[liberationtech] Chromebooks for Risky Situations?

Thu Feb 7 10:18:23 PST 2013

On Tue, Feb 05, 2013 at 10:29:49PM -0500, Nadim Kobeissi wrote:
> Now, for the obvious (and unfortunate!) downsides: Chromebooks natively
> encourage users to store all of their data on Google, leaving the company
> with an unbalanced amount of control over these machines, and attracting
> itself as a compromise target relevant to Chromebook users. 

Strongly agreed.

As the size of the organization grows, the probability that zero employees
are (a) taking payoffs/bribes (b) succumbing to extortion/blackmail
and/or (c) otherwise political/socially/economically/personal motivated
to do Bad Things decreases.

We could debate the shape of the curve, but I think it's darn near certain
that there is -- somewhere -- a Google employee doing (a) and a Google
employee doing (b) and a Google employee doing (c).  Of course there are.
There are simply too many of them for this not to be true.  The same
can be said of every large company and organization.

The question is thus not "do they exist?" because I think we already
know that they do.  The question, or questions rather, become things
like "What is their goal?", "What do they have access to?", "What
measures exist to prevent them from accessing things they shouldn't?",
"What measures exist to detect them trying to access things they
shouldn't?", "Will I find out if it happens to be my data?", and so on.

My own experience suggests that the answers to those last questions
are nearly always "nothing", "not much" and "no" even in places where we
would all hope otherwise.

So if you (rhetorical and plural you) are becoming an annoyance to whatever
government you're antagonizing because you're smart and effective,
then why wouldn't they consider dropping $100K in cash on a cloud engineer
in return for a USB drive full of everything you've all stored there?
Seems like a good investment.  Much less tedious than infiltrating
your group.  Probably cheaper and less risky.

Or why wouldn't they plan ahead and start getting their own people in the
pipeline for jobs there?  They could play the long game and gamble that
spending years training some of their own, putting them through school
at RIT or Michigan or GaTech and getting them into Rackspace and Google
and Twitter will one day pay off, when someone very very loyal to their
ideology and politics feeds them timely information.

Yes, you can encrypt everything -- if you're all diligent about that.
But the logs will still show when and where you were, and possibly who
is talking to who, how much information they're exchanging, and when.
(And there's the possibility that, in extremis, your communications can
be "accidentally" cut off just when you need them most.)

My point is that I don't think trusting *any* large organization is a
good move.  If you're going to store this kind of data anywhere but on
systems that you personally control, then pick the smallest, most obscure
ones you can find.  Better yet: don't build an architecture that relies
on centralized communications and thus is vulnerable to centralized
compromises; we've discussed Usenet here before and I think that sort
of decentralized architecture is a much better model for this application.

---rsk
--
Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE