Dnia wtorek, 20 sierpnia 2013 14:30:52 Moon Jones pisze:
On 18.08.2013 23:55, rysiek wrote:
PRISM caused a ot of fear but now we can finally feel safe again -- Google will encrypt all Google Drive storage with user-supplied keys: http://it.slashdot.org/story/13/08/16/239253/
I know slashdot does not generate articles. It only links to articles, sometimes in a VERY misleading paragraph, than leaves some uninformed geeks debate about the misleading text.
The article you most probably missed is some other place[1]
And the text supports that first paragraph of yours. But nothing of the rest of your text.
Humm, true. Not Google Drive, but Google Cloud Storage. My bad.
So our data will be perfectly safe with them, right? Right?.. ;)
Seriously, though, this is very, very bad for us. Normals will point to that and say "hey, Google does the Right Thing and we can be safe there, so we should all use Google now. They have encryption and stuff."
Could you expand on «this is very, very bad for us»?
Well, if it's the developer-oriented GCS, not Google Drive, it's just a bit less bad for us. Thing is, this encryption scheme (in which, from what I read, Google has access to "master keys" and has the technical ability to decrypt data once it's subpoenad) brings no additional safety to users. It sounds great ("we support encryption! and we're doing it with several keys! that has to be safe, eh?"), but it does effectively nothing to actually protect users and their data from PRISM and similar programmes. And that means it will be this harder for us to explain why this is a bad scheme ("wait, you're saying encryption is evil? now I am confused!") and why people should use other methods of protecting their privacy and their data. -- Pozdr rysiek