As far as trusting encryption provided by web file hosting or cloud services, I would never trust that. Of course they will tell you that they are ultimately secure. I'm sure that's what "Ashley Madison" told their customers too! I would only encrypt files locally, then send them up. if the hosting service wants to re-encrypt them, that's all well and good, but the salient point is that I controlled my own encryption and didn't rely on them.
Of course, the bigger problem is that you can't really trust the info sec of your bank, the IRS, etc. I think we've seen that information security is in danger of becoming security theater. The internet as we know it was never designed with security in mind. Really it was never designed with any inkling that it would become what it now is. It's like a huge tent that you only intended to spend a week in; then you build on again and again until your tent is big enough to host a circus in. But no matter how big it gets it's still a tent! And how you lock the a tent?
According to the government as many as 1/3 of Americans SS #s have been exposed!
That's maybe 100,000,000 people in the US alone! And how many retailers have lost the CC numbers of 40 or 50 million customers?
I'll tell you what's really scary, to me at least- biometrics. Because for it to work your input must be compared to a db somewhere that has your vital statistics. And if your SS# is compromised you can get a new one. But how do you get a new retina or fingerprint?
At some point when we move from IPv4 to IPv6 we need to enhance the security infrastructure of the entire net. But it's not like remodeling a house while you live in it; it's more like remodeling a spaceship while you're en route to Mars! Pretty hard to shut it down long enough to make the changes we need to make.
Previous Topic
Index
