| Michel van der List on 12 Mar 2014 15:53:06 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] Sensitive Personal Information In the Cloud? Why bother? |
Seems to me it would be rather easy to pull your data back from the cloud every 5 years and re-encrypt it with the best available crypto of the time and just schlep it back. Just put a reminder on your cloud based calendar. Aside from the fact that anyone who believes her/his data is somehow more secure at home is delusional (IMO of course!). The truth is that most individuals are not worth the APT time to get at their data, so your data is safe even with some minimal encryption regardless of the location. And the cloud gives you durability you can't get at home. Michel On 03/12/2014 12:49 PM, Rich Freeman wrote:
On Wed, Mar 12, 2014 at 10:53 AM, Greg Helledy <gregsonh@gra-inc.com> wrote:This is a biggie, IMO. The encryption considered very safe today could be trivial to crack 20 years from now. If you wouldn't want the things you encrypt today being public 20 years from now, maybe cloud storage isn't the best choice.20 years is a bit of a stretch in practice. Some technologies that old have been cracked, but only with resources that would not be applied to anything not having a national security interest. Other technologies that old remain intact. However, yes, it seems likely that there is little we can do to keep data private forever. Even if you don't keep it in the cloud there is always a risk of theft/etc. Who knows what rootkit lies in the heart of your PC? Security is all about managing risk. There are certainly risks associated with putting data in the cloud, but in practice there are also risks in not putting data in the cloud. I know I don't treat my backups with the kind of procedural security most cloud providers are likely to employ (well, not counting the backups I store in the cloud)). In fact, I consider my biggest risk if I have a disaster is that all the local copies of my gpg key that encrypts my cloud backups will turn out to be bad/lost/etc. In that event, I'd welcome a swift crack to RSA! :) Rich ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug