It’s not highly confidential information. Mostly its to use a machine with adequate ram. Besides I’m using end to end encryption instead of being MITMd by their third party ‘security’ gateway
Not particularly. Anything really secret I probably wouldn't put on that computer. I just don't see why other people should be allowed to access my data.
The biggest win, I think is the internal "e drive" encryption, so that a RAM dump doesn't spill keys. That even somewhat mitigates Lightning DMA attacks. (Although the attacker could just hijack the OS at that point.)
Some apps push data into the cloud without asking/having an option. For me this was Screens VNC, which synced semi-confidential information across my two computers without asking (all my bookmarks, except for the SSH/VNC passwords).
Arguably the external IP, SSH port, SSH username, internal IP and internal username of my client's confidential computer are only "security by obscurity", but I'd still rather have everything on my hard drive only by default.
Confidential Cloud is similar to end-to-end encryption, but with the added benefit of letting your personalized AI work for you even when you aren’t using the app.
You control who can decrypt your data
Your employer, we as software providers, and the government cannot decrypt your data without your permission, even with a subpoena to do so.
Your data is anonymized
There is an initial mapping from your application request to an anonymous ID, but after that, even we don't know whose encrypted data is whose.
Your data will never be sold
Not only do we pledge never to sell your data, but we couldn't even if we wanted to because we can't decrypt it without your permission.
Envelope encryption with unique secret keys
Data keys are used to encrypt your data and are themselves encrypted under a secret key. No one, including us, can export the secret keys.
Of course you take care to set up encryption at erst and in transit, it's not that difficult. In case of virtual machines they can still peek at the memory of your system just like AWS and others, the question is why would they take the trouble.
There's a simple solution to things like this. If you have data you'd consider top-secret, why the fuck is it on an internet-available PC. I mean if I need it stored on a PC, I'd store it on a non-networked PC and it's safe from all virus, Trojans and whatever else.
Good point. Yes, for me confidentiality is the primary concern. I run my own data duplication tasks to close the integrity gap. And availability is largely a non-issue for what I'm doing.
That's why I choose many times to not use cloud services but they may serve the purposes of others, especially if they are not as technically savvy.
I stay away from it because chunks of the data is hosted on your local machine, and it could potentially contain very unsavory data. Sure it's encrypted but try to explain that to your local law enforcement.
I tend to think that if the information I'm backing up is sensitive it should either be backed up only to services I run or should be encrypted before it gets sent to any 3rd party service. I wouldn't trust any "we can't see your data or know your credentials" assurance from a relatively unknown (or most known) 3rd parties.
It's maybe the wrong question, or part of a bigger question of how do you secure information you want to keep from a state-level actor. Your laptop may be part of that but also your mobile device, home phone, cloud services, and other people who also have access to the said data. Also how determined they are to get the data is another factor, and can they achieve what they need to another way without 'your' data.
Maybe I'm outing myself as a luddite, but I never understood the point of cloud computing for sensitive data in any case. If the system isn't end-to-end encrypted so it's only in plain text locally, I don't care whether it's the government can see it or some intern you hire to sysadmin for the summer can see it--I'm not putting sensitive data on that system.
I don't know how you guys think of this, but putting personal stuff into the cloud, aka others' computer, without encryption is not looking so personal to me.
Hindsight is 20/20 for sure, but for this use case confidentiality seems more important than availability.It is something of an impossible choice, but I've come to think that every service big or small gets hacked sooner or later. I'm thinking being a smaller target is better in that case.
OK. For the record, I worked at a government agency, at a GSE (both as a contractor, my company and the client both provided laptops only), and at a Fortune 100 company in the timeframe I quoted.
The sensitive information leakage thing is protected via full disk encryption in all those cases.
The problem is that I have signed a contract with my company that says I must keep the data on my company laptop private and encrypted. There are trade secrets in there. What should I do ? Only have blank laptops to cross the border and download everything through ssh once on the other side ?
reply