Slashdot Mirror
Data Encryption On the Rise In the Cloud and Mobile
dkatana writes: Overall, demand for encryption is growing. Cloud encryption services provider CipherCloud recently received a $50 million investment by Deutsche Telekom, which the company said positions it for "explosive growth" this year. The services are designed to allow corporations to benefit from the cost savings and elasticity of cloud-based data storage, while ensuring that sensitive information is protected.
Now, both Apple and Google are providing full encryption as a default option on their mobile operating systems with an encryption scheme they are not able to break themselves, since they don't hold the necessary keys.
Some corporations have gone as far as turning to "zero-knowledge" services, usually located in countries such as Switzerland. These services pledge that they have no means to unlock the information once the customer has entered the unique encryption keys. This zero-knowledge approach is welcomed by users, who are reassured that their information is impossible to retrieve — at least theoretically — without their knowledge and the keys.
Now, both Apple and Google are providing full encryption as a default option on their mobile operating systems with an encryption scheme they are not able to break themselves, since they don't hold the necessary keys.
Some corporations have gone as far as turning to "zero-knowledge" services, usually located in countries such as Switzerland. These services pledge that they have no means to unlock the information once the customer has entered the unique encryption keys. This zero-knowledge approach is welcomed by users, who are reassured that their information is impossible to retrieve — at least theoretically — without their knowledge and the keys.
So this-or-that company promises you unbreakable encryption or that they won't poke their nose in your data. Do you trust them? I don't. All it takes is a little firm chit-chat from the national security agency of the country your data is hosted in, and your "safe" data isn't safe anymore.
If you really insist on putting files and shit in the cloud, encrypt it yourself before uploading it. Better yet, run your own server and provide yourself with your very own fucking cloud. Those who want real security aren't lazy and do the work themselves.
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
It doesn't matter.
Don't trust them? Encrypt your data with a private key before you upload it to them.
The point of encryption is that you can just give your encrypted data to people. Without the key, there's bugger-all they can do with it. You don't HAVE to trust them. You just have to ensure they don't have the key. And why would they need to?
Hence, don't trust them. Don't believe them. Who cares? Encrypt it yourself anyway, and it's game over.
And, if you want to get really pedantic, so long as you NEVER provide them with the public or private keys yourself, there's no way they can decrypt it. Now, they may be embedded in their software, or potentially accessible by their app, or whatever, but that's for you to determine. If they can't get your keys, it doesn't matter what happens on their end. That's the whole point of encryption.
And exactly why use of it has exploded. It's as simple as not giving Samsung, Google, Apple, etc. your actual KEYS but letting them hold your data.
Don't trust them, if you don't want to, because you have absolutely no need to do so in order to let them hold your (encrypted) data.
We can't allow politicians to turn the Internet into a police state, that is something that happens in China and North Korea, it can't happen in Europe
*cough* 1939 *cough*