (and trusting their unverified claims) does not clear you of that responsibility.

Re:Fool me once....

[icebike]

Your website log in key is not your spideroak encryption keep. You can't deduce one from the other unless you were stupid enough to use the same key for both.

Re:Fool me once....

[chihowa]

That's an odd thing to say, since it's demonstrably not true. I just set up a new account with them, picked a password of "1" (which didn't didn't set off any warnings, even though that is the sole secret protecting all of the data), then logged into the website with that password.

Furthermore, you can't change one password separately from the other. As listed on their site:

NOTE - PASSWORD CHANGE: Due to our security measures, you may only change your password within the SpiderOak application. This ensures our zero-knowledge privacy environment. You may change your password within the application by opening the 'Account' section in the upper right corner.

Re:Fool me once....

[icebike]

When you first set up the account they may be the same, but from then on out, you need never access the website again. But if you do they don't write it to disk. So if you dont trust SSL, just don't visit the website. Do everything through the client.

You can't change the password on the website. (Why? Because they recognize that is insecure). You can only change it in the client application (a locally installed piece of software), and as soon as you do that your machine gets busy re-encoding all of your data on their site from your synced directories with the new key.

They do not retain the new key on their site.
See: https://spideroak.com/faq/questions/3/does_spideroak_use_encryption_when_storing_and_transferring_data/

They can't even see directory names or file names. They intentionally have no way to decrypt your data.
If you lose your key, you are SOL.
They intend to Opensource the Client side.

Re:Fool me once....

[icebike]

Oh, forgot, go carry on your argument with SpiderOak. Start here: https://spideroak.com/engineering_matters where they explain exactly how it works.

Re:Fool me once....

[chihowa]

Even if you don't access their site again, they still have your password in plaintext long enough to make a hash for the webserver to use. If you do ever use their site again (which many people might do: for instance, their site is the only way to buy more space), the login page on their site is a simple POST for the submission of the password so it's easy enough to snatch it there if they were compelled to. That's not even getting into their use of a closed source server and client and unverified crypto implementations (they toss out nice buzzwords on the site you mention, but you don't get to see how they implemented them).

I don't care about taking this up with them, as they have no real reason to address anything. I don't use their service for secure data storage. They state on their site that they are secure with "zero knowledge" and people give them money and post exaggerated inaccuracies about their 1337 security online. It sounds like a great business model to me.

I just want to make sure that everybody uses a little critical thinking when deciding to trust a third party with their data. The fact that their design has holes in it needs to weigh into the decision to use them, even though it's compelling to think that they're a champion for your online privacy.

Re:Fool me once....

[chihowa]

Basically, your whole argument boils down to "they say...", "they say...", "they say...", but you're given no means to verify any of it. That's not how you do security.

Do you know the people running SpiderOak? Then why do you trust them so implicitly?

Even a layered approach, like TrueCrypt on Google's "encrypted" Cloud dilutes the trust you need to put in any one party. You're putting all of your eggs in one basket, which has exploitable holes, and trusting that basket entirely because of the basketmaker's advertising. That is not a fair strategy for proper security. That's the illusion of security.

Re:Fool me once....

[lipanitech]

Google is beefing security by doing this and adding 2048 keys but I agree your own HDD encrypted and offsite is a safer bet then in the google cloud. I don't put anything in the cloud that I don't want anyone to see.

Red riding hood

[TheP4st]

When I was 8 years old Red Riding Hood seemed convincing enough to be true.

Fool me once..

Re:Red riding hood

ha ha ha ha....is there anyone but an absolute newbie going to think that this is actually going to help??

Possible Benefits?

[az1324]

Server side encryption is only potentially beneficial for limited data breaches where the attacker gains access to the data but not the keys. In the case of government requests, they have the same rights to ask for the keys as for the data. Perhaps if there is a seizure of entire disks then having encryption may oblige them to ask for specific keys and therefore protect your data from snooping when you are not the target. It is also unclear exactly how unique/granular the keys are.

Re:Possible Benefits?

[fa2k]

It also protects against theft of the physical servers and residual data on discarded drives. Not as big of an issue for Google, but server side encryption is good for small operations.

does not provide encryption keys to any government

only the decrypted copy

THIS IS NOT GOOGLE DRIVE

[Nimey]

This is not Google Drive that's getting automatic encryption, it's their Cloud Storage, which is only available to developers.

Re:THIS IS NOT GOOGLE DRIVE

To encrypt Google Drive use something like Syncdocs to do encryption on the client before uploading file to the cloud.

Re:THIS IS NOT GOOGLE DRIVE

Google drive uses google's cloud storage on the backend.

Give and Take

Of course they don't provide the government with keys. The government provides itself with those keys. That's the whole point. Google doesn't give. NSA takes. The result is the same. I would be highly suspicious of their promise to provide key management to the end user. How will they demonstrate that it isn't back doored? Will they provide open source for the client? Will it be vetted? Will it run without patents? Isn't it just easier to buy a TB pocket drive?

Don't trust the cloud, period.

[C3ntaur]

If your data is worth encrypting, do you really want it in the cloud at all? The internet never forgets. Given the rapid advances in both raw compute power and cryptography, something that takes unimaginably long to brute force today, might be trivial to crack in just a few years.

Re:Don't trust the cloud, period.

Some thoughts:
    -The 'internet' could actually forget a huge file of seemingly random data; there's little incentive to copy it around. That embarrassing photo is out there forever, though.
  - If a key is long enough, there will never be a way to brute force it. Look for Schneier's quote from Applied Cryptography about "computers built from something other than matter". The number of bits needed in the key to reach this threshold is surprisingly small (128-256).
  - Planning for the day that data might escape is a good design principle. But, it is no longer the case that it is guaranteed to escape - the odds have shifted to where its more likely that something encrypted today will stay that way (as long as the key doesn't leak, which is a whole other topic).
  - "worth encrypting" is a pretty low threshold.

Re:Don't trust the cloud, period.

[jones_supa]

That embarrassing photo is out there forever, though.

Yes, the distribution of that photo is embarrassingly parallel. :)

Mixed Messages

http://www.cbsnews.com/8301-205_162-57598496/google-gmail-users-have-no-expectation-of-privacy/

Google lawyers say otherwise. NSA black hats say who cares, we take what we want, Google doesn't give a damn (thing).

Convenient

[elysiuan]

In other news leaked internal NSA documents show that they only begin to have trouble cracking AES at 256-bit key sizes and higher.

Re:Convenient

Information about a break in AES like that would the holy grail of crypto leaks, but I can't find a hint of it. Wired had an article a while back about the NSA's progress against a 'major encryption standard'. Most of speculation was that it was RSA, not AES.

tl;dr: citation needed.

Re:Convenient

yes .. and the committee that chose AES256 as 'best' did so only because its cost of implementation is less. Contrarily, the actual winner of that contest was 'Serpent' , a significantly better algorithm ... tho more-costly to use.

Why is this fact so rarely appreciated ..? Thank goodness for TrueCrypt!!

It's a bad sign that Google chooses AES128 .. a very bad sign. It makes 'cloud storage' to be a joke .. a very serious and catastrophic joke. I would fire any employee who went along with that one!

Re:Convenient

Please provide a copy of these documents, because it runs contrary to the information I've seen, and what the NSA thought when they commented on Rijndael for the AES competition. If they had any means of cracking AES which is actually practical, it would be extremely big news if they did not inform everyone, as they are legally required to do so. We would probably switch to TWOFISH as an alternative, or hold a new symmetric algorithm competition with the knowledge of the crack.

(Remember, the NSA have two missions: securing US government data and spying on everyone else. Even if the missions are in direct conflict with each other in most cases, all the US government data worth having is encrypted with AES, as their Suite A clandestine crypto algorithms such as BATON are in fact qualitatively worse.)

It turns out that AES is actually marginally LESS secure at 256-bit and 192-bit than 128-bit, due to a meet-in-the-middle attack. (Twice the size, but only 4 more rounds.)

