Clouds!

[Richard W.M. Jones]

On Sat, Dec 18, 2010 at 09:34:06AM +0000, Adrian Midgley wrote:
> On 18 December 2010 09:08, Mary Hawking <maryhawking at tigers.demon.co.uk>wrote:
> >  Does that mean that, assuming that it is correct that if the Department
> > of Homeland Security asked for any data held in MS controlled clouds it
> > would be handed over without further ado, it is illegal, under DPA for
> > anyone in any sector to use Cloud technology – or at least any Cloud
> > application in which MS was involved - for anything containing personal
> > data?
>
> Encrypt.

Not sure what this single word answer implies, but I'll tell you a
true story: probably second most popular question I get about
libguestfs (after "does it run on Ubuntu?") is "OMG you're revealing
the files on virtual machines bypassing all the file permissions!  How
can I stop this!?"

I have to tell them that you can already read whatever is in a cloud
virtual machine, encrypted or not.  libguestfs just makes it easy.

Apart from some very speculative schemes[1], if you want to do
computing in someone else's cloud, someone else is going to have
complete access to the data on those virtual machines, and whether
you've encrypted the disks or not won't make a blind bit of
difference.

Amazon tell us that they divide up storage and virtualization so one
Amazon administrator can't read the keys out of VM memory and use them
to decrypt the hard disk stored somewhere else, but you have to assume
that two Amazon admins could do this, and in any case take what they
say on trust.  [Not picking on Amazon here BTW, this applies equally
to any public cloud, they are just the most popular one]

Private cloud APIs where the physical machines and storage are under
your own control excepted from the above.

Rich.

[1] Here would I add a reference to a paper about using mathematical
transforms to perform computing on encrypted data without decrypting
it, but I'm afraid I can't find it right this minute ...

-- 
Richard Jones
Red Hat