the most comprehensive online backup resource on the web

The five levels of cloud (in)security


Contrary to popular belief, storing data or backing up in the cloud is NOT necessarily insecure, but it depends upon how it is done. Below I list the five different levels of security you can achieve storing data in a cloud storage service - from almost nothing to industrial strength, deniable encryption.

1. Fly-by-night cloud storage company that offers you 1-50 GB for free


Examples: The now defunct X-drive, FreeDiskSpace.com, FreeDrive, netdrive.com and many more (but others will arise). You're playing with fire by using these. They've often run on zero profit margins (or at a significant loss). Even if they are set up with good intentions, if bankrupted and liquidated, the user data could be sold off. Additionally, their inclination if they receive a subpoena will be just to hand over all data requested even if the subpoena is easily challenged. Fighting it costs lawyers, even if it is a frivolous request. They probably won't even tell you (it might get out). So, if you went through a messy divorce or your business partner sued you and they had a half way competent lawyer, your data is as good as theirs. It's possible the MPAA could use such services as proof of copyright infringement as well. Beware of any service that offers a lot of storage for free.

  • Good for: any data you don't care about.
  • Bad for: any data you do care about.

2. Low security but established company


Where to find one: Online backup services, File synchronization services

This is the cheapest way to store your data. Dropbox is the primarily example of cloud storage that is established but technically insecure. Although they claim that they encrypt all of your data (which may well be true), they keep the key and the encrypted data together, so Additionally, this company in particular has had exposed a number of embarrassing security holes including this and this. Though it looks bad, they are an extremely popular service so these threats become public knowledge more quickly. Other less popular services with an equal lack of emphasis on security may well have similar security problems.

  • Good for: Files that may be mildly sensitive. Storing data this way is generally cheap, since the cloud storage can employ tricks such as file de-duplication across multiple users. If you upload a file you downloaded from the internet for instance, and you weren't the first, you save storage.
  • Bad for: Any data that is remotely sensitive.

3. Client only encryption service


Where to find one: Secure online backup, Secure file synchronization

This is where a company has developed software that first encrypts the data on your computer and then uploads it. When you try and retrieve the data, it decrypts it on your computer. At no time does the service have the ability to read your data. Generally highly secure, proven and open source algorithms such as AES are used to encrypt your data.

  • Good for: Most personal or business data.
  • Bad for: Anything that could be of "national security interest".

Problems?

The software could have back doors and it would be difficult to know. Even though the algorithm is near-provably secure, it is possible for problems to lurk in other areas of the code. Most companies that provide such a service often employ a security reviewer to inspect the code, but there can still be problems lurking. Additionally, they could have back doors programmed in that bypass the encryption. The NSA, for example, has notably, in all likelihood convinced Microsoft to insert a back door into Windows cryptographic functions. But, the picture is not so bad. Even if such back doors do exist, they would likely only be used extremely rarely. Neither one of the parties will want to provide any evidence for the existence of such a back door.

4. Proven open source encryption software


Where to find it: TrueCrypt can be downloaded for free here. It allows you to create an encrypted container on your file system in which you can put sensitive data, as well as encrypting an entire drive. Though counter-intuitive, open source software can actually give you more confidence in its security. The best example here is TrueCrypt, which gives you the option of using a variety of secure cryptographic algorithms (including AES). It was first released in 2004 and has been heavily scrutinized by security researchers. Though being popular extremely popular and endorsed by several security researchers, I can't find any official examples of a code review, so the potential of backdoors exists. None have been discovered however, and the FBI notably failed to crack TrueCrypt encryption in a high profile case.

Good for: Storing passwords, credit card details and other sensitive data.
Bad for: Storing large amounts of mildly sensitive data

Problems?

If you are syncing this container to a cloud storage provider, even a tiny change to the data encrypted means that you have to upload the whole container all over again. So, it is best for infrequently changed and small amounts of data.

While technically almost impossible to break, you are subject to the quirkily named "rubber hose cryptanalysis" (that is: somebody thrashing you with a rubber hose until you give up your password). More practically speaking, you are just thrown in prison if you don't hand over the password. In the UK, for example, you can face jail time for not handing over your password.

5. Deniable open source encryption software


Examples: Again, TrueCrypt. Documentation on creating deniable containers is here. Using TrueCrypt, you can not only create encrypted containers, but also multiple encrypted containers in the same space. This means that you can upload your sensitive data into one container and some mildly embarrassing data into the other container - e.g. bad poetry or soft core pornography. If "rubber hose cryptanalysis" is used on you, you can simply hand over the password to the second container. Since TrueCrypt employs a clever algorithm that munges together both containers, the existence of the first container should be hidden. You can hand over your password and still be safe. Unfortunately, it has been broken, although the compromise meant the following:

  • All it does is demonstrate the existence of hidden container (it can't decrypt it).
  • It will not work unless multiple images of the hard drive are taken after it has been changed several times. One reading of the container won't do.
  • It relies upon detecting the signature of applications that promiscuously store and retrieve temporary data - Microsoft Word, Google Desktop, Windows Vista, among others.

  • Good for: Human rights campaigners in oppressive dictatorships, political dissidents.
  • Bad for: Storing regular data. It's overkill. Problems: Still imperfect at being wholly deniable.

This takes up even more storage space, so you face the same problem about that changing a small amount of data means that you have to re-upload the entire container.

Trade off


As always, security is a trade-off. You must assess your risks before picking the right level. Just as it makes little sense to secure your family photos with industrial strength, deniable, rubber-hose-proof encryption, you shouldn't be storing highly sensitive files in Dropbox.

About Skeptu | Contact me
© 2009-2011 Colm O'Connor. All Rights Reserved.