Perhaps you meant RSA. But that's no news. I could crack RSA at 256-bit, or 512-bit, or 768-bit, and I could take a pretty mean crack at 1024-bit with recent advances (others could have done it already). 1280-bit is beyond my means, maybe someone could do it, 1536-bit no way, 2048-bit hahaha no chance. But attacks always get better: they never get worse. Recent advances make it start to look wobblier. ECDSA or ed25519 have much higher security margins and smaller keys and we should really be thinking about switching to them. Quantum computers are not a threat yet, unless your RSA key is 15.

Re:Convenient

I would fire any employee who went along with that one!

I would fire anyone who thinks that this is the kind of thing to fire people over. You have zero evidence for your position.

Re:Convenient

And horses fly.

128bits of secure storage

As long as your store your data in as the AES key, Google will not sure it with the government.

Re:128bits of secure storage

128 bits should be enough for anybody.

... only in accordance with the law.

The summary leaves out a critical bit of the company spokesperson's quote from the article: they won't give anyone your encryption keys directly, but they'll happily USE the encryption keys they're managing for you to decrypt your data and give the decrypted data to anyone who makes a legal request.

All this buys you is a tiny bit of defense in depth in case someone tracks down the Google server(s) that are storing your data, breaks into the data center, and physically yanks the hard drive out of the machine. Doesn't do anything to prevent a government from getting access by asking politely, and doesn't do anything to address the wide-open front door of someone guessing your account password.

If you care at all, you should be using client-side encryption. If you don't, this is just adding extra latency.

Re:... only in accordance with the law.

[Wootery]

If you care at all, you should be using client-side encryption. If you don't, this is just adding extra latency.

Surely it's just adding extra latency even if you are using client-side crypto, no?

Re:... only in accordance with the law.

[TCM]

"In accordance with the law" is a hollow phrase when the laws itself are unjust or secret to begin with.

Everyone following your "laws" and not openly disobeying them is in good company with people "just following orders" in 1933's Germany.

wasted CPU cycles

A Google spokeswoman said via email the company does not provide encryption keys to any government and provides user data only in accordance with the law.

In accordance with the law, they are required to turn over what ever is asked of them.
In accordance with the law, they are not allowed to speak about what they have turned over.

It's just wasted CPU cycles at this point.

does not provide encryption keys

A Google spokesperson said that the company "does not provide encryption keys to any government."

Of course, they just need to send a clear copy to NSA before any of stuff got encrypted.

Does anybody still believes that ANY that passes through any server in the US can be safe from NSA snooping, unless the stuff is being encrypted on client side before it leaves your PC? Even then, NSA would still collect all the metadata about it (when, where, who).

still evil

meh, google still works with the NSA to copy all traffic in and out of their network.

I will do it myself

[Reliable+Windmill]

I will encrypt my data myself, that is the only way I can keep it private. But hey, thanks for the free storage. Maybe you'll manage to trick someone else with this?

The bad news is...

the encryption password is "trustno1"

does not provide encryption keys to any government

[hottoh]

"does not provide encryption keys to any government."

Means, "we provide encryption keys to the whim of any government." Guessing this is true.

bullllllshit! cloud computing is dead...

and the government killed it.

Re: Secret court order or just a letter///

... but this technology, implemented well, prevents the NSA or others from intercepting the data en route and reading it without a court order.

Where have you been - your mom's basement doesn't have TV? NSA can either get a secret-court order (which you cannot challenge or even hear about) or just write a "national security letter" themselves. No need to bother with a real court/judge that might let someone know what they were doing.

What is wrong with people?

Why are people so quick to give up control of their data to anyone? Especially a corporate entity? I am baffled by this. I know the reasons why and they all suck. Control your own data, people. Data is the new oil, and people are too quick to share it, give it away -- whatever -- for nothing much in return.

Re:What is wrong with people?

[glenebob]

Data might be the new oil, but the data of any one average person is worth almost exactly nothing. Should I charge Google almost exactly nothing for my data?

Re:What is wrong with people?

I'm sure one could divide a category of Google's profit by the number of customers they have to determine the avg value per customer.

Don't be so intransigent.

I want my browser to manage my keys

[aviators99]

When I first read the summary I thought Google was going to provide me a way to manage my own keys in a practical sense. I would like for my browser to automatically decrypt when I download from Google Drive using private keys stored on my local store (with a pass phrase, of course).

Re: I want my browser to manage my keys

I'm sure Google will write something to do that.

But it will only run under chromium.

Re: I want my browser to manage my keys

Do we dare trust the browser? Mozilla's wallet is in bed with Google, chrome IS Google, MSIE and Apple are American, Opera is NON-American... who is safe? do we turn to some obscure extension writer who could be a plant sneaking in NSA backdoors?
What the US has done is pretty much say, oh hi, now you SEE me watching you and I dare you to keep doing exactly the same you were doing this whole time. The cloud itself is useless if it's encrypted. I can use a local storage for that. Will anyone dare put up crypto interfaces just to hide their right to listen to their own encrypted, legally obtained music privately?

Re: I want my browser to manage my keys

[Thor+Ablestar]

It's just why the satisfactory backup program should be simple and contain no browser and no parts that you cannot possibly understand. Bare minimum: OS, the builtin opensource HDD crypto of this OS, and an orthodox file manager for that OS. Nothing more. And if your OS has no opensource HDD crypto - change the OS before the worst happens.

Re:I want my browser to manage my keys

How is google going to profit from targeted advertisements when you en/decrypt your data in your browser?

Re: I want my browser to manage my keys

[aviators99]

>Do we dare trust the browser?

If it's open source and I compile it myself, Yes I trust it.

Re: I want my browser to manage my keys

[Thor+Ablestar]

No parts that you cannot possibly understand. Do you understand the inner workings of your opensource browser well enough?

Re: I want my browser to manage my keys

Not so fast...

http://www.win.tue.nl/~aeb/linux/hh/thompson/trust.html

Re: I want my browser to manage my keys

[aviators99]

Why yes, I do. And that means that at least my good friends and I are in good shape :-)

When Push Comes to Shove, they'll bend over

"No Legitimate Expectation of Privacy," Says Google, Quoting the Supreme Court

http://reason.com/blog/2013/08/14/no-legitimate-expectation-of-privacy-say

  “a person has no legitimate expectation of privacy in information he voluntarily turns over to third parties.” Smith v. Maryland, 442 U.S. 735, 743-44 (1979).

Google Drive is not Google Cloud Storage

Summary: Google is deliberately trying to confuse customers and users into believing their files are secure. US company, data hosted in the US, your files belong to the NSA.

words, words

[mbone]

"does not provide encryption keys to any government."

Based on recent evidence these words mean absolutely nothing* and you would be a fool to trust them.

* That doesn't mean they are technically a lie. Maybe 128 bit AES has a hidden weakness. Maybe there is NSA sponsored back door to their code. Who knows?
Who, except for the forensic types, cares?

Same google

[ceoyoyo]

This is the same Google that insists in court: of COURSE we read your email... why would you expect anything else, right?

Sing the song

[gmuslera]

Obama killed the cloud star. Google must comply with legislation, they could deny (at least till NSA summons another secret law that essentially says all your data are belong to us), but at least for citizens of other countries, or americans that contacts them they must give the data anyway. Once they put in the tables laws that force you to do something and not speak about it you can't trust in anything they say, you just can't decide if its true or is a lie that is forced to say (even assuming their best good will in this topic).

Re:Sing the song

[cornholed]

Judging by your uid, you must not be from around here.

Re:Sing the song

Obama killed the cloud star.

What? The presidents, congress and house of at least the last 4 election periods in combination did what has no killed the cloud star in the US. For all you now know, Obama was the strongest behind-the-scenes opponent of these events. Not that I think that, but I've got as good evidence for that as you've got for the opposite. You guys need to get a whole load of new parties. Focusing on Obama in particular is a fool's diversion.

Verboten

"'Once a pillar of innovation' at Google, now verboten."

