It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
The Cloud is "Leaking" !!!!!
page: 3share:
originally posted by: NowanKenubi
I immediately thought the Cloud was stupid from the beginning and couldn't believe people fell for it.
Proud Never-Cloud User.
What makes you think you aren't a cloud user?
originally posted by: StoutBroux
originally posted by: SudoNim
originally posted by: Flyingclaydisk
What do you think??
That you have little idea about cloud security and best practices.
Really?????? Because anything can be hacked. The government, IRS, Military, Hospitals, Colleges, Boyscouts, even the Cloud.
Anything on the WWW/internet/digital technology age can be invaded. If you think it's safe, you have another think coming. NOTHING on the internet is safe.
For example:
DNC
Credit card info from a multitude of stores
The IRS Says Identity Thieves Hacked Its Systems Again | Fortune.com
fortune.com/2016/02/10/irs-hack-refunds/
Feb 10, 2016 - Identity thieves attempted to breach computer systems at the Internal Revenue Service to file fraudulent tax refunds, the agency said.
VA Systems Hacked From Abroad - DataBreachToday
www.databreachtoday.com/va-systems-hacked-from-abroad-a-5814
Jun 5, 2013 - Since 2010, hackers from other nations, including China and perhaps Russia, have repeatedly breached Department of Veterans Affairs ...
Dropbox hack: Cloud storage company hacked, potentially revealing ...
www.independent.co.uk/.../dropbox-hack-cloud-storage-company-hacked-potentially...
Aug 31, 2016 - More than 60 million logins apparently belonging to Dropbox users have been spread across the internet. The cloud storage company has said that there doesn’t appear to be any indication that users have been hacked after the data dump, which compromises the security of many of ...
Chinese Group Is Hacking Cloud Providers to Reach Into Secure ...
www.bleepingcomputer.com... › News › Security
Apr 4, 2017 - A cyber-espionage group that first surfaced in 2009 is using a novel tactic into hacking its targets by first breaching one of its cloud service ...
I NEVER trusted the idea of the cloud, it was an attraction for the simple minded to store all their net "stuff". Anyone who believes it is safe and secure is an idiot.
Why are you quoting me? What point do you think you are responding to?
The mere fact that most people in this thread seems to be quoting "the cloud" likes its some sort of magical security method never seen before is
proof that marketing works.
a reply to: SudoNim
You are a very useful idiot, indeed.
I know so many network guys, CCIE's even who are just clueless. They think their S# don't stink....and then they get doomed. It's just amazing.
You truly are a fool. You're a fool if you believe in the "Cloud"...truly...a...fool!!!
You are a very useful idiot, indeed.
I know so many network guys, CCIE's even who are just clueless. They think their S# don't stink....and then they get doomed. It's just amazing.
You truly are a fool. You're a fool if you believe in the "Cloud"...truly...a...fool!!!
originally posted by: SudoNim
The mere fact that most people in this thread seems to be quoting "the cloud" likes its some sort of magical security method never seen before is proof that marketing works.
Are you a CCIE? Say your certification! You talk tough...how tough are you????
Put up...or shut up!!
Are you a CCIE????
edit...gonna' laugh if you say you're a CCNA!!! LOL
edit on 8/5/2017 by Flyingclaydisk because: (no reason given)
Sudonim, you can suck pond water! Dirty pond water too!!
You are so full of infected bilge water it's unimaginable!
C'mon man, you need to step back a bit. Seriously!
give it a rest!
You are so full of infected bilge water it's unimaginable!
C'mon man, you need to step back a bit. Seriously!
give it a rest!
originally posted by: SudoNim
originally posted by: Flyingclaydisk
What do you think??
That you have little idea about cloud security and best practices.
Please expound on your IT knowledge...I'll wait....
isn't an OP supposed to have.... oh, i don't know, some sort of proof for a claim?
or at least something to back up its assertations?
come on, the thread is called "the cloud IS LEAKING"
and then the content of the OP is "they say nice stuff and i don't trust that!!"
literally nothing beyond low grade paranoia
and i see many other users share the exact same paranoia
no rhyme or reason to it, just "someone i don't know is gonna hack my skull somehow"
which..... i dunno, burn your data to cd and stash it under your mattress if it's so important your holiday snaps don't get on the internet. use that paranoia constructively to look after yourself. the stink of your fear is unappealing.
or at least something to back up its assertations?
come on, the thread is called "the cloud IS LEAKING"
and then the content of the OP is "they say nice stuff and i don't trust that!!"
literally nothing beyond low grade paranoia
and i see many other users share the exact same paranoia
no rhyme or reason to it, just "someone i don't know is gonna hack my skull somehow"
which..... i dunno, burn your data to cd and stash it under your mattress if it's so important your holiday snaps don't get on the internet. use that paranoia constructively to look after yourself. the stink of your fear is unappealing.
originally posted by: M5xaz
originally posted by: SudoNim
originally posted by: Flyingclaydisk
What do you think??
That you have little idea about cloud security and best practices.
Please expound on your IT knowledge...I'll wait....
Is this an interview?
I'm honoured, truly, that you are interested in my knowledge background but i'm not interested in any proposal you have for me.
I know it must be disappointing as you probably have some copy and paste rebuttal at hand about your own experience, but let's keep your personal infatuation out of this thread... ok?
I'm loathed to respond to the OP in the midst of his apparent breakdown but...
Did you get scammed by some chance? This thread seems like a rant because YOU got duped, I don't know a single person who has ever thought the above. Maybe you did and you got your fingers burnt.
It is not the panacea and savior of mankind as it is purported to be.
Did you get scammed by some chance? This thread seems like a rant because YOU got duped, I don't know a single person who has ever thought the above. Maybe you did and you got your fingers burnt.
edit on 7-8-2017 by SudoNim because: (no reason given)
a reply to: SudoNim
Nope, never been scammed personally. However, I have personally seen numerous intrusions into places where people just shouldn't be able to get into, and from the most unlikely of sources too. I work closely with a network security team of individuals (I don't work on the security personally, but in a field related/in support of it). It is all related to the aviation sector. It is stunning to me how absolutely vulnerable data is, despite very well funded efforts to prevent it from being so. The attacks on data are endless, all different and the creativity of the methods used to compromise it are mind boggling! So yeah, I have some exposure to the things I say.
You must work in a cloud based computing field judging by your reaction...as if these words are a deadly poison to your future (and the truth may well be just this). No data is secure...NONE! For every single encryption method out there, there is a way to get at it. Every single one! Nothing, is absolutely safe. That is, unless it is completely 'air-gapped' and never leaves this air-gapped environment...and if this is the case, then the data is of little value to the larger technology world. Just read federal encryption export laws; why do you think they're written as onerously as they are??? Hmmmm????
Absolute "trust" is a fantasy, an illusion. Why? Because, simply put, humans are involved. Name a large single business or government who hasn't been hacked(?) Amazon, Target, Google, NASA, DOD, FBI, IRS, the list goes on and is nearly limitless...and these are all just ones you've heard about, in a world where getting hacked is really, really, bad for business and consumer trust, and the trust of the general populace. Consequently, the general populace doesn't ever even hear of 99% of the attacks, because there is no legal reason for disclosure. Think about this for a moment...if you dare.
Further, neither you nor anyone else can "prove" beyond any shadow of a doubt my data has not been compromised. We just have to 'believe' these people at their word. Oh sure, there's lots of simplistic ways to see when a file has been accessed, etc., but as you should certainly know, there are many ways around these tools. Simple bulk copying of encrypted data is just one example. The files aren't accessed, and because they're in a blob of hashed data there's no manipulation of the files or the data...just straight up copy. Then the files are accessed in a separate environment (where the hackers don't care about time stamps anymore because they're isolated from the network the data was removed from).
Then there's 'the Web'... How does all this data get into the cloud in the first place? It has to traverse the web in some fashion. Even data encrypted at the local level. And, the more encrypted this data is, the more places it goes for scrutiny. And, if you don't think every single bit of data on the Internet isn't scrutinized by agencies such as the NSA and others you'd be very foolish indeed. So, let's just assume (just pretend) for a moment that the NSA is 100% trustworthy with not a single soul working there who has nefarious intentions (remember, we're just pretending here)...this data still has to be moved around from data center to data center for analysis, exposing it to other prying eyes in the process. Over and over...and over again.
Frankly, it's impossible to believe that any, ANY, data is even the remotest bit secure when you consider all the permutations of ways that it can be compromised. It's just impossible NOT to be!!
Oh, I'm not surprised in the least that there are people out there who will say all kinds of things in attempts to dismantle this argument...starting with "you have no idea what you're talking about". Who will stop at nothing to assassinate the character of people who say things such as I have. No surprise at all...it's huge business!! People's lives and fortunes depend on this dirty little secret never being fully exposed. And there are those who are literally paid to search the web strike down these arguments, but the power of reality will ultimately prevail.
P.T. Barnum had it right...there really is a sucker born every minute!
edit...BTW, here's just a partial list of data breaches as an example:
Data Breaches
So tell me, after reading this list; do you see even a single market/business/govt sector not represented????? Do you?
Nope, never been scammed personally. However, I have personally seen numerous intrusions into places where people just shouldn't be able to get into, and from the most unlikely of sources too. I work closely with a network security team of individuals (I don't work on the security personally, but in a field related/in support of it). It is all related to the aviation sector. It is stunning to me how absolutely vulnerable data is, despite very well funded efforts to prevent it from being so. The attacks on data are endless, all different and the creativity of the methods used to compromise it are mind boggling! So yeah, I have some exposure to the things I say.
