Re: Ubuntu One needs cloud encryption like LastPass does it
On Sat, Apr 07, 2012 at 07:36:56PM +0100, Dale Amon wrote: On Sat, Apr 07, 2012 at 11:23:40AM -0400, Sam Smith wrote: here's what they say about FOSS https://spideroak.com/engineering_matters#open_source note that Canonical has cloud stuff that is not open source. Some companies apparently can't remain competitive if everything is open sourced. Thanks. I printed that our for reading over at the coffeehouse after Easter. I went over it today. If they actually do what they say they are doing, it looks fairly good. Enough so that I'm going to check with a friend who is a bit more expert with (and paranoid about) encryption infrastructure. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Ubuntu One needs cloud encryption like LastPass does it
On Sun, Apr 08, 2012 at 11:55:25AM +0800, John McCabe-Dansted wrote: LastPass may be secure today, but it is trivially easy for LastPass (or a hypothetical attacker who gains access to LastPass's infrastructure) to compromise that security simply by replacing the javascript code which does the client side encryption and decryption with some code that also passes the encryption key back up to the server (or wherever). Hmm, in principle Firefox could support native encryption, where you add the key to Firefox directly before even visiting the website. Being a bit careful about frames and/or javascript should give you a secure solution. The major issue then is, if security matters to you, why do you want to access these files from the web? Are you sitting down on an untrusted computer and just blindy entering your encryption key? Still, adding support for securely encrypted files as a cross browser standard seems like a fundamentally cool thing to do. When Mozilla first came out, they had some built in encryption capability. The NSA folks forced them to remove it and even the hooks. I kept my own copy patched for awhile I just lacked the time. And then Zimmerman and his pgp pretty much broke the back of those efforts to keep strong encryption out of the hands of real people and the capabilities gradually returned. Do not ever trust these people. If you have a company that is US based (some other countries are probably even worse), someone will show up (or less melodramatically, you will receive a very official letter) and tell you who you are going to co-operate with them. And that you really do not have a choice. A friend of mine who had his own small ISP for a few customers had the FBI show up at his door to tell him that he had to supply them with a link for for monitoring his dial up connections. He chose to remove the dialups entirely and they went away. Some ISP's here in the UK at one point got told they had to supply a leased line to the police at their own expense. So make no mistake. Point to point encryption with locally held secure keys it the *ONLY* choice if you actually want privacy and not pretend privacy. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
RE: Ubuntu One needs cloud encryption like LastPass does it
here's what they say about FOSS https://spideroak.com/engineering_matters#open_source note that Canonical has cloud stuff that is not open source. Some companies apparently can't remain competitive if everything is open sourced. Date: Fri, 6 Apr 2012 00:25:47 +0100 From: a...@vnl.com To: smick...@hotmail.com CC: ubuntu-devel-discuss@lists.ubuntu.com Subject: Re: Ubuntu One needs cloud encryption like LastPass does it On Thu, Apr 05, 2012 at 06:42:23PM -0400, Sam Smith wrote: The point is that SpiderOak (and Lastpass) never know the user's password. And never receive the encryption key. The key never leaves the user's computer. The server never gets it. The only thing that ever lands on the server is an encrypted blob. What this means is that the user doesn't have to worry about the 3rd party taking care of the data. If the 3rd party is hacked, if the 3rd party has a rogue employee, etc. The data has a much better chance of being safe than if it's implemented like say iCloud where even if the data is encrypted Apple holds the encryption key and can access the data anytime they want. If Apple can access the data, a rogue employee and a hacker can potentially access the data. Are SpiderOak and LastPass FOSS? -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Ubuntu One needs cloud encryption like LastPass does it
On Sat, Apr 07, 2012 at 11:23:40AM -0400, Sam Smith wrote: here's what they say about FOSS https://spideroak.com/engineering_matters#open_source note that Canonical has cloud stuff that is not open source. Some companies apparently can't remain competitive if everything is open sourced. Thanks. I printed that our for reading over at the coffeehouse after Easter. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Ubuntu One needs cloud encryption like LastPass does it
LastPass may be secure today, but it is trivially easy for LastPass (or a hypothetical attacker who gains access to LastPass's infrastructure) to compromise that security simply by replacing the javascript code which does the client side encryption and decryption with some code that also passes the encryption key back up to the server (or wherever). Hmm, in principle Firefox could support native encryption, where you add the key to Firefox directly before even visiting the website. Being a bit careful about frames and/or javascript should give you a secure solution. The major issue then is, if security matters to you, why do you want to access these files from the web? Are you sitting down on an untrusted computer and just blindy entering your encryption key? Still, adding support for securely encrypted files as a cross browser standard seems like a fundamentally cool thing to do. -- John C. McCabe-Dansted -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Ubuntu One needs cloud encryption like LastPass does it
On Wed, Apr 04, 2012 at 07:55:09PM -0400, Sam Smith wrote: I use SpiderOak because it offers client-side encryption. It provides the security privacy I seek. I'd prefer to use Ubuntu One, but until it supports client-side AES 256-bit encryption additionally encrypts the decryption key itself (like SpiderOak does) I won't even consider it. And rightly so. With the new NSA capabilities going into place and the atmosphere around the world, you are absolutely not safe in your privacy if it is possible for anyone to acquire your keys or decrypt your files without stealing your computer and beating or threatening the password out of you. I include various State's laws seizures and court orders under the classification of 'stealing and threatening'. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Ubuntu One needs cloud encryption like LastPass does it
On Thu, Apr 5, 2012 at 8:18 AM, Dale Amon a...@vnl.com wrote: On Wed, Apr 04, 2012 at 07:55:09PM -0400, Sam Smith wrote: I use SpiderOak because it offers client-side encryption. It provides the security privacy I seek. I'd prefer to use Ubuntu One, but until it supports client-side AES 256-bit encryption additionally encrypts the decryption key itself (like SpiderOak does) I won't even consider it. And rightly so. With the new NSA capabilities going into place and the atmosphere around the world, you are absolutely not safe in your privacy if it is possible for anyone to acquire your keys or decrypt your files without stealing your computer and beating or threatening the password out of you. I include various State's laws seizures and court orders under the classification of 'stealing and threatening'. Encrypting the encryption key has nothing to do with security, you guys are spreading FUD and assumptions now IMO. Encrypting the key has to do with usability, it's no more secure than having a single encryption key that you have memorized and actually it's the same concept except fragmented between you and the data... they still need only attempt to break into a single file and then they have access to all the other files... They encrypt your encryption key because it's much more feasible to re-encrypt a single file then it is to re-encrypt the entire set of fragmented data. Whether on your computer or not if you have gigabytes or hundreds of gigabytes of data it could take quite a long time to re-encrypt it unless you have dedicated crypto hardware. Then you have to re-upload all that data again, wasting their bandwidth and wasting more space on their servers. This is why utilities just create a strong encryption key for themselves and encrypt that file with your key. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Ubuntu One needs cloud encryption like LastPass does it
On Thu, Apr 05, 2012 at 11:32:33AM -0500, Jordon Bedwell wrote: On Thu, Apr 5, 2012 at 8:18 AM, Dale Amon a...@vnl.com wrote: Encrypting the encryption key has nothing to do with security, you I agree. dedicated crypto hardware. Then you have to re-upload all that data again, wasting their bandwidth and wasting more space on their servers. This is why utilities just create a strong encryption key for themselves and encrypt that file with your key. That is the price you pay. You cannot use any encryption key that leaves your possession. Many so called 'free' countries now have laws in place that any vendor must hand keys over to them on demand and not tell *anyone* they have done so or face long prison terms. The only answer to this is to ensure that will get them nothing useful. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
RE: Ubuntu One needs cloud encryption like LastPass does it
The point is that SpiderOak (and Lastpass) never know the user's password. And never receive the encryption key. The key never leaves the user's computer. The server never gets it. The only thing that ever lands on the server is an encrypted blob. What this means is that the user doesn't have to worry about the 3rd party taking care of the data. If the 3rd party is hacked, if the 3rd party has a rogue employee, etc. The data has a much better chance of being safe than if it's implemented like say iCloud where even if the data is encrypted Apple holds the encryption key and can access the data anytime they want. If Apple can access the data, a rogue employee and a hacker can potentially access the data. Date: Thu, 5 Apr 2012 11:32:33 -0500 Subject: Re: Ubuntu One needs cloud encryption like LastPass does it From: jor...@envygeeks.com To: a...@vnl.com CC: smick...@hotmail.com; ubuntu-devel-discuss@lists.ubuntu.com On Thu, Apr 5, 2012 at 8:18 AM, Dale Amon a...@vnl.com wrote: On Wed, Apr 04, 2012 at 07:55:09PM -0400, Sam Smith wrote: I use SpiderOak because it offers client-side encryption. It provides the security privacy I seek. I'd prefer to use Ubuntu One, but until it supports client-side AES 256-bit encryption additionally encrypts the decryption key itself (like SpiderOak does) I won't even consider it. And rightly so. With the new NSA capabilities going into place and the atmosphere around the world, you are absolutely not safe in your privacy if it is possible for anyone to acquire your keys or decrypt your files without stealing your computer and beating or threatening the password out of you. I include various State's laws seizures and court orders under the classification of 'stealing and threatening'. Encrypting the encryption key has nothing to do with security, you guys are spreading FUD and assumptions now IMO. Encrypting the key has to do with usability, it's no more secure than having a single encryption key that you have memorized and actually it's the same concept except fragmented between you and the data... they still need only attempt to break into a single file and then they have access to all the other files... They encrypt your encryption key because it's much more feasible to re-encrypt a single file then it is to re-encrypt the entire set of fragmented data. Whether on your computer or not if you have gigabytes or hundreds of gigabytes of data it could take quite a long time to re-encrypt it unless you have dedicated crypto hardware. Then you have to re-upload all that data again, wasting their bandwidth and wasting more space on their servers. This is why utilities just create a strong encryption key for themselves and encrypt that file with your key. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Ubuntu One needs cloud encryption like LastPass does it
On Thu, Apr 05, 2012 at 06:42:23PM -0400, Sam Smith wrote: The point is that SpiderOak (and Lastpass) never know the user's password. And never receive the encryption key. The key never leaves the user's computer. The server never gets it. The only thing that ever lands on the server is an encrypted blob. What this means is that the user doesn't have to worry about the 3rd party taking care of the data. If the 3rd party is hacked, if the 3rd party has a rogue employee, etc. The data has a much better chance of being safe than if it's implemented like say iCloud where even if the data is encrypted Apple holds the encryption key and can access the data anytime they want. If Apple can access the data, a rogue employee and a hacker can potentially access the data. Are SpiderOak and LastPass FOSS? -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Ubuntu One needs cloud encryption like LastPass does it
On Thu, Apr 5, 2012 at 5:42 PM, Sam Smith smick...@hotmail.com wrote: The point is that SpiderOak (and Lastpass) never know the user's password. And never receive the encryption key. The key never leaves the user's computer. The server never gets it. The only thing that ever lands on the server is an encrypted blob. From their website Retrieve files from any internet-connected device, Access all your data in one de-duplicated location... I know to the easy consumer that doesn't spell lies but to me it reads We do know your encryption key, if we want to and little do you know, we do have the ability to get the key that encrypts the encryption key too. Companies lie all the time, or they tell pieces of a story and never tell the entire story. Though I don't know if it's more of a lie then an assumption on their end and maybe even they themselves not even understanding what could possibly go wrong, or they just don't care because the user doesn't pay too much attention after WE NEVER KNOW. The key to knowing the full story is read Retrieve files from any internet-connected device. To add to it, let me point out this: Easily access all of your data from any device within your SpiderOak network or on the web which contradicts this: SpiderOak never stores or knows a user's password or the plaintext encryption keys which means not even SpiderOak employees can access the data and it's no so much a direct contradiction as much as an arrogant assumption that we (or I guess only I in this conversation) don't realise that their employees do have a way to access it, they just need to do a couple minutes worth of work, that is what makes it contradict. What this means is that the user doesn't have to worry about the 3rd party taking care of the data. If the 3rd party is hacked, if the 3rd party has a rogue employee, etc. The data has a much better chance of being safe than if it's implemented like say iCloud where even if the data is encrypted Apple holds the encryption key and can access the data anytime they want. If Apple can access the data, a rogue employee and a hacker can potentially access the data. As you argue for encryption on UbuntuOne you need realise that all third parties are adversaries, Ubuntu is one and so is SpiderOak. It's not much more secure, yes it *might* be considered more secure from external adversaries after they have the data but it surely isn't more secure from internal ones, the fact that you can access your data from 'anywhere' proves that. That rogue employee need only attack the website from inside the company and all is lost, or push out a dirty update and even more is lost. You think it can't happen, ask Google if it can. You aren't as safe as you assume, you are not even seeing the entire picture of all possible attacks. Just because Apple or Ubuntu can access the data doesn't mean that an external 'hacker' can. That is an arrogant assumption IMO, the only difference in this case is that even if the so called 'hacker' gets your data he need do more work but the fact he got your data in the first place is just as bad in both cases, irregardless of the encryption, you are just protected (somewhat, depending and one could only really know if they actually know how they use the encryption. So at this point I would assume I am no more secure if using SpiderOak.) You are just as vulnerable to actual data theft encrypted or unencrypted, and by data I mean any data, encrypted or not. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Ubuntu One needs cloud encryption like LastPass does it
I would not be so harsh on these companies. They are very quietly *told* that they will comply with the will of certain agencies. Or else. And they are not allowed to tell their customers. Or else... But they are trying to sell security. So what are they going to do? They are going to do a doublethink and try to give you something that is Mostly Secure. Except against certain parties. The encryption key cannot sit on the 3rd party site. It has to be resident on your own computer and under the owners control only. You cannot access secure data anywhere from any computer. You can only access it from particular machines on which you have your secure key, or via a USB key that contains a copy of the user key. The user's password for their crypto key should never, ever go out across the internet. It should happen locally, within the secure machine. This is all Crypto 101. It's not like it was something new or strange. I do not know the details, so I will ask: is it the case that: * The user crypto key is generated on the the user machine. * The password for the user key is set on the user machine and never leaves it. * The user crypto key never leaves their machine(s). * The user's password for their crypto key is never used outside the confines of their local machine. * The data is fully encrypted on the user machine and only encrypted data transits the net and sits on the storage server. * The encryption algorithm is such that no key except the one on the users machine can decrypt the remotely stored data. Unless all four statements are true, the data is *not* safe. If the statement made in the other reply is true, and you can 'retrieve your data from any internet device' then it is patently obvious that data security *is* violated. Dale Amon CEO Immortal Data Corporation -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Ubuntu One needs cloud encryption like LastPass does it
On 04/05/2012 01:33 PM, Jordon Bedwell wrote: On Thu, Apr 5, 2012 at 5:42 PM, Sam Smithsmick...@hotmail.com wrote: The point is that SpiderOak (and Lastpass) never know the user's password. And never receive the encryption key. The key never leaves the user's computer. The server never gets it. The only thing that ever lands on the server is an encrypted blob. From their website Retrieve files from any internet-connected device, Access all your data in one de-duplicated location... I know to the easy consumer that doesn't spell lies but to me it reads We do know your encryption key, if we want to and little do you know, we do have the ability to get the key that encrypts the encryption key too. Companies lie all the time, or they tell pieces of a story and never tell the entire story. Though I don't know if it's more of a lie then an assumption on their end and maybe even they themselves not even understanding what could possibly go wrong, or they just don't care because the user doesn't pay too much attention after WE NEVER KNOW. The key to knowing the full story is read Retrieve files from any internet-connected device. To add to it, let me point out this: Easily access all of your data from any device within your SpiderOak network or on the web which contradicts this: SpiderOak never stores or knows a user's password or the plaintext encryption keys which means not even SpiderOak employees can access the data and it's no so much a direct contradiction as much as an arrogant assumption that we (or I guess only I in this conversation) don't realise that their employees do have a way to access it, they just need to do a couple minutes worth of work, that is what makes it contradict. It might not harm to actually look around for technical details before deciding what a service is or isn't providing, rather than trying to interpret from the marketing speak. You can get a much better picture from here: https://spideroak.com/engineering_matters https://spideroak.com/engineering_matters#user_auth -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Ubuntu One needs cloud encryption like LastPass does it
Six statements rather... I added the other two initial ones as I thought more deeply on it. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Ubuntu One needs cloud encryption like LastPass does it