Mathematics and those who know mathematics are ... verboten @ Google.

Anyone with a Ph.D. in Mathematics and Physics @Google are ... Verboten.

20 month time frame for Google now shows employees evolving to ... 'technicians.'

Page likes employees who are without high school diplomas who have gender confusion, cocaine and viagra dependencies.

Ha ha @Google

Re:Verboten

[Thor+Ablestar]

Unfortunately, it's THE fate of any large and successful corporation.

Sounds like somebody is getting a bit desperate

[fustakrakich]

Anybody else think that this cloud business is taking a hit? Maybe they should try a different angle and tell us that NSA is good for us and is perfectly safe...

Google IS the fucking NSA, you idiots.

God damn, you motherfuckers are so devoid of intelligence
you need to be told when Dracula has his fangs in your throat.

Bottom line :

If you want to keep it secret, do NOT send it via electronic means, period.

And?

[no-body]

The encryption master keys are subpoenaed under a NSL by our good friends looking out for us, so nothing bad happens.

In Soviet Russia, all us belong to your base.

[Thor+Ablestar]

The only really secure data are the ones written to your own HDD in your safe in your basement, encrypted with opensource program, with part of encryption key entrusted to some friend who is instructed to return it to you when he is satisfactorily ensured that you are not under coercion.

Transparent PR Stunt

[FuzzNugget]

OK, so you have the option to manage your own keys, but we're trusting that Google doesn't copy your keys when you create them and that they don't have a backdoor. Based on recent revelations, I wouldn't put either past them.

Once Google unequivocally tells the feds to fuck off the next time they come sniffing around for user data, I'll put some stock into such supposed privacy measures.

Re:Transparent PR Stunt

[swillden]

Once Google unequivocally tells the feds to fuck off the next time they come sniffing around for user data, I'll put some stock into such supposed privacy measures.

Google refuses ~30% of government requests for user data.

Keep in mind that most requests are subpoenas (which can only get extremely limited data; name and IP address, basically), court orders (which can get a bit more, but not e-mail contents) and search warrants, and I think it's quite likely that if you were in a position to look at the requests and their rationale, you'd agree that most of them are legitimate and not only legally must be respected, but should be respected, because it's the right thing to do.

http://www.google.com/transparencyreport/userdatarequests/

http://www.google.com/transparencyreport/userdatarequests/legalprocess/

Re:Transparent PR Stunt

http://www.google.com/transparencyreport/userdatarequests/

http://www.google.com/transparencyreport/userdatarequests/legalprocess/

These are the about the ones they CAN tell you about. What people worry are those that they can't even talk about.

For all we know, ONE single request to Google can have them send ALL their data to NSA all the time and be quiet about it, making all those other requests that Google refused meaningless except for fooling people like you.

Goggle complies with local laws ...

[perpenso]

Google complies with local laws and regulations. Remember their previous venture in China:
"The new local Google site, expected to be launched Wednesday at Google.cn, will include notes at the bottom of results pages that disclose when content has been removed, said Andrew McLaughlin, senior policy counsel for Google. "Google.cn will comply with local Chinese laws and regulations," he said in a statement. "In deciding how best to approach the Chinese--or any--market, we must balance our commitments to satisfy the interest of users, expand access to information, and respond to local conditions.""
http://news.cnet.com/Google-to-censor-China-Web-searches/2100-1028_3-6030784.html

When a legal order to turn over info is received they will do it. The only question is what constitutes a legal order.

Re:Goggle complies with local laws ...

When a legal order to turn over info is received they will do it. The only question is what constitutes a legal order.

They go to great lengths to explain exactly that: http://www.google.com/transparencyreport/userdatarequests/

Encrypt your own data ...

[perpenso]

Of course they don't provide encryption keys to any government, they just hand over the plaintext.

Now how are they going to do that if one encrypts the data before sending it to the cloud service? Don't give your cloud service the plain text.

Re:Encrypt your own data ...

Ah you they just give the option of a National security letter and or a free plane ride with a $500 military wrench thrown in

Too late

[sugarmotor]

It might have been. But too late now.

