Re: [PLUG] Sensitive Personal Information In the Cloud? Why bother?

Rich Freeman on 12 Mar 2014 09:49:49 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Sensitive Personal Information In the Cloud? Why bother?

From: Rich Freeman <r-plug@thefreemanclan.net>
To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>
Subject: Re: [PLUG] Sensitive Personal Information In the Cloud? Why bother?
Date: Wed, 12 Mar 2014 12:49:40 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:content-type; bh=4EI3JjMyruTktg6+jS/ShdLN1Luok8iMeu1Z4PwI044=; b=QJjY7SYv4avrBZ2Mi1ofLwJFVtZKDPScz25CaAIeRWdtXDuqdC+qSXKJywNnNQC+14 F2ZztgvMwaw2o6ccl4e4p/2b0WkwCuCN3+QePoaLwE9v3HKbMI3xfnB+RYMZniAcWAY2 Ek7rBJ3npcKNpcZT9VLGmhcCxPd86INnCxw8OcTmHDTSwVZtOBRGyCEpfe/6OmsZlHZj oNUizjKfpSux1dQlJm0sl5c2tCMBbbYjtMHSp2ztzf2/YWTd6tI0lWphjBiQuD/87Ol+ 7/0qSB777Zx2A4x+1qI08OKaxMvyTI7rvudf4QIqKDv/XueB66ggqXk+flSoRAN4QxEy X8Bw==
Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
Sender: "plug" <plug-bounces@lists.phillylinux.org>

On Wed, Mar 12, 2014 at 10:53 AM, Greg Helledy <gregsonh@gra-inc.com> wrote:
> This is a biggie, IMO.  The encryption considered very safe today could be
> trivial to crack 20 years from now.  If you wouldn't want the things you
> encrypt today being public 20 years from now, maybe cloud storage isn't the
> best choice.

20 years is a bit of a stretch in practice.  Some technologies that
old have been cracked, but only with resources that would not be
applied to anything not having a national security interest.  Other
technologies that old remain intact.

However, yes, it seems likely that there is little we can do to keep
data private forever.  Even if you don't keep it in the cloud there is
always a risk of theft/etc.  Who knows what rootkit lies in the heart
of your PC?

Security is all about managing risk.  There are certainly risks
associated with putting data in the cloud, but in practice there are
also risks in not putting data in the cloud.  I know I don't treat my
backups with the kind of procedural security most cloud providers are
likely to employ (well, not counting the backups I store in the
cloud)).  In fact, I consider my biggest risk if I have a disaster is
that all the local copies of my gpg key that encrypts my cloud backups
will turn out to be bad/lost/etc.  In that event, I'd welcome a swift
crack to RSA!  :)

Rich
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

Follow-Ups:
- Re: [PLUG] Sensitive Personal Information In the Cloud? Why bother?
  - From: brent saner <brent.saner@gmail.com>
- Re: [PLUG] Sensitive Personal Information In the Cloud? Why bother?
  - From: Michel van der List <plug@vanderlist.com>

References:
- [PLUG] Encrypting Sensitive Personal Information In the Cloud?
  - From: Louis Kratz <louis.kratz@gmail.com>
- [PLUG] Sensitive Personal Information In the Cloud? Why bother?
  - From: Casey Bralla <MailList@nerdworld.org>
- Re: [PLUG] Sensitive Personal Information In the Cloud? Why bother?
  - From: Art Clemons <artclemons@aol.com>
- Re: [PLUG] Sensitive Personal Information In the Cloud? Why bother?
  - From: Greg Helledy <gregsonh@gra-inc.com>

Prev by Date: Re: [PLUG] Btrfs Talk Slides
Next by Date: Re: [PLUG] Sensitive Personal Information In the Cloud? Why bother?
Previous by thread: Re: [PLUG] Sensitive Personal Information In the Cloud? Why bother?
Next by thread: Re: [PLUG] Sensitive Personal Information In the Cloud? Why bother?
Index(es):
- Date
- Thread