More reason to avoid "cloud" storage.

  1. You have chosen to ignore posts from NowWhatDoYouWant. Show NowWhatDoYouWant's posts

    More reason to avoid "cloud" storage.

     

    In this slide from a National Security Agency presentation on “Google Cloud Exploitation,” a sketch shows where the “Public Internet” meets the internal “Google Cloud” where user data resides. Two engineers with close ties to Google exploded in profanity when they saw the drawing.

     

     

     

    -----

    The National Security Agency has secretly broken into the main communications links that connect Yahoo and Google data centers around the world, according to documents obtained from former NSA contractor Edward Snowden and interviews with knowledgeable officials.

    By tapping those links, the agency has positioned itself to collect at will from hundreds of millions of user accounts, many of them belonging to Americans. The NSA does not keep everything it collects, but it keeps a lot.

    According to a top-secret accounting dated Jan. 9, 2013, NSA’s acquisitions directorate sends millions of records every day from Yahoo and Google internal networks to data warehouses at the agency’s Fort Meade headquarters. In the preceding 30 days, the report said, field collectors had processed and sent back 181,280,466 new records — including “metadata,” which would indicate who sent or received e-mails and when, as well as content such as text, audio and video.

    The NSA’s principal tool to exploit the data links is a project called MUSCULAR, operated jointly with the agency’s British counterpart, the Government Communications Headquarters . From undisclosed interception points, the NSA and the GCHQ are copying entire data flows across fiber-optic cables that carry information between the data centers of the Silicon Valley giants.

    The infiltration is especially striking because the NSA, under a separate program known as PRISM, has front-door access to Google and Yahoo user accounts through a court-approved process.

    The MUSCULAR project appears to be an unusually aggressive use of NSA tradecraft against flagship American companies. The agency is built for high-tech spying, with a wide range of digital tools, but it has not been known to use them routinely against U.S. companies.

    In a statement, the Office of the Director of National Intelligence, which oversees the NSA, said the agency is “focused on discovering and developing intelligence about valid foreign intelligence targets only.”

    “NSA applies Attorney General-approved processes to protect the privacy of U.S. persons — minimizing the likelihood of their information in our targeting, collection, processing, exploitation, retention, and dissemination,” it said.

    In a statement, Google said it is “troubled by allegations of the government intercepting traffic between our data centers, and we are not aware of this activity.”

    “We have long been concerned about the possibility of this kind of snooping, which is why we continue to extend encryption across more and more Google services and links,” the company said.

    At Yahoo, a spokeswoman said, “We have strict controls in place to protect the security of our data centers, and we have not given access to our data centers to the NSA or to any other government agency.”

    Under PRISM, the NSA gathers huge volumes of online communications records by legally compelling U.S. technology companies, including Yahoo and Google, to turn over any data that matches court-approved search terms. That program, which was first disclosed by The Washington Post and the Guardian newspaper in Britain, is authorized under Section 702 of the Foreign Intelligence Surveillance Act (FISA) and overseen by the Foreign Intelligence Surveillance Court (FISC).

    [2 more pages]   http://www.washingtonpost.com/world/national-security/nsa-infiltrates-links-to-yahoo-google-data-centers-worldwide-snowden-documents-say/2013/10/30/e51d661e-4166-11e3-8b74-d89d714ca4dd_story.html?Post+generic=%3Ftid%3Dsm_twitter_washingtonpost

     

     

     

     

     

     
  2. You have chosen to ignore posts from DirtyWaterLover. Show DirtyWaterLover's posts

    Re: More reason to avoid

    Maybe the NSA should have been in charge of the ACA website.

     

     
  3. You have chosen to ignore posts from skeeter20. Show skeeter20's posts

    Re: More reason to avoid

    In response to DirtyWaterLover's comment:
    [QUOTE]

    Maybe the NSA should have been in charge of the ACA website.

     

    [/QUOTE]

    Who says they aren't?

     

    Mooohhaaaoaaaa!

     
  4. You have chosen to ignore posts from tvoter. Show tvoter's posts

    Re: More reason to avoid

    No more private health information for US citizens!

     
  5. You have chosen to ignore posts from FortySixAndTwo. Show FortySixAndTwo's posts

    Re: More reason to avoid

    In response to tvoter's comment:
    [QUOTE]

    No more private health information for US citizens!

    [/QUOTE]

    Never such a thing anyway. 