On Thu, 2012-04-05 at 18:33 -0500, Jordon Bedwell wrote: On Thu, Apr 5, 2012 at 5:42 PM, Sam Smith smick...@hotmail.com wrote: The point is that SpiderOak (and Lastpass) never know the user's password. And never receive the encryption key. The key never leaves the user's computer. The server never gets it. The only thing that ever lands on the server is an encrypted blob. From their website Retrieve files from any internet-connected device, Access all your data in one de-duplicated location... I know to the easy consumer that doesn't spell lies but to me it reads We do know your encryption key, if we want to and little do you know, we do have the ability to get the key that encrypts the encryption key too. Companies lie all the time, or they tell pieces of a story and never tell the entire story. Though I don't know if it's more of a lie then an assumption on their end and maybe even they themselves not even understanding what could possibly go wrong, or they just don't care because the user doesn't pay too much attention after WE NEVER KNOW. The key to knowing the full story is read Retrieve files from any internet-connected device. To add to it, let me point out this: Easily access all of your data from any device within your SpiderOak network or on the web which contradicts this: SpiderOak never stores or knows a user's password or the plaintext encryption keys which means not even SpiderOak employees can access the data and it's no so much a direct contradiction as much as an arrogant assumption that we (or I guess only I in this conversation) don't realise that their employees do have a way to access it, they just need to do a couple minutes worth of work, that is what makes it contradict. None of the statements you quote above are proof of lying (or incompetence), or even indicative of it. The crux of the issue is simply that SpiderOak is a proprietary program and so you don't know what it REALLY does. The model that SpiderOak documents on their web site IS secure. It's definitely more secure than ubuntuOne. The passphrase is never sent to the server at all and the content cannot be (reasonably) decrypted without the passphrase. They have a downloadable application that runs on your local system, and if you use that and never use their web interface to browse your files then your passphrase is never transmitted over any network at all, encrypted or not. If the software behaves as documented, then they are right: SpiderOak employees cannot decrypt your files. Period. Phrases like retrieve files from any internet-connected device don't matter: it just means you enter that passphrase into the application running on the local device to decrypt the files after they're downloaded from the servers: it doesn't require the passphrase to be transmitted to the servers. Of course the problem is IF, above: the _documented_ model is secure, but that doesn't stop a SpiderOak employee with sufficient access from adding a back door to the application, which will grab the passphrases and send them along. That's a risk with ANY encryption software that you didn't write completely yourself, of course, even ssh etc., but it's much more risky with proprietary software for obvious reasons. If that's what you meant, then you should have just said so clearly instead of couching it in ominous-sounding hints and accusations. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Ubuntu One needs cloud encryption like LastPass does it
On Fri, 2012-04-06 at 01:41 +0100, Dale Amon wrote: I do not know the details, so I will ask: is it the case that: All we can know for sure is the way the system is DOCUMENTED to work, as I said in my other email. * The user crypto key is generated on the the user machine. Yes. * The password for the user key is set on the user machine and never leaves it. Yes. Well, the passphrase is in your head obviously, so of course it's available wherever your head is. * The user crypto key never leaves their machine(s). No, I believe they upload the generated key to the server, after it's been encrypted with your passphrase. * The user's password for their crypto key is never used outside the confines of their local machine. Yes, as long as you don't use their website to access your content and only use the local tool. * The data is fully encrypted on the user machine and only encrypted data transits the net and sits on the storage server. Yes. * The encryption algorithm is such that no key except the one on the users machine can decrypt the remotely stored data. Yes. If the statement made in the other reply is true, and you can 'retrieve your data from any internet device' then it is patently obvious that data security *is* violated. Why is it patently obvious? I'm sure when they say any internet device they don't mean devices that do not have access to the secure tokens necessary to decrypt the content. They mean a device that has internet access (so it can retrieve the encrypted content from the server), and where you can enter your passphrase to decrypt it. Even if they did not upload the crypto key, that doesn't mean that you couldn't have it with you on a USB key or something, and still access your data from any internet device. I'm sure that they felt that forcing you to keep both the passphrase AND the crypto key yourself was simply not a commercially viable solution for the general public. It would be nice if they offered an option (with appropriate cautions) to not upload the keys at all, I agree. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Ubuntu One needs cloud encryption like LastPass does it
On Thu, Apr 05, 2012 at 09:18:37PM -0400, Paul Smith wrote: I'm sure that they felt that forcing you to keep both the passphrase AND the crypto key yourself was simply not a commercially viable solution for the general public. It would be nice if they offered an option (with appropriate cautions) to not upload the keys at all, I agree. And I am not knocking them for doing a less secure system, I simply want to be aware so I can make an informed choice. There are different levels of privacy and they require different sets of rules. To put it humorously, let's say you just slept with your wife's best friend and have a letter about the tryst. You might: * Not care if anyone in the world who can find it can read it. * Not care if the CIA knows I slept with her. * Really do *not* want *anyone* to *ever* know! Each requires a different way of thinking about security and your own privacy. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
RE: Ubuntu One needs cloud encryption like LastPass does it
I use SpiderOak because it offers client-side encryption. It provides the security privacy I seek. I'd prefer to use Ubuntu One, but until it supports client-side AES 256-bit encryption additionally encrypts the decryption key itself (like SpiderOak does) I won't even consider it. From: jtodd...@hotmail.com To: m...@funkyhat.org; ubuntu-devel-discuss@lists.ubuntu.com Subject: RE: Ubuntu One needs cloud encryption like LastPass does it Date: Sat, 24 Mar 2012 08:57:19 -0400 Even assuming this is true, why is it still not a good idea for Ubuntu One to implement the same encryption setup of the user having the only key. From: m...@funkyhat.org Date: Sat, 24 Mar 2012 02:00:20 + Subject: Re: Ubuntu One needs cloud encryption like LastPass does it To: jtodd...@hotmail.com CC: jor...@envygeeks.com; ubuntu-devel-discuss@lists.ubuntu.com On 23 March 2012 23:36, Jason Todd jtodd...@hotmail.com wrote: Guys, please read these (or listen to the podcasts): http://www.grc.com/sn/sn-256.htm http://www.grc.com/sn/sn-257.htm Things being said seem to conflict with what I learned from this episode of security now on how lastpass works. Essentially: LastPass is very secure and no one can access the data except the user. LastPass may be secure today, but it is trivially easy for LastPass (or a hypothetical attacker who gains access to LastPass's infrastructure) to compromise that security simply by replacing the javascript code which does the client side encryption and decryption with some code that also passes the encryption key back up to the server (or wherever). -- Matt Wheeler m...@funkyhat.org -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
RE: Ubuntu One needs cloud encryption like LastPass does it
Even assuming this is true, why is it still not a good idea for Ubuntu One to implement the same encryption setup of the user having the only key. From: m...@funkyhat.org Date: Sat, 24 Mar 2012 02:00:20 + Subject: Re: Ubuntu One needs cloud encryption like LastPass does it To: jtodd...@hotmail.com CC: jor...@envygeeks.com; ubuntu-devel-discuss@lists.ubuntu.com On 23 March 2012 23:36, Jason Todd jtodd...@hotmail.com wrote: Guys, please read these (or listen to the podcasts): http://www.grc.com/sn/sn-256.htm http://www.grc.com/sn/sn-257.htm Things being said seem to conflict with what I learned from this episode of security now on how lastpass works. Essentially: LastPass is very secure and no one can access the data except the user. LastPass may be secure today, but it is trivially easy for LastPass (or a hypothetical attacker who gains access to LastPass's infrastructure) to compromise that security simply by replacing the javascript code which does the client side encryption and decryption with some code that also passes the encryption key back up to the server (or wherever). -- Matt Wheeler m...@funkyhat.org -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
RE: Ubuntu One needs cloud encryption like LastPass does it
Are you familiar with LastPass? Everything you said, you can do with LastPass: make it more convenient, access your files from anywhere (including the website), stream your own music, share your files Using secure encryption that occurs on the computer before it leaves for the cloud does not prevent any of the things you seem to think it does. From: be...@ubuntu.com Date: Thu, 22 Mar 2012 16:32:09 -0300 Subject: Re: Ubuntu One needs cloud encryption like LastPass does it To: jtodd...@hotmail.com CC: ubuntu-devel-discuss@lists.ubuntu.com On Thu, Mar 22, 2012 at 3:41 PM, Jason Todd jtodd...@hotmail.com wrote: I wanted to leave a note expressing my hopes that if Ubuntu One ever gets encryption capabilities, that the encryption be implemented in the same way that LASTPASS does it (http://lastpass.com). Which is that the data is all encrypted on the user's machine before it goes into the cloud, and the user is the only who has the key to decrypt the data. This kind of encryption setup would be safe secure and would lead me to trust the Ubuntu One cloud services. ...but then you wouldn't be able to interact with your data beyond your own computers. Ubuntu One's focus is to make it more convenient, access your files from anywhere (including the website), stream your own music, share your files, and well, more to come in that direction. You can either have very secure or convenient, and there's services catering to both. We believe that if you really want to keep your data safe, than you can encrypt it yourself, so it'll get uploaded encrypted (at the expense of it being inconvenient to decrypt to use it). DejaDup does this for you by default in Ubuntu, and backs up, safely and securely to Ubuntu One. As for the general consumer, they are attracted towards cloud services for the convenience (this is not an opinion, this is research). Both things are real uses cases, but in many cases mutually exclusive. -- Martin -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Ubuntu One needs cloud encryption like LastPass does it
On Fri, Mar 23, 2012 at 3:34 PM, Sam Smith smick...@hotmail.com wrote: Using secure encryption that occurs on the computer before it leaves for the cloud does not prevent any of the things you seem to think it does. Of course it does, if it's encrypted, and only you can access it, then it can't be displayed on a web page. The closest you can get is by entering your credentials to decrypt in memory, but it still means you're giving up your credentials to the servers. The fact that they're saved or discarded is an implementation detail that can change at a blink of an eye. -- Martin -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Ubuntu One needs cloud encryption like LastPass does it
On Fri, Mar 23, 2012 at 1:34 PM, Sam Smith smick...@hotmail.com wrote: Everything you said, you can do with LastPass: make it more convenient, access your files from anywhere (including the website), stream your own music, share your files Using secure encryption that occurs on the computer before it leaves for the cloud does not prevent any of the things you seem to think it does. The other gentleman is correct, for a service to be considered secure, in real world terms and real world application you would not have access to your data in decrypted form via a website, you would only be able to download the encrypted pieces. Secure encryption is not so secure when you decrypt it from a website using a server that you originally tried to avoid having encrypt it. What I am saying is, what is so secure about the encryption you are using if you let a third party decrypt it, one that can obviously intercept your key quite easily and decrypt it anytime they want to. It's no more secure then just having them encrypt it with their own keys that they make up for you, sort of like drop box. Actually, it's a false sense of security they are giving you at this point, and in my eyes a fraudulent claim of being more secure then others because 'you control the encryption key' when in all honest opinions, they could just intercept it anytime they wanted to so you are back to square one. At this point, secure is out the door, and it's just become another drop box, actually, one that just hasn't been called out about it yet. Be round-a-bout with your terminology all you want so people don't realise that they are no more secure then they were but the truth is still there when you read between the evasion. The short of the short is, for a service to be truly secure the company hosting it must not have access to any of the encryption keys and only the encrypted data, your data is either encrypted and unavailable, period, or your data is decrypted and available, not a false sense of security where Jim thinks he's secure because he controls the encryption key, not realising that the company claiming he's more secure because he controls the encryption key, can in fact intercept said key anytime they want to. It's not security, it's not-so-clever marketing. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
RE: Ubuntu One needs cloud encryption like LastPass does it
Guys, please read these (or listen to the podcasts): http://www.grc.com/sn/sn-256.htm http://www.grc.com/sn/sn-257.htm Things being said seem to conflict with what I learned from this episode of security now on how lastpass works. Essentially: LastPass is very secure and no one can access the data except the user. Date: Fri, 23 Mar 2012 18:25:04 -0500 Subject: Re: Ubuntu One needs cloud encryption like LastPass does it From: jor...@envygeeks.com To: smick...@hotmail.com CC: ubuntu-devel-discuss@lists.ubuntu.com On Fri, Mar 23, 2012 at 1:34 PM, Sam Smith smick...@hotmail.com wrote: Everything you said, you can do with LastPass: make it more convenient, access your files from anywhere (including the website), stream your own music, share your files Using secure encryption that occurs on the computer before it leaves for the cloud does not prevent any of the things you seem to think it does. The other gentleman is correct, for a service to be considered secure, in real world terms and real world application you would not have access to your data in decrypted form via a website, you would only be able to download the encrypted pieces. Secure encryption is not so secure when you decrypt it from a website using a server that you originally tried to avoid having encrypt it. What I am saying is, what is so secure about the encryption you are using if you let a third party decrypt it, one that can obviously intercept your key quite easily and decrypt it anytime they want to. It's no more secure then just having them encrypt it with their own keys that they make up for you, sort of like drop box. Actually, it's a false sense of security they are giving you at this point, and in my eyes a fraudulent claim of being more secure then others because 'you control the encryption key' when in all honest opinions, they could just intercept it anytime they wanted to so you are back to square one. At this point, secure is out the door, and it's just become another drop box, actually, one that just hasn't been called out about it yet. Be round-a-bout with your terminology all you want so people don't realise that they are no more secure then they were but the truth is still there when you read between the evasion. The short of the short is, for a service to be truly secure the company hosting it must not have access to any of the encryption keys and only the encrypted data, your data is either encrypted and unavailable, period, or your data is decrypted and available, not a false sense of security where Jim thinks he's secure because he controls the encryption key, not realising that the company claiming he's more secure because he controls the encryption key, can in fact intercept said key anytime they want to. It's not security, it's not-so-clever marketing. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Ubuntu One needs cloud encryption like LastPass does it
On Thu, Mar 22, 2012 at 3:41 PM, Jason Todd jtodd...@hotmail.com wrote: I wanted to leave a note expressing my hopes that if Ubuntu One ever gets encryption capabilities, that the encryption be implemented in the same way that LASTPASS does it (http://lastpass.com). Which is that the data is all encrypted on the user's machine before it goes into the cloud, and the user is the only who has the key to decrypt the data. This kind of encryption setup would be safe secure and would lead me to trust the Ubuntu One cloud services. ...but then you wouldn't be able to interact with your data beyond your own computers. Ubuntu One's focus is to make it more convenient, access your files from anywhere (including the website), stream your own music, share your files, and well, more to come in that direction. You can either have very secure or convenient, and there's services catering to both. We believe that if you really want to keep your data safe, than you can encrypt it yourself, so it'll get uploaded encrypted (at the expense of it being inconvenient to decrypt to use it). DejaDup does this for you by default in Ubuntu, and backs up, safely and securely to Ubuntu One. As for the general consumer, they are attracted towards cloud services for the convenience (this is not an opinion, this is research). Both things are real uses cases, but in many cases mutually exclusive. -- Martin -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Ubuntu One needs cloud encryption like LastPass does it
...but then you wouldn't be able to interact with your data beyond your own computers. Ubuntu One's focus is to make it more convenient, access your files from anywhere (including the website), stream your own music, share your files, and well, more to come in that direction. For photos, being able to share them online is highly useful; for financial documents I don't want to share them and there is no useful web view, and I care much more about keeping them confidential. It would be nice if I could use just one tool/service and choose on a per-folder basis whether to encrypt the files. (Of course I realize options have a cost, in development time, complexity, ui, bugs...) I guess you can stack ecryptfs on top of u1. -- Martin -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Ubuntu One needs cloud encryption like LastPass does it
On Thu, Mar 22, 2012 at 6:38 PM, Martin Pool m...@canonical.com wrote: ...but then you wouldn't be able to interact with your data beyond your own computers. Ubuntu One's focus is to make it more convenient, access your files from anywhere (including the website), stream your own music, share your files, and well, more to come in that direction. For photos, being able to share them online is highly useful; for financial documents I don't want to share them and there is no useful web view, and I care much more about keeping them confidential. It would be nice if I could use just one tool/service and choose on a per-folder basis whether to encrypt the files. (Of course I realize options have a cost, in development time, complexity, ui, bugs...) I guess you can stack ecryptfs on top of u1. Actually, you cannot... eCryptfs, itself, is a stacked filesystem, and it does not stack well on top of other stacked filesystems (NFS, Samba, AUFS, etc). Tyler (on CC) can provide more details, if you're interested. What you can do, however, is use eCryptfs to encrypt all of $HOME or just $HOME/Private (where you might choose to store your financial documents but not your photos), and then have U1 sync your underlying encrypted data, which is symlinked into $HOME/.Private/. I've heard from several people using U1 in this manner, though I haven't myself. It's been a really long time since I tried U1 (sadly, it didn't sync/preserve symlinks last time I played with it and I think my bug on it was marked won't-fix). -- :-Dustin Dustin Kirkland Ubuntu Core Developer -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss