Redmond promises even MORE cloudy crypto Get ready for the spooks to howl: Microsoft Research has developed another layer of security to lock up customer data in the cloud. What the Redmond boffins dub "VC3" – Verifiable Confidential Cloud Computing – takes advantage of Intel's SGX command set to create a “lockbox” for customers running MapReduce computations in the …
"To make the calculations, the client’s data is loaded into the secure hardware in the cloud, where the data is decrypted, processed and re-encrypted."
Doesn't that mean giving the 'cloudy box' your encryption keys? Or maybe the cloudy box sends you a key that you use to encrypt your data first, before sending it off. Anyone?
the end of computing under our control. Only the signed, unmodified application has control over what is allowed. It would not be the least bit difficult to only allow "proper" applications to execute with only vetted data. Yeah, tinfoil-hat time, but I've yet to read anything to the contrary that would prevent this. Drekload ton of documents to process here.
Interesting how game consoles popped up and made a brief appearance. I'm quite sure that Microsoft, if not Sony and Nintendo as well, noticed.
I think it's more the opposite. All these technologies are new and enhance your control. I don't mean they're new in the sense of updated versions of old tools, I mean they're new in the sense of doing things that weren't actually use cases previously.
In the Olden Days, data was data and security was about not letting someone have access to your computer. Then it started to get more sophisticated and it was about having the right user accounts on the box, but if you could access the hardware you could still read the data off the drive. Then we started to see technologies that guarded data against physical access - TruCrypt, Bitlocker, et al. Essentially making security entirely about verifiable credentials.
Now we're seeing that taken to the next stage where entire "machines" (as in VMs) and processes depend on verifiable credentials. The uptake of the Cloud for people's platforms is actually driving the development of tools for controlling what happens and what is accessible that are even more capable than their predecessors. Because the Cloud makes such things necessary.
And ironically, governments' determination to spy on people is running headlong into existing business needs and pushing forward this technology far faster than it would develop on its own. MS have and will always have, one overriding goal - get your money. What we're seeing here, is them finding ways to code around the US government. The article is right to say that this will make the NSA howl.
And I have no problem with that. ;)
>>"How naive. They can't code their way around the law."
Of course you can. Accountants do it all the time. If you are hosting only encrypted content that you yourself cannot access, then for example, you cannot be made to reveal what you know because you don't know anything. MS are simply taking it one (well two) steps further and finding ways to make it so that even processes cannot be accessed by them. Remember, MS's goal is to get your money, not to get your internal data - that's the government's aim (though they would like your money too). So it's entirely within MS's interests to find ways to lock even themselves out, odd though that sounds.
And this is from the same company that (almost) requires an on-line account for their OS, and making it ever so easy to store private files on their cloud storage.
But it's ok, they wont sell your data to 3rd parties - they want to keep it to themselves so they can charge others to perform "calculations" on it. What do we get in return? A free upgrade to their OS.
No thanks, Microsoft. Targeted advertising is one thing, but not this shit. They've broken the camel's back for me, now.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