     
  6. You have chosen to ignore posts from tvoter. Show tvoter's posts

    Re: More reason to avoid

    In response to FortySixAndTwo's comment:
    [QUOTE]

    In response to tvoter's comment:
    [QUOTE]

    No more private health information for US citizens!

    [/QUOTE]

    Never such a thing anyway. 

    [/QUOTE]

    I think HIPAA worked to protect peoples information a great deal. The issue now is this information will be on a website and/or software program that no matter how secure they claim WILL be hacked!

     
  7. You have chosen to ignore posts from FortySixAndTwo. Show FortySixAndTwo's posts

    Re: More reason to avoid

    In response to tvoter's comment:
    [QUOTE]

    In response to FortySixAndTwo's comment:
    [QUOTE]

    In response to tvoter's comment:
    [QUOTE]

    No more private health information for US citizens!

    [/QUOTE]

    Never such a thing anyway. 

    [/QUOTE]

    I think HIPAA worked to protect peoples information a great deal. The issue now is this information will be on a website and/or software program that no matter how secure they claim WILL be hacked!

    [/QUOTE]

    Every site is hackable. Not to mention that there are many people who can know about your health info....obviously Doctor, PA, MA..and from insurance side...claims processor, claims adjuster, contract analyst, contract manager, underwriter, etc, etc.

     

     
  8. You have chosen to ignore posts from tvoter. Show tvoter's posts

    Re: More reason to avoid

    In response to FortySixAndTwo's comment:

    [/QUOTE]

    I think HIPAA worked to protect peoples information a great deal. The issue now is this information will be on a website and/or software program that no matter how secure they claim WILL be hacked!

    [/QUOTE]

    Every site is hackable. Not to mention that there are many people who can know about your health info....obviously Doctor, PA, MA..and from insurance side...claims processor, claims adjuster, contract analyst, contract manager, underwriter, etc, etc. 

    [/QUOTE]

    Those I trust a little more than the govt!

     
  9. You have chosen to ignore posts from FortySixAndTwo. Show FortySixAndTwo's posts

    Re: More reason to avoid

    In response to tvoter's comment:
    [QUOTE]

    In response to FortySixAndTwo's comment:

    [/QUOTE]

    I think HIPAA worked to protect peoples information a great deal. The issue now is this information will be on a website and/or software program that no matter how secure they claim WILL be hacked!

    [/QUOTE]

    Every site is hackable. Not to mention that there are many people who can know about your health info....obviously Doctor, PA, MA..and from insurance side...claims processor, claims adjuster, contract analyst, contract manager, underwriter, etc, etc. 

    [/QUOTE]

    Those I trust a little more than the govt!

    [/QUOTE]

    Why? What do you think the govt will do with that info? 

     
  10. This post has been removed.

     
  11. You have chosen to ignore posts from tvoter. Show tvoter's posts

    Re: More reason to avoid

    In response to FortySixAndTwo's comment:
    [QUOTE]

    I think HIPAA worked to protect peoples information a great deal. The issue now is this information will be on a website and/or software program that no matter how secure they claim WILL be hacked!

    [/QUOTE]

    Every site is hackable. Not to mention that there are many people who can know about your health info....obviously Doctor, PA, MA..and from insurance side...claims processor, claims adjuster, contract analyst, contract manager, underwriter, etc, etc. 

    [/QUOTE]

    Those I trust a little more than the govt!

    [/QUOTE]

    Why? What do you think the govt will do with that info? 

    [/QUOTE]

    Our govt is full of greed and corruption with specific health information there are numerous way to take advantage of people, catagorize people to save money or make money.

    govt is business business is govt

     
  12. You have chosen to ignore posts from FortySixAndTwo. Show FortySixAndTwo's posts

    Re: More reason to avoid

    In response to tvoter's comment:
    [QUOTE]

    In response to FortySixAndTwo's comment:
    [QUOTE]

    I think HIPAA worked to protect peoples information a great deal. The issue now is this information will be on a website and/or software program that no matter how secure they claim WILL be hacked!

    [/QUOTE]

    Every site is hackable. Not to mention that there are many people who can know about your health info....obviously Doctor, PA, MA..and from insurance side...claims processor, claims adjuster, contract analyst, contract manager, underwriter, etc, etc. 

    [/QUOTE]

    Those I trust a little more than the govt!

    [/QUOTE]

    Why? What do you think the govt will do with that info? 