If Google is able to give up your keys...

... then you are doing it (encryption) wrong.

Useless security without direct control of the box

[assemblerex]

What they will do is snoop your connection for when you input the password. Https connection? They will have the cert keys already.

You might as well be using open to send the password.

Unless you are uploading locally encrypted files to the cloud (for convenience I suppose) and never sharing keys except in person you should be fine.

Until they kick your door in that is.

Proof of security would add value

[jcasey]

If Google had a way to PROVE that their service was secure, then that might be worth entertaining. Such PROOF would need to satisy concerns about the handling and passing of data and keys, and securely deleting information when the user requests it to be deleted. Unless they can prove that they are secure, this is an utter joke. Their reputation has been trashed as a result of their unfortunate run in with the three letter orgs. Its a pity.

Re:Proof of security would add value

[Thor+Ablestar]

There is NO way to prove this. It's just impossible to prove the absence of anything (here: the absence of security holes) except in very special cases.

It's of course possible for them to disclose the program that resides on your computer and stores your data in Google cloud, but it's impossible to prove that this program has not been changed before use, or your Windows has no malware that sends your keys to KGB (Or NSA - doesn't matter). Or that your keyboard has not been bugged, or that you will never be sodomized with soldering iron somewhere in basements of FSIN (GULAG).

Why are people worried about the government?

[cyn1c77]

I don't understand all the cynical comments about the government forcing Google to decrypt everyone's data.

Would 128-bit AES encryption really bother the NSA that much? Would it even bother a committed hacker that much? If anything, this will just provide Google with a little ass coverage in case they every get hacked by someone other than the NSA.

But seriously, if this is something that you're really worried about, you should be encrypting your online storage yourself. Or better yet, don't store anything online. Even better, don't network a computer that you aren't willing to have hacked. The level of inconvenience goes up with the level of security; everyone needs to decide what will work for themselves.

Re:Why are people worried about the government?

Is the WPA 128-bit encryption used by WiFi similar to what Google is offering? How difficult is it to crack keywords for that 'security' method?

I'll still use Tahoe-LAFS instead, thanks.

Tahoe-LAFS is just as free-as-in-beer, yet also free-as-in-speech. Encryption is automatic and I can install it on any workstation.

Dear Gov,

These are all the keys possible that the user is 'not' using. Dear user, We did not give them any keys you use.

How do you know?

[Ralph+Spoilsport]

You say "They don't provide any keys." But if they did, you would have no ability to tell. WOULD YOU? Very simply the internet can no longer be trusted. At all. Ever. It's effectively enclosed and dead.

Re:How do you know?

You've never been able to trust "the internet", no change there. Cryptographic security can only be had point-to-point. You encrypt on a node you trust, and decrypt on a node you trust. The idea that you can have "secure email", for example, where the decryption doesn't happen on the machine in front of you is ludicrous (not the rapper).

Re:How do you know?

[TCM]

If you think the Internet could ever be trusted you started using it way too late.

The Internet once was this cozy anarchistic place where it was all just packets and if you didn't secure your shit, you were owned, right as it should be. Now it's all marketing scum drowning you in ads, trying to get into your pockets and living rooms, global adversaries becoming a real threat and ass-backwards pussies trying to censor your shit.

Fuck that.

Don't be good...

[eviljav]

I don't see how anybody could trust them at this point.

False Sense of Security by the bits...

[NeoStrider69]

AES-128? Really? Why not higher at least? If you want to provide a false sense of security at least up the magic numbers and make it sound harder than just handing over the decrypted data since they obviously have the public and the secret keys.

128bit AES is insecure

[flyingfsck]

Google doesn't need to give the keys to anyone if the algorithm is insecure.

Re:128bit AES is insecure

Seriously, which retards awarded you mod points ?

Is a score of 2 the obligatory minimum for any post from someone with an account no matter what it contains ?

Re:128bit AES is insecure

How is AES-128 insecure? Do you know of a cryptanalytic breakthrough that you haven't told anyone else about, or have you built a quantum computer with a couple of hundreds of qubits in your basement?

Re:128bit AES is insecure

[EmagGeek]

If you have "Excellent" Karma you get to post directly to +2 for all of your posts.

Too late google.

[lapm]

So they finally desided to encrypt users data? So its been unencrypted upto this point? I tough googles prime policy was do no evil? Considering who is looking to spy on you,i would not consider only 128 bit AES secure by any standard. Not to mention google can get unencrypted data to them anyways... Always wondered why every encryption standard in use on internet need to be accepted by NSA first? Most likely becouse NSA wants to make sure they can brake it.

Worthless.

Unless the decryption is done on your own computer and your key never leaves your own computer, this is utterly worthless since of course the NSA can intercept anything in transit. And _if_ the encryption is on your computer only with software under your own control (not "updated" by Google ever), you don't need Google for anything but plain unencrypted storage. They might be annoyed that your data compresses lousily, but that's it.

Conditionals

if you were in a position to look at the requests and their rationale, you'd agree

If you were a dog, and thought like a dog, you would behave like a dog.

Re:Conditionals

[swillden]

if you were in a position to look at the requests and their rationale, you'd agree

If you were a dog, and thought like a dog, you would behave like a dog.

Allow me to rephrase: I think just about any intelligent, reasonable person would look at the warrants in criminal investigations, the subpoenas in civil suits, etc., and find the requests reasonable, appropriate and in the interest of justice and society in general. You know, the 4th amendment allows warrants for a reason... because they make society a better place. National Security Letters... that I'm not so sure about. We need real oversight, and (as mentioned in another article on /. today) we don't have it. But, given appropriate oversight to make sure they're really justified -- meaning that they're directed very specifically at people for whom there is convincing evidence of terrorist or other activity that endangers large numbers of lives -- even NSLs are probably a good thing.

Re:Conditionals

We need real oversight

Oversight doesn't work. Either the overseers lie, or the agencies lie to the overseers. Or both.

Real oversight is a myth. Grow up.

Sorry Wrong Crowd

This us not for geek consumption, this is for the unwashed masses, ie the people who pay them the dollars. Geeks squealing about it, is a gnat on a elephants ass.

People aren't afraid of corporations or bad people

They are afraid of an ever expanding totalitarian government that forces corporations to comply with illegal, unconstitutional methods of spying and harassing its citizens. The moment a law passes where it's federally illegal to do even the most trivial things on the net like watching an epiosde of family guy on youtube will be the day when the government can arrest anyone at any time because quite frankly we've all done it and google has a log of it. Say something against the leading political party and they might use your browsing history against you somehow in the court of law. Of course they COULD use the NDAA but I'm sure if they had more ways to screw with us then the better.

I don't care if Google sells my info to viagra to deliver target ads, I only care about how my data is used. So far these companies don't seem to misuse my info although insurance companies might eventually. The NSA on the other hand needs to be disbanded completely. I used to have quite a bit of respect for them over 15 years ago but yeah, that was 15 years ago.

right

the company "does not provide encryption keys to any government." ...by which we mean we totally give all encryption keys to any government that asks.

Lies and secrets

[kbg]

"A Google spokeswoman said via email the company does not provide encryption keys to any government and provides user data only in accordance with the law.".

First of all NSA lied to congress so how do we know that the Google spokeswomen is not lying also? Secondly if the laws are secret then how does the public know what is in accordance?

Really.

128 bit AES keys..are these even secure? I doubt it.

Proven Evil

[stevegee58]

Why listen to a known liar?

Google will never be trusted again.

[openthomas]

The damage to their business is irreversible. Google sold out their users rights to privacy and didn't whisper a word about it until they got exposed. And then they lied and got caught again.

Google *never* lies!

While the NSA exists, we can't trust Googl, FB, MS, Apple, etc. There's plenty of other, better, choices out there for us.

"Do Evil."

[grub]

"Do Evil." Google's new slogan.

Forget it.

Don't bother, google. If I use a cloud service, all my data will be encrypted before I load it up to it.

