Google Encrypts Data
August 27, 2013 by admin
Filed under Around The Net
Comments Off on Google Encrypts Data
Google officially announced it will by default encrypt data warehoused in its Cloud Storage service.
The server-side encryption is now active for all new data written to Cloud Storage, and older data will be encrypted in the coming months, wrote Dave Barth, a Google product manager, in a blog post.
“If you require encryption for your data, this functionality frees you from the hassle and risk of managing your own encryption and decryption keys,” Barth wrote. “We manage the cryptographic keys on your behalf using the same hardened key management systems that Google uses for our own encrypted data, including strict key access controls and auditing.”
The data and metadata around an object stored in Cloud Storage is encrypted with a unique key using 128-bit Advanced Encryption Standard algorithm, and the “per-object key itself is encrypted with a unique key associated with the object owner,” Barth wrote.
“These keys are additionally encrypted by one of a regularly rotated set of master keys,” he wrote. “Of course, if you prefer to manage your own keys then you can still encrypt data yourself prior to writing it to Cloud Storage.”
Data collection programs revealed by former U.S. National Security Agency contractor Edward Snowden have raised questions about U.S. government data requests made to Internet companies such as Google for national security investigations.
A Google spokeswoman said via email the company does not provide encryption keys to any government and provides user data only in accordance with the law.
“Our legal team reviews each and every request, and we frequently push back when the requests appear to be fishing expeditions or don’t follow the correct process,” she wrote. “When we are required to comply with these requests, we deliver it to the authorities. No government has the ability to pull data directly from our servers or network.”
Powerful “Flame” Virus Found In Iran
Security experts have uncovered a highly sophisticated computer virus in Iran and other Middle Eastern states that they believe was deployed at least five years ago to engage in state-sponsored cyber espionage.
Evidence suggest that the virus, dubbed Flame, may have been built on behalf of the same nation or nations that commissioned the Stuxnet worm that attacked Iran’s nuclear program in 2010, according to Kaspersky Lab, the Russian cyber security software maker that claimed responsibility for discovering the virus.
Kaspersky researchers said on Monday they have yet to determine whether Flame had a specific mission like Stuxnet, and declined to say who they think built it.
Iran has accused the United States and Israel of deploying Stuxnet.
Cyber security experts said the discovery publicly demonstrates what experts privy to classified information have long known: that nations have been using pieces of malicious computer code as weapons to promote their security interests for several years.
A cyber security agency in Iran said on its English website that Flame bore a “close relation” to Stuxnet, the notorious computer worm that attacked that country’s nuclear program in 2010 and is the first publicly known example of a cyber weapon.
Iran’s National Computer Emergency Response Team also said Flame might be linked to recent cyber attacks that officials in Tehran have said were responsible for massive data losses on some Iranian computer systems.
Yahoo Wins Major Lawsuit
December 17, 2011 by admin
Filed under Around The Net
Comments Off on Yahoo Wins Major Lawsuit
Yahoo has achieved a big victory against spammers, a legal victory that also includes a default judgment of $610 million.
In the lawsuit, filed in May 2008, Yahoo targeted a variety of individuals and companies, accusing them of trying to defraud people via a spam campaign that falsely informed email recipients that they had won prizes in a non-existent Yahoo-sponsored lottery.
Yahoo alleged that the defendants’ goal was to trick email recipients into providing them with personal and financial information that could be used to commit fraud by raiding victims’ bank accounts, using their credit cards and applying for loans on their behalf.
Judge Laura Taylor Swain from the U.S. District Court for the Southern District of New York ruled that Yahoo’s allegations are “uncontroverted” and said the company is entitled to $27 million in statutory damages for trademark infringement and $583 million in statutory damages for violation of the CAN-SPAM Act.
It’s not clear whether Yahoo will be able to collect the money. A default judgment is rendered when defendants in a case fail to plead or defend an action, as happened in this case, in which the defendants never responded to Yahoo’s complaint.