    [/QUOTE]

    Our govt is full of greed and corruption with specific health information there are numerous way to take advantage of people, catagorize people to save money or make money.

    govt is business business is govt

    [/QUOTE]

    So you think our govt is going to employ people to look at claims info for 300,000,000+ million people? That's an awful lot of people they'll need to do that. And then take said info and use it against you? So if they see you have cancer (which by the way hope never happens to you) they'll do what? Drop you from coverage? Keep you from getting chemo? I guess I don't fully understand what you actually expect the govt to do. 

     
  13. You have chosen to ignore posts from tvoter. Show tvoter's posts

    Re: More reason to avoid

    In response to FortySixAndTwo's comment:
    [QUOTE]

    Every site is hackable. Not to mention that there are many people who can know about your health info....obviously Doctor, PA, MA..and from insurance side...claims processor, claims adjuster, contract analyst, contract manager, underwriter, etc, etc. 

    [/QUOTE]

    Those I trust a little more than the govt!

    [/QUOTE]

    Why? What do you think the govt will do with that info? 

    [/QUOTE]

    Our govt is full of greed and corruption with specific health information there are numerous way to take advantage of people, catagorize people to save money or make money.

    govt is business business is govt

    [/QUOTE]

    So you think our govt is going to employ people to look at claims info for 300,000,000+ million people? That's an awful lot of people they'll need to do that. And then take said info and use it against you? So if they see you have cancer (which by the way hope never happens to you) they'll do what? Drop you from coverage? Keep you from getting chemo? I guess I don't fully understand what you actually expect the govt to do. 

    [/QUOTE]


    Piracy software can search databases looking for certain words or diseases/conditions/medications etc and it's doesnt take alot of people to run piracy software.

    just a hypothetical:

    A drug is found to possibly cause a mental condition that may make the people taking it paranoid and/or aggressive or a potential threat to others. This information can be used (alas for the common good) to  indentify and spy on individuals who have committed no crime to try and prevent crime before it happens; which is what the whole NSA spy program is already doing.

     

     
  14. You have chosen to ignore posts from FortySixAndTwo. Show FortySixAndTwo's posts

    Re: More reason to avoid

    In response to tvoter's comment:
    [QUOTE]

    In response to FortySixAndTwo's comment:
    [QUOTE]

    Every site is hackable. Not to mention that there are many people who can know about your health info....obviously Doctor, PA, MA..and from insurance side...claims processor, claims adjuster, contract analyst, contract manager, underwriter, etc, etc. 

    [/QUOTE]

    Those I trust a little more than the govt!

    [/QUOTE]

    Why? What do you think the govt will do with that info? 

    [/QUOTE]

    Our govt is full of greed and corruption with specific health information there are numerous way to take advantage of people, catagorize people to save money or make money.

    govt is business business is govt

    [/QUOTE]

    So you think our govt is going to employ people to look at claims info for 300,000,000+ million people? That's an awful lot of people they'll need to do that. And then take said info and use it against you? So if they see you have cancer (which by the way hope never happens to you) they'll do what? Drop you from coverage? Keep you from getting chemo? I guess I don't fully understand what you actually expect the govt to do. 

    [/QUOTE]


    Piracy software can search databases looking for certain words or diseases/conditions/medications etc and it's doesnt take alot of people to run piracy software.

    just a hypothetical:

    A drug is found to possibly cause a mental condition that may make the people taking it paranoid and/or aggressive or a potential threat to others. This information can be used (alas for the common good) to  indentify and spy on individuals who have committed no crime to try and prevent crime before it happens; which is what the whole NSA spy program is already doing.

     

    [/QUOTE]

    Ah....so we're basically getting into Minority Report stuff eh? Alrighty then.

     

     
  15. You have chosen to ignore posts from skeeter20. Show skeeter20's posts

    Re: More reason to avoid

    In response to FortySixAndTwo's comment:
    [QUOTE]

    In response to tvoter's comment:
    [QUOTE]

    In response to FortySixAndTwo's comment:
    [QUOTE]

    I think HIPAA worked to protect peoples information a great deal. The issue now is this information will be on a website and/or software program that no matter how secure they claim WILL be hacked!

    [/QUOTE]

    Every site is hackable. Not to mention that there are many people who can know about your health info....obviously Doctor, PA, MA..and from insurance side...claims processor, claims adjuster, contract analyst, contract manager, underwriter, etc, etc. 

    [/QUOTE]

    Those I trust a little more than the govt!

    [/QUOTE]

    Why? What do you think the govt will do with that info? 

    [/QUOTE]

    Our govt is full of greed and corruption with specific health information there are numerous way to take advantage of people, catagorize people to save money or make money.

    govt is business business is govt

    [/QUOTE]

    So you think our govt is going to employ people to look at claims info for 300,000,000+ million people? That's an awful lot of people they'll need to do that. And then take said info and use it against you? So if they see you have cancer (which by the way hope never happens to you) they'll do what? Drop you from coverage? Keep you from getting chemo? I guess I don't fully understand what you actually expect the govt to do. 

    [/QUOTE]

    HIPAA protects that personal medical information, except when that information is in the hands of government, or so the progressives here have told me.

    I think they will collect the data "in case" they need it, just like our phone calls, meta data, and internet logs.  So, what consititutes them "needing it"?  Perhaps an online poster pointing out that they are violating our liberty?  Maybe a up and coming politician? A terrorist?

    Just because the government thinks they need something doesn't mean they should get it. That it the thin line that seperates tyranny from freedom.

     
  16. You have chosen to ignore posts from FortySixAndTwo. Show FortySixAndTwo's posts

    Re: More reason to avoid

    In response to skeeter20's comment:
    [QUOTE]

    In response to FortySixAndTwo's comment:
    [QUOTE]

    In response to tvoter's comment:
    [QUOTE]

    In response to FortySixAndTwo's comment:
    [QUOTE]

    I think HIPAA worked to protect peoples information a great deal. The issue now is this information will be on a website and/or software program that no matter how secure they claim WILL be hacked!

    [/QUOTE]

    Every site is hackable. Not to mention that there are many people who can know about your health info....obviously Doctor, PA, MA..and from insurance side...claims processor, claims adjuster, contract analyst, contract manager, underwriter, etc, etc. 

    [/QUOTE]

    Those I trust a little more than the govt!

    [/QUOTE]

    Why? What do you think the govt will do with that info? 

    [/QUOTE]

    Our govt is full of greed and corruption with specific health information there are numerous way to take advantage of people, catagorize people to save money or make money.

    govt is business business is govt

    [/QUOTE]

    So you think our govt is going to employ people to look at claims info for 300,000,000+ million people? That's an awful lot of people they'll need to do that. And then take said info and use it against you? So if they see you have cancer (which by the way hope never happens to you) they'll do what? Drop you from coverage? Keep you from getting chemo? I guess I don't fully understand what you actually expect the govt to do. 

    [/QUOTE]

    HIPAA protects that personal medical information, except when that information is in the hands of government, or so the progressives here have told me.

    I think they will collect the data "in case" they need it, just like our phone calls, meta data, and internet logs.  So, what consititutes them "needing it"?  Perhaps an online poster pointing out that they are violating our liberty?  Maybe a up and coming politician? A terrorist?

    Just because the government thinks they need something doesn't mean they should get it. That it the thin line that seperates tyranny from freedom.

    [/QUOTE]

    I think you're paranoid...no offense

     
  17. You have chosen to ignore posts from BilltheKat. Show BilltheKat's posts

    Re: More reason to avoid

    Those of us that have worked in IT know that if data is kept on a server somewhere, the information is open to all those that have the key (passwords) and if not properly locked down with security patches etc, open to hackers.

    If you want to keep info private, keep it local and shut your PC off when you're finished with it. This is not earth shattering new stuff.

    The governments computers are usually obsolete technologies with IT personel ill equipped to handle nothing much more than maintenance and to put the call into the local contractor if a serious problem arises. Again, not earth shattering new stuff.

     
  18. This post has been removed.

     
  19. You have chosen to ignore posts from BilltheKat. Show BilltheKat's posts

    Re: More reason to avoid

    In response to chiefhowie's comment:
    [QUOTE]

    In response to BilltheKat's comment:
    [QUOTE]

    Those of us that have worked in IT know that if data is kept on a server somewhere, the information is open to all those that have the key (passwords) and if not properly locked down with security patches etc, open to hackers.

    If you want to keep info private, keep it local and shut your PC off when you're finished with it. This is not earth shattering new stuff.

    The governments computers are usually obsolete technologies with IT personel ill equipped to handle nothing much more than maintenance and to put the call into the local contractor if a serious problem arises. Again, not earth shattering new stuff.

    [/QUOTE]

    You have to be kidding me. 

    NSA has some of the best in  the world > pays them well.

    hacked all of EUO and Russian Gov 

    Only safe if you not hooked up and never down load on your equipt.

    Back in the day I used 3 servers. #1 for downloads #2 scans downloads. #3 ops.

    [/QUOTE]

    Exactly, the best in the world are contractors, think Snowden. If you're the best in the world at something, being a contractor for the government pays much better than actually being employed by the government.

     
  20. You have chosen to ignore posts from MattyScornD. Show MattyScornD's posts

    Re: More reason to avoid

    In response to skeeter20's comment:
    [QUOTE]

    HIPAA protects that personal medical information, except when that information is in the hands of government, or so the progressives here have told me.

     

    [/QUOTE]


    Not true.  HIPAA laws apply regardless of who's processing the info.  Only the courts can intervene, as in a criminal investigation, et al.

     

     
  21. You have chosen to ignore posts from MattyScornD. Show MattyScornD's posts

    Re: More reason to avoid

    Cloud storage/service is definitely the future - at least of our connected selves, but the networking part will be tricky, which makes storing data and retrieving data two very different heads on the same beast with both subject to security issues.

     

     

     
  22. You have chosen to ignore posts from NowWhatDoYouWant. Show NowWhatDoYouWant's posts

    Re: More reason to avoid

    In response to MattyScornD's comment:

    Cloud storage/service is definitely the future - at least of our connected selves, but the networking part will be tricky, which makes storing data and retrieving data two very different heads on the same beast with both subject to security issues.



    I know that's what the tech world wants us to accept, but it just won't fly for a number of industries.

     

    For example, legal work. It's bad enough that someone might hack an attorney's email account and access all sorts of privileged communications. But to store entire files in a 'cloud'? No way. I'd go back to typewriters before endangering clients that way... 

     
  23. You have chosen to ignore posts from BilltheKat. Show BilltheKat's posts

    Re: More reason to avoid

    In response to NowWhatDoYouWant's comment:
    [QUOTE]

    In response to MattyScornD's comment:

    [QUOTE]

     

    Cloud storage/service is definitely the future - at least of our connected selves, but the networking part will be tricky, which makes storing data and retrieving data two very different heads on the same beast with both subject to security issues.

     

    [/QUOTE]

    I know that's what the tech world wants us to accept, but it just won't fly for a number of industries.

     

     

    For example, legal work. It's bad enough that someone might hack an attorney's email account and access all sorts of privileged communications. But to store entire files in a 'cloud'? No way. I'd go back to typewriters before endangering clients that way... 

    [/QUOTE]

    I would expect smaller offices to own their own servers and protect them with firewalls, proxy servers and security policies. VPN access for external users can be implemented as long as security policies are in place. If a user goes rogue, those policies can protect the rest of the staff from his/her prying eyes. Of course Ive seen many cases where these concepts have lapsed and the system is wide open to a terminated employee where their access was never inhibited.

     
  24. You have chosen to ignore posts from NowWhatDoYouWant. Show NowWhatDoYouWant's posts

    Re: More reason to avoid

    In response to BilltheKat's comment:
    [QUOTE]

    In response to NowWhatDoYouWant's comment:
    [QUOTE]

    In response to MattyScornD's comment:

    [QUOTE]

     

    Cloud storage/service is definitely the future - at least of our connected selves, but the networking part will be tricky, which makes storing data and retrieving data two very different heads on the same beast with both subject to security issues.

     

    [/QUOTE]

    I know that's what the tech world wants us to accept, but it just won't fly for a number of industries.

     

     

    For example, legal work. It's bad enough that someone might hack an attorney's email account and access all sorts of privileged communications. But to store entire files in a 'cloud'? No way. I'd go back to typewriters before endangering clients that way... 

    [/QUOTE]

    I would expect smaller offices to own their own servers and protect them with firewalls, proxy servers and security policies. VPN access for external users can be implemented as long as security policies are in place. If a user goes rogue, those policies can protect the rest of the staff from his/her prying eyes. Of course Ive seen many cases where these concepts have lapsed and the system is wide open to a terminated employee where their access was never inhibited.

    [/QUOTE]


    Right... 

     

    My point is just that we'll never see universal 'cloud' use because there is some stuff sensitive enough that it just isn't worth risk exposing to the NSA and hackers.

     
  25. You have chosen to ignore posts from StalkingButler. Show StalkingButler's posts

    Re: More reason to avoid

    [QUOTE]My point is just that we'll never see universal 'cloud' use because there is some stuff sensitive enough that it just isn't worth risk exposing to the NSA and hackers.[/QUOTE]

    It's handy for books and music and such. Just go with the assumption that if it's in the cloud it's potentially available to anyone.

     

     

Share