How this really does help (a little)

[Sloppy]

If you strain to look at things in the best possible light, you will figure out there are some scenarios where this helps. And if you take a pessimistic view, I think the conclusion is that this is completely harmless. Unfortunately, it's also very dishonest, so Google earns a demerit anyway, but that's another topic that plenty of people are already going on about. ;-)

Obviously this doesn't protect the data if Google is coerced into giving up the key, or if Marketing decides there might be profiling advantages to be gained in examining the plaintext.

But it does help against certain types of inadvertent leaks or subterfuge. For example, my server's disks are encrypted with a key that is easily available on their boot SSD. If you steal my server you have my data. If you sneak into my server, you have my data. The encryption is starting to sound useless, isn't it?

But if you take a disk and leave the rest of the machine behind, you don't have anything. If I get too many Offline Uncorrectable SMART errors and send you my disk for a warranty replacement, you (nor anyone who intercepts the delivery) don't have my data. The encryption isn't useless; it's just mostly useless. Except that it's useful in what just happens to be the most common scenario, something that happens 3-4 times per year as various disks rotate through UPS' fine delivery service.

If Google is doing something like that, cool. And if they're using iSCSI or something where disk blocks are moving through their own internal network where the attack surface is even larger, and now a sneaky tap on their storage network will start seeing ciphertext instead of plaintext, I say: good!.

It's a bit slimy that Google is announcing this common-sense minor edge-case precaution right now, when the public is thinking about totally different threat models thanks to this years' news stories. And the announcement itself is completely full of bullshit. But nevertheless, look carefully and you really will see something with just a little bit of positive value.

I'll say what I've said before: It's good to fear and act against Big Brother, but the thousand Little Brothers out there are attacking you much more often and overall probably causing us all more long-term average loss. Deal with them, and you'll also be incrementally dealing with Big Brother too, by changing how we think about info security.

You cannot trust Google or the cloud with your dat

[nurb432]

I trust them with my unimportant data as its not important if its seen like a book i purchased or a movie ( its still wrong of course ). I also trust them to house my pre-encrypted data, where i hold the key.

Bastards No Good

So now when NSA, DNI, DoJ, or WH come calling Google will charge $1M cash (to fund Page's next toy) for the decrypt keys.

Not good Google.

and...

Why would anyone store anything sensitive on the cloud anyways? That's just asking for trouble...

The big lie

"A Google spokesperson said that the company "does not provide encryption keys to any government."

That is a lie. A big, fat, bald-faced lie. Anyone with two brain cells to rub together knows that Google and every other corporation depends entirely on the benevolence of our despotic dictator to continue operations without "help" from the Department of Injustice.

There isn't even a reason to believe any longer that doing your own encryption protects your data, as it has been demonstrated that the NSA can read the electromagnetic emissions from your PC from hundreds of feet away and know what you are typing, what is going over your network cables, and the data whizzing by on your SATA cables. They can even tell what's in the RAM of your PC after it is turned off (since, after all, RAM is just a big bank of capacitors that discharge very slowly when not refreshed).

There is no privacy anymore. Ever. Anywhere.

You have the keys google! Pointless

[pabloa98]

Google has the keys to encrypt and decrypt. So I agree, they can still send the my information to NSA without sends the keys. Corporates thinks we are stupid. At least we are not SO stupid....

So we are to beleave a corporation that has lied

[Stan92057]

So we are to beleave a corporation that has lied...numerous times to there customers/stockholders?? HAHAHAHAHHAHAHA I would be more afraid to use any server service no matter who provides it and especially not trust Google. The do no evil corporation thats got caught lieing more then once.

The NSA can decrypt data on the fly

The NSA doesn't need a key they can decrypt any data streaming. What is wrong with you people. I thought you all knew this already !

does not provide encryption keys to any government

"does not provide encryption keys to any government"

Right, so Google will instead provide them to a government contractor, who will in turn provide them to the government.

Tomorrow's Headline

[Taigitsune]

Former NSA Insider Announces AES-128 Vulnerable to Trivial Attack.