lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAKLh_qyR-DvEDeLbaPsP2YYWQ7LwROQGO4Hzg70-e9a7yjsKgA@mail.gmail.com>
Date: Tue, 11 Jun 2013 13:04:16 +1000
From: "Ivan .Heca" <ivanhec@...il.com>
To: noloader@...il.com
Cc: full-disclosure <full-disclosure@...ts.grok.org.uk>
Subject: Re: Why PRISM kills the cloud | Computerworld
	Blogs

A number of cloud provider business plans will need tweaking now....
On 11/06/2013 11:30 AM, "Jeffrey Walton" <noloader@...il.com> wrote:

> On Mon, Jun 10, 2013 at 9:15 PM, laurent gaffie
> <laurent.gaffie@...il.com> wrote:
> > Why is the Prims program such a big deal today?  Most of us  knew about
> > echelon and the patriot act didn't we? This program was unconstitutional
> at
> > the first place and should have raised indignation when it was approved
> at
> > that time...
> +1.
>
> Below is my standard verbiage on clouds and backups to clouds.
>
> Jeff
>
> clouds and drop boxes. If you don’t want your data analyzed,
> inspected, shared, or mishandled, then don’t provide it in the first
> place. Data migration includes backups, so ensure you are using the
> proper attributes on your files. For Apple systems, the file should
> have kCFURLIsExcludedFromBackupKey file property or
> com.apple.MobileBackup extended attribute (see Technical Q&A QA1719
> for details). Android applications should add android:allowBackup on
> the application tag and set it to false in AndroidManifest.xml.
> Windows’ integrated cloud backup is new, and there’s currently no way
> for an application to back up to the cloud (and hence, no way to stop
> it).
>
> A layman’s analysis of License Agreements and Terms and Conditions
> will reveal how little security is afforded to your documents in cloud
> storage. For those who don’t read them, one popular platform has 142
> separate documents covering Terms of Conditions for its cloud
> alone.[18] The documents discuss your rights if the company (1) gives
> away your data, (2) shares you data with partners, (3) looses your
> data, (4) provides your data to authorities (sometimes without an
> order or warrant), (5) does not provide reasonable skill or care, (6)
> commits willful misconduct or fraud, and (7) acts with negligence or
> gross negligence. “Your rights” is misleading since it is consent, and
> the document effectively states you indemnify the company: “You agree
> to defend, indemnify and hold [company], its affiliates, subsidiaries,
> directors, officers, employees, agents, partners, contractors, and
> licensors harmless from any claim or demand, including reasonable
> attorneys’ fees, made by a third party.”[19]
>
> [18] iCloud Terms and Conditions,
> https://www.apple.com/legal/internet-services/icloud/ww/
> [19] iCLOUD TERMS AND CONDITIONS,
> https://www.apple.com/legal/internet-services/icloud/en/terms.html
>
> > Le 2013-06-10 19:46, "Ivan .Heca" <ivanhec@...il.com> a écrit :
> >>
> >>
> http://m.blogs.computerworld.com/cloud-storage/22305/why-prism-kills-cloud
> >>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists