Comment by 0xbadc0de5
3 years ago
Your daily reminder - if you don't host the data, someone else does. And their interests may or may not align with yours. And even if their interests align with yours today, that's no guarantee they will tomorrow. If you don't want audio, video, etc potentially shared with authorities, don't install cloud-enabled audio/video devices in your home.
"Cloud" means somebody else's computer. This is pithy, people here are sick of hearing it, but it's still true.
It could be your private cloud therefore your computer. <5% of people probably have their own server. When that % changes significantly, we may need to stop saying this.
I guess 0.00001% is still < 5%
Most people in tech still use @gmail addresses, do you think regular people bother to have their own private cloud for data storage ?
3 replies →
I would guess less than 5% of people even know what cloud means. Even among devs its considered pretty hardcore to host things on your own hardware.
1 reply →
It's going to be an "if," not a "when." The percentage of users who want to manage their own cloud is vanishingly small. If people are sensitive to the risk of handing over their data to a trusted (well, trusted enough) corporation with a reputation to lose and money on the line, how safe should they feel putting their data on a cloud they manage, essentially stacking themselves up against every Joe Random Hacker on the Internet without the benefit of a Google, Microsoft, or Amazon SRE team to keep the shields up and the lights on 24/7?
The risk surface for self-hosting is higher, on multiple axes, than cloud-hosting. Hosting your own cloud is the "I don't trust auto mechanics so I'm going to become an auto mechanic" approach and most people have neither the time nor the talent.
10 replies →
we could do that back in 1992
"Someone else's computer" would be misinformation in any other medium SOLELY because it makes it sound like it's being stored on the same kind of computer that an average person has - that another average person is using. There was a smear campaign in 2013 for cloud computing under this very message.
Apple stores HomeKit video in their cloud.
It’s worthless because it’s end-to-end encrypted. They can hand over the data but no one can view it.
There are safe ways of using the cloud.
>> “ During this process, the HomeKit data is encrypted using keys derived from the user's HomeKit identity and a random nonce and is handled as an opaque binary large object, or blob.”
If you don’t control the keys, to me, that’s not end-to-end encrypted.
Source: https://support.apple.com/guide/security/data-security-sec49...
You do control the keys though, "Because it’s encrypted using keys that are available only on the user’s iOS, iPadOS, and macOS devices"
"The authentication is based on Ed25519 public keys that are exchanged between the devices when a user is added to a home. After a new user is added to a home, all further communication is authenticated and encrypted using Station-to-Station protocol and per-session keys"
"The user who initially created the home in HomeKit or another user with editing permissions can add new users. The owner’s device configures the accessories with the public key of the new user so that the accessory can authenticate and accept commands from the new user. When a user with editing permissions adds a new user, the process is delegated to a home hub to complete the operation. "
https://support.apple.com/guide/security/data-security-sec49...
1 reply →
Can you verify that or are you just taking their word?
The client side software can easily verify that. Whether you can trust the software running on your device is a somewhat different question that has nothing to do with whether or not you're storing things in "the cloud" (though it is still a valid concern).
If the backup password to these encrypted files is known, it can be rather trivial to access the data within.
Recently, a certain head of state's son had 100s of GB of iCloud backups thrown onto a torrent, and within a day rogue manchildren living in their parents' basements cracked most, if not all of it open.
With the backup password in hand, all one needs is this README.md file [0] to be off to the races.
[0] https://github.com/avibrazil/iOSbackup/blob/master/README.md
>If the backup password to these encrypted files is known, it can be rather trivial to access the data within.
That's how encryption works...
1 reply →
Some parts of iCloud are encrypted, some are not.
Please stop posting this same topic in your comments.
3 replies →
I like my Eufy doorbell and cameras, which stores recordings on an appliance that I keep in my office.