Cloud Security and NSA

Home Forums Miscellaneous Cloud Security and NSA

This topic contains 0 replies, has 1 voice, and was last updated by  Henry Brown 5 years, 5 months ago.

  • Author
    Posts
  • #179390

    Henry Brown
    Participant

    IMO nothing earth shattering new but interesting commentary in anycase…

    Again IMO interesting solution to “mass data collection”/spying is encryption, not sure terribly practical but…..

    From the Cloud Security company Porticor Blog:

    Did Snowden Compromise the Future of Cloud Security?
    July 9, 2013 by Ariel
    Is Cloud Computing dead after PRISM?

    As Edward Snowden, the NSA leaker who kicked off the PRISM scandal seeks asylum around the world and creates headlines on every major newspaper, some of us have started discussing the more serious ramifications of the scandal.

    Naturally, the aspect that interests us most is cloud security and we are analyzing what level of paranoia is justified based on what we learned from this affair.

    Does the government control your Hypervisor?

    One argument that comes up a lot: if the government can get cloud providers to cooperate using laws like the Patriot Act, then it can get your hypervisor provider to cooperate with them as well. With your provider’s cooperation, you may have a backdoor inserted in the hypervisor courtesy of the government. Then, everything you do or store in the cloud is under Big Brother government surveillance.

    Scary stuff, right?

    The short answer: true, the government can indeed have backdoors in your hypervisor. However, they can also have backdoors in your operating system (maybe on your laptop) or your network (perhaps on your router), using the same laws to demand cooperation from the vendors. So the cloud is not uniquely vulnerable in this respect.

You must be logged in to reply to this topic.