lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 11 Jun 2013 08:28:28 +0200
From: Daniel Preussker <>
Subject: Re: Why PRISM kills the cloud | Computerworld

+1 (including +1 for the 'rant' about cloud)

Daniel Preussker

[ Security Consultant, Network & Protocol Security and Cryptography
[ LPI & Novell Certified Linux Engineer and Researcher
[ +49 178 600 96 30
[ Daniel@...ussker.Net

On 11.06.2013, at 03:30, Jeffrey Walton wrote:

> On Mon, Jun 10, 2013 at 9:15 PM, laurent gaffie
> <> wrote:
>> Why is the Prims program such a big deal today?  Most of us  knew about
>> echelon and the patriot act didn't we? This program was unconstitutional at
>> the first place and should have raised indignation when it was approved at
>> that time...
> +1.
> Below is my standard verbiage on clouds and backups to clouds.
> Jeff
> clouds and drop boxes. If you don’t want your data analyzed,
> inspected, shared, or mishandled, then don’t provide it in the first
> place. Data migration includes backups, so ensure you are using the
> proper attributes on your files. For Apple systems, the file should
> have kCFURLIsExcludedFromBackupKey file property or
> extended attribute (see Technical Q&A QA1719
> for details). Android applications should add android:allowBackup on
> the application tag and set it to false in AndroidManifest.xml.
> Windows’ integrated cloud backup is new, and there’s currently no way
> for an application to back up to the cloud (and hence, no way to stop
> it).
> A layman’s analysis of License Agreements and Terms and Conditions
> will reveal how little security is afforded to your documents in cloud
> storage. For those who don’t read them, one popular platform has 142
> separate documents covering Terms of Conditions for its cloud
> alone.[18] The documents discuss your rights if the company (1) gives
> away your data, (2) shares you data with partners, (3) looses your
> data, (4) provides your data to authorities (sometimes without an
> order or warrant), (5) does not provide reasonable skill or care, (6)
> commits willful misconduct or fraud, and (7) acts with negligence or
> gross negligence. “Your rights” is misleading since it is consent, and
> the document effectively states you indemnify the company: “You agree
> to defend, indemnify and hold [company], its affiliates, subsidiaries,
> directors, officers, employees, agents, partners, contractors, and
> licensors harmless from any claim or demand, including reasonable
> attorneys’ fees, made by a third party.”[19]
> [18] iCloud Terms and Conditions,
>> Le 2013-06-10 19:46, "Ivan .Heca" <> a écrit :
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:
> Hosted and sponsored by Secunia -

Download attachment "PGP.sig" of type "application/pgp-signature" (842 bytes)

Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia -

Powered by blists - more mailing lists