Dnia poniedziałek, 19 sierpnia 2013 13:12:35 Lodewijk andré de la porte pisze: > AES-128 is obviously not secure enough against NSA-type attacks. It works > against the random raid of the servers, the exploitative sysadmin and > perhaps even the remote exploit in the software. It also allows Google to > run storage nodes at a lower security level, which might help them smooth > operations. > > Nothing there to help against the agencies.
But the algo is really completely irrelevant here. They could have used OMGWTF-8096 and it would still be irrelevant. If the keys are being held by Google -- and as far as I understand, they have to -- the whole encryption is moot. They don't have to give the government the keys. They can just hand over the cleartext... The point about running nodes at a lower security level is interesting, though. Maybe that's the whole point: - Hey Joe, if we encrypt user data (and hold the keys), we could care less about these nodes' security. - Hey, yeah, Jack, this seems to be a good idea; and we could sell it to people as a "security enhancement", esp. after PRISM. - Oooh, I like this. I'll be talking to PR dept right away! -- Pozdr rysiek
signature.asc
Description: This is a digitally signed message part.
