Auf YouTube findest du die angesagtesten Videos und Tracks. Außerdem kannst du eigene Inhalte hochladen und mit Freunden oder gleich der ganzen Welt teilen.
“Don’t worry, we encrypt all the data”
“I’ve heard as part of the prism program NSA has the encryption key?”
“I don’t know the answer to that”
I wouldn’t dare believe that anything in AWS or Azure or Google Cloud is out of reach for the US agencies unless the end-user has encrypted it with a key that the cloud provider doesn’t have access to.
Some services in Azure, like storage accounts let you encrypt data with your own key in addition to MS’s. But there’s always some level of implicit trust with cloud based services, so y’know
Yes, but the encryption keys are stored in an azure key vault, so Microsoft still has the keys.
There’s no difference whether you use customer managed keys or not, Microsoft always has the keys but customer managed keys are more hassle to give an illusion of security.
Yes there’s other reasons to use them, but not to protect against Microsoft/us gov spying
Which is why companies that are concerned use something like vault do keys via API, and rotate them often instead of default services.
Anyone who cares is perfectly able to encrypt the entire system via third party tools which includes many foss projects.
The default 15 years ago was fuck it. AWS is pretty much the only reason security on the web is as *good as it is. At least Russia and China don’t have free reign over your data 🤷♂️.
“Don’t worry, we encrypt all the data”
“I’ve heard as part of the prism program NSA has the encryption key?”
“I don’t know the answer to that”
I wouldn’t dare believe that anything in AWS or Azure or Google Cloud is out of reach for the US agencies unless the end-user has encrypted it with a key that the cloud provider doesn’t have access to.
Some services in Azure, like storage accounts let you encrypt data with your own key in addition to MS’s. But there’s always some level of implicit trust with cloud based services, so y’know
Yes, but the encryption keys are stored in an azure key vault, so Microsoft still has the keys.
There’s no difference whether you use customer managed keys or not, Microsoft always has the keys but customer managed keys are more hassle to give an illusion of security.
Yes there’s other reasons to use them, but not to protect against Microsoft/us gov spying
Which is why companies that are concerned use something like vault do keys via API, and rotate them often instead of default services.
Anyone who cares is perfectly able to encrypt the entire system via third party tools which includes many foss projects.
The default 15 years ago was fuck it. AWS is pretty much the only reason security on the web is as *good as it is. At least Russia and China don’t have free reign over your data 🤷♂️.