Schneier on Security
A blog covering security and security technology.
« Text Message Retention Policies |
| Changes to the Blog »
March 22, 2013
FBI Secretly Spying on Cloud Computer Users
Both Google and Microsoft have admitted it. Presumably every other major cloud service provider is getting these National Security Letters as well.
If you've been following along, you know that a U.S. District Court recently ruled National Security Letters unconstitutional. Not that this changes anything yet.
Posted on March 22, 2013 at 7:10 AM
• 31 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
I just assume that the government has access to every single piece of electronic information any time they want.
Back before the "cloud" when discussions started as X as a Service where X was storage or software etc various people highlighted various risks to be considered.
On of the risks was access not authorised by the data owner, which in effect is what these unconstitutional accesses are.
I wonder howmany other of the serious risks on the list have to happen before people wake up and realise that Cloud = Abdication of responsability.
Thus how long befor shareholders start proceadings against directors etc for going down the cloud route...
Because if the files were stored locally on your company's server the government could not get them if they had an investigation to conduct?
In a recent interview in front of a live audience, Chief Judge Alex Kozinski of the Ninth Circuit U.S. Court of Appeals was asked about privacy 'in the cloud' in a 4th Amendment context. His answer was direct:
"Until further notice, I would not consider anything you put on 'the Cloud' private. Is that clear?"
That's not to state his viewpoint on whether or not it should be, but expresses his assessment of the current state of the law in this regard: the jury is out (so to speak).
The full interview is at: YouTube.
I was at the Dutch TechDays a few weeks ago.
In the keynote the speaker remarked on corporate reluctance to store their data in the cloud.
He said that the problem is about trust. 'Do you trust Microsoft to keep your data secure?'
Then he explained that we already trust Microsoft to push out Windows Updates to all our PCs. Basically saying 'what's the problem, you already trust Microsoft!'
Rather a weak moment in the keynote, imho. Since keeping a release pipeline secure from hackers is a lot easier than petabytes of data. Even more so when you start considering stuff like NSLs.
That's what they admitted: 'keeping your data secure is our responsibility in the cloud'. Which means, if a breach happens you can sue Microsoft.
Of course, that doesn't cover NSLs.
What a coincidence! I too have received 0-999 NSLs in 2012!
In all seriousness though, where do the guidelines on "acceptable numbers to use in NSL ranges" come from?
I experimented with putting a TrueCrypt container into Dropbox. It works, but updates are slow.
Obviously, that only works for static storage.
Then there are Tor services.
The very nasty types of criminals have found ways to run their business almost completely encrypted on foreign servers.
@Winter, comment #7: Syncing TrueCrypt containers is slow the first time only, later only differences are transfered (in larger blocks because of encryption, but not in complete container size).
You might also try EncFS or eCryptFS, which encrypt on the file level, not a large container. Additionally, there is a software named Boxcrypter for some platforms, including iOS, which works with an EncFS configuration.
Another option might be ownCloud.
Using “the Cloud” for backups and files and certain data to be in sync is nice, but it is only secure when data is encrypted on your own devices first.
I use SpiderOak for data backup.
If anyone knows a privacy reason not to, please, let me know.
"Because if the files were stored locally on your company's server the government could not get them if they had an investigation to conduct?"
Similar to a detached house versus a flat, if you have your own systems the government must target you specifically, rather than trawling your data amidst that of your neighbors via the landlord. In the cloud one bad apple can cause scrutiny of the whole barrel.
The other advantages of having the data on your servers is if the goverment looks at it, you get to know about it. Also in the case of a subpoena, you can challenge it before turning the data over.
Search for "Amazon" within this page:
A lot of Tor nodes - including fast exit nodes are hosted by Amazon. Now we hear about TLA snooping on CCU, this doesn't surprise me.
If I run a Tor exit node, or any Tor node for that matter, how much information can I scrape from the traffic?
I encrypt my own data, then use Ciphertite to back it up since it was created by openbsd devs. Prob the only service that can actually guarantee privacy since you keep the keys.
As for running your own Tor exit node you need a dedicated server or enormous VPS and good luck not getting shut down unless you filter traffic. As for analyzing the traffic you can do whatever you want its your server
"If you've been following along, you know that a U.S. District Court recently ruled National Security Letters unconstitutional. Not that this changes anything yet."
Not that it will ever change anything. That's one district. The FBI will continue using NSLs in every other district will unless/until SCOTUS issues a blanket ruling. In which case, the feds will continue using them under the claim that they found an unpatched hole in the blanket. If the holes get patched (a la Congress banning them by legislation -- unlikely), the feds will simply change the name (think "TIA") to "National Voluntary-Or-Else Data Compliance Letters" and continue business as usual. And the vast majority of Americans -- those who notice at all -- will yawn, say, "Well, gee; only terrorists would have anything to hide anyway," and go back to their reality TV programming.
If most people actually gave a damn, the FBI headquarters building would have been razed, burned, the churned earth salted, and public lynchings instituted back in the '70s.
Tor devs put together an amazon image for easy node hosting which explains the abundance of amazon nodes @ cloud.torproject.org
Interesting the CIA now uses amazon too, so you have spies, foreign spies and tor users all together in one convenient service lol
@Derp - what are you talking about... Ciphertite is not the only service that allows you to keep the keys. You can do this in many ways, not the least of which is AWS. So, if I first encrypt a file then upload it to DropBox, somehow that is not as secure as... Ciphertite?
It's funny we get upset that they are spying but wouldn't you be madder if they didn't watch the cloud and other online sources? It's kinda there job to watch for bad stuff. That said I am still anti-snooping :) Tor for the win!
What I find completly unexceptable, and criminal, is that the providers of these services seem to have no problem with peering into your business...especially if it provides a comptetive advantage. I am sick and tire of the pirates and thiefs that don't have any ideas of their own and feel justified in stealing the work of others. Is it because I choose to use MS products during the development of my patented technologies that MS is entitled to that work?
How are small and nimble developers, entraprenuers, inventors, and rebels suppose to compete with corporations that are given the go-ahead to steal--I guess as long as they share with the US government it's okay.
@ Derp et al
Sorry for my obtuseness, but I don't know enough about Tor to be able to answer the questions myself. Let's suppose that I run a Tor exit node, or even an intermediate Tor node. Does my server have access to the stream in clear text or is it encrypted? If I understand correctly, coming out of the exit node the data stream has to be able to transit into the real world internet to reach the target client. But if it's in https or similar? If it's in clear text, then obviously I will be able to monitor the traffic. In the case of intermediate nodes, how available to me is the data stream in clear text or in an easily breakable crypto? Clearly if I want to know what people are doing with Tor, I will set up some dedicated servers--on Amazon, wherever--as Tor exit or perhaps intermediate nodes and then do what? run a port monitor or the equivalent?
this is why I use mega.co.nz
and for who say spideroak , its actually a backup solution more than file storage to share.
Is there any available evidence suggesting that we've gained any safety or security in exchange for sacrificing the Fourth and Fifth Amendments?
Or is that question inappropriate (or unpatriotic) to ask, because the classified memo that concluded that Victory in the War on Terror is incompatible with the Bill of Rights also concluded that the First Amendment needs to be curtailed?
This is horrible for cloud adoption. Why should anyone trust US cloud providers which is "the next big thing" when our government meddles like this?
There are data security standards and solutions providers that are offering encryption protection here, and regulations created which may ensure the success of these businesses. But what if the federal government infilitrates these providers as well?
The US government's constant meddling in security is not doing anyone any good. What kind of government opposed the adoption of real encryption standards that are necessary for safe ecommerce only twenty so years ago?
I have to wonder how many other areas the US government has meddled in. Are they responsible for wifi insecurities and cell phone insecurities? For insecure router technology?
If so, we can blame the global hacking espionage epidemic right on the US.
@Bear: IIRC, the 9th is the third of the nine circuits to rule this way. Since it covers California, it's particularly significant. In all likelihood the Supreme Court will eventually have to rule. Given the current composition of the Court, I hope it's not soon.
have a look at cyphertite, it does client-side encryption, is almost entirely open source, and has a cheap unlimited plan. trusting cloud storage with your plaintext data can definitely put you at risk, i suggest _always_ using client-side encryption for data storage.
there are also several other products that offer client-side crypto storage online:
At the exit node you see whatever the client sent. Depending on routing / config, this means parts of the clients communications. Other parts will exit via different nodes (ideally). It'll be encrypted if the client was encrypted (https vs http for example)
At a transit mode all data will be encrypted (multiple times). That's why it's called The Onion Router - many layers.
Thanks; that clarifies the protocol.
I'm surprised no one has mentioned Wuala as a secure cloud solution.
"Wuala encrypts the data on your computer before it is uploaded. During the upload, your data is split up into many different pieces and stored in multiple places to make certain that you never lose a single file. For added security your password is never transmitted, which means that no one - not even the employees at Wuala - can see your private files."
"Since encryption occurs before files leave your computer, Wuala effectively wraps a protective wall around your data in the cloud. LaCie employees have very limited access to your data. They can only see how many files you have stored and how much storage space they occupy. The files themselves, as well as all metadata (folder names, file names, comments, preview images, etc.), are encrypted."
Schneier.com is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc.