Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Why PRISM kills the cloud | Computerworld Blogs
From: Jeffrey Walton <noloader () gmail com>
Date: Mon, 10 Jun 2013 21:30:16 -0400

On Mon, Jun 10, 2013 at 9:15 PM, laurent gaffie
<laurent.gaffie () gmail com> wrote:
Why is the Prims program such a big deal today?  Most of us  knew about
echelon and the patriot act didn't we? This program was unconstitutional at
the first place and should have raised indignation when it was approved at
that time...
+1.

Below is my standard verbiage on clouds and backups to clouds.

Jeff

clouds and drop boxes. If you don’t want your data analyzed,
inspected, shared, or mishandled, then don’t provide it in the first
place. Data migration includes backups, so ensure you are using the
proper attributes on your files. For Apple systems, the file should
have kCFURLIsExcludedFromBackupKey file property or
com.apple.MobileBackup extended attribute (see Technical Q&A QA1719
for details). Android applications should add android:allowBackup on
the application tag and set it to false in AndroidManifest.xml.
Windows’ integrated cloud backup is new, and there’s currently no way
for an application to back up to the cloud (and hence, no way to stop
it).

A layman’s analysis of License Agreements and Terms and Conditions
will reveal how little security is afforded to your documents in cloud
storage. For those who don’t read them, one popular platform has 142
separate documents covering Terms of Conditions for its cloud
alone.[18] The documents discuss your rights if the company (1) gives
away your data, (2) shares you data with partners, (3) looses your
data, (4) provides your data to authorities (sometimes without an
order or warrant), (5) does not provide reasonable skill or care, (6)
commits willful misconduct or fraud, and (7) acts with negligence or
gross negligence. “Your rights” is misleading since it is consent, and
the document effectively states you indemnify the company: “You agree
to defend, indemnify and hold [company], its affiliates, subsidiaries,
directors, officers, employees, agents, partners, contractors, and
licensors harmless from any claim or demand, including reasonable
attorneys’ fees, made by a third party.”[19]

[18] iCloud Terms and Conditions,
https://www.apple.com/legal/internet-services/icloud/ww/
[19] iCLOUD TERMS AND CONDITIONS,
https://www.apple.com/legal/internet-services/icloud/en/terms.html

Le 2013-06-10 19:46, "Ivan .Heca" <ivanhec () gmail com> a écrit :

http://m.blogs.computerworld.com/cloud-storage/22305/why-prism-kills-cloud


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault