Hacker News new | ask | show | jobs
by userbinator 208 days ago
They thought the camera’s file system was unencrypted, when it was encrypted.

Unfortunately this situation is likely to get more common in the future as the "security" crowd keep pushing for encryption-by-default with no regard to whether the user wants or is even aware of it.

Encryption is always a tradeoff; it trades the possibility of unauthorised access with the possibility of even the owner losing access permanently. IMHO this tradeoff needs careful consideration and not blind application.
2 comments
jiggawatts 208 days ago
This is why I always shake my head when the Reddit armchair security experts say "The data wasn't even encrypted!? Amateur hour!" in response to some PII leak.

Sure, sure buddy, I'll encrypt all of my PII data so nobody can access it... including the web application server.

Okay, fine, I'll decrypt it on the fly with a key in some API server... now the web server had unencrypted access to it, which sounds bad, but that's literally the only way that it can process and serve the data to users in a meaningful way! Now if someone hacks the web app server -- the common scenario -- then the attacker has unencrypted access!

I can encrypt the database, but at what layer? Storage? Cloud storage is already encrypted! Backups? Yeah, sure, but then what happens in a disaster? Who's got the keys? Are they contactable at 3am?

Etc, etc...

It's not only not as simple as ticking an "encrypted: yes" checkbox, it's maximally difficult, with a very direct tradeoff between accessibility and protection. The sole purpose of encrypting data is to prevent access!

link
londons_explore 208 days ago
I like the approach of mega.nz...

Server stores encrypted blobs. Server doesn't have the keys.

  Entire application is on the client, and just downloads and decrypts what it needs.
Obviously your entire application stack needs to be developed with that approach in mind, and some things like 'make a hyperlink to share this' get much more complex.
link
dh2022 207 days ago
Re: encrypting data that would be served via web server: why would anyone bother to encrypt data meant to be shared externally worldwide? It makes no sense to begin with…
link
Terr_ 208 days ago
Nah bro, you just gotta use homomorphic encryption! /s

That said, encryption at rest is still good in terms of theft or mis-disposal.

link
UltraSane 208 days ago
This has already happened to Windows users when BitLocker disk encryption is enabled by default and they do something that causes the encryption key to be lost.

You can have the key saved in your Microsoft account.

link
userbinator 207 days ago
You can have the key saved in your Microsoft account.

I find it very hard to believe that those who want their disk encrypted also want Microsoft to have the key.

link
UltraSane 207 days ago
Microsoft isn't going to release it without a warrant. But you have to trust their security not to leak it.
link
paradox460 207 days ago
Unless the JeDI contract is up for renewal
link
UltraSane 207 days ago
What does that have to do with bitlocker?
link