You must work in a cloud based computing field judging by your reaction...as if these words are a deadly poison to your future (and the truth may well be just this). No data is secure...NONE! For every single encryption method out there, there is a way to get at it. Every single one! Nothing, is absolutely safe. That is, unless it is completely 'air-gapped' and never leaves this air-gapped environment...and if this is the case, then the data is of little value to the larger technology world. Just read federal encryption export laws; why do you think they're written as onerously as they are??? Hmmmm????
Absolute "trust" is a fantasy, an illusion. Why? Because, simply put, humans are involved. Name a large single business or government who hasn't been hacked(?) Amazon, Target, Google, NASA, DOD, FBI, IRS, the list goes on and is nearly limitless...and these are all just ones you've heard about, in a world where getting hacked is really, really, bad for business and consumer trust, and the trust of the general populace. Consequently, the general populace doesn't ever even hear of 99% of the attacks, because there is no legal reason for disclosure. Think about this for a moment...if you dare.
Further, neither you nor anyone else can "prove" beyond any shadow of a doubt my data has not been compromised. We just have to 'believe' these people at their word. Oh sure, there's lots of simplistic ways to see when a file has been accessed, etc., but as you should certainly know, there are many ways around these tools. Simple bulk copying of encrypted data is just one example. The files aren't accessed, and because they're in a blob of hashed data there's no manipulation of the files or the data...just straight up copy. Then the files are accessed in a separate environment (where the hackers don't care about time stamps anymore because they're isolated from the network the data was removed from).
Then there's 'the Web'... How does all this data get into the cloud in the first place? It has to traverse the web in some fashion. Even data encrypted at the local level. And, the more encrypted this data is, the more places it goes for scrutiny. And, if you don't think every single bit of data on the Internet isn't scrutinized by agencies such as the NSA and others you'd be very foolish indeed. So, let's just assume (just pretend) for a moment that the NSA is 100% trustworthy with not a single soul working there who has nefarious intentions (remember, we're just pretending here)...this data still has to be moved around from data center to data center for analysis, exposing it to other prying eyes in the process. Over and over...and over again.
Frankly, it's impossible to believe that any, ANY, data is even the remotest bit secure when you consider all the permutations of ways that it can be compromised. It's just impossible NOT to be!!
Oh, I'm not surprised in the least that there are people out there who will say all kinds of things in attempts to dismantle this argument...starting with "you have no idea what you're talking about". Who will stop at nothing to assassinate the character of people who say things such as I have. No surprise at all...it's huge business!! People's lives and fortunes depend on this dirty little secret never being fully exposed. And there are those who are literally paid to search the web strike down these arguments, but the power of reality will ultimately prevail.
P.T. Barnum had it right...there really is a sucker born every minute!
edit...BTW, here's just a partial list of data breaches as an example:
Data Breaches
So tell me, after reading this list; do you see even a single market/business/govt sector not represented????? Do you?
edit on 8/7/2017 by Flyingclaydisk because: (no reason given)
edit on 8/7/2017 by Flyingclaydisk because: (no reason
given)
Cloud services play a role and support a specific business model that on prem services do not.
I get it, the OP doesnt like anything that deals with the cloud. That has as much impact as me saying im going to a Slayer concert with a supermodel tonight.
The IT world goes on, people use the cloud and all it's benefits + weaknesses in the ways that make the most sense for their business.
I get it, the OP doesnt like anything that deals with the cloud. That has as much impact as me saying im going to a Slayer concert with a supermodel tonight.
The IT world goes on, people use the cloud and all it's benefits + weaknesses in the ways that make the most sense for their business.
a reply to: opethPA
Your last statement is somewhat accurate. It's not that I don't like the 'cloud' per se, but rather what I'm trying to point out is that it is not the panacea some make it out to be. And, it will not be the end-game in computing as some would have you believe.
The computing world, the Internet are necessary in business and technology today. This is a given. The whole point here is, the concept of the "cloud" being the next generation of computing world wide is a fallacy. In support of this argument I have attempted to point out some reasons why. People may not like these reasons (or the reality of them), but the fact remains they are real.
The implementation of technology should always be mindful these risks exist, and as long as humans are in the game they will continue to. Consequently, all walks of life should proceed with care when it comes to data, and only expose data which they don't care about having compromised...in places like the "cloud".
Your last statement is somewhat accurate. It's not that I don't like the 'cloud' per se, but rather what I'm trying to point out is that it is not the panacea some make it out to be. And, it will not be the end-game in computing as some would have you believe.
The computing world, the Internet are necessary in business and technology today. This is a given. The whole point here is, the concept of the "cloud" being the next generation of computing world wide is a fallacy. In support of this argument I have attempted to point out some reasons why. People may not like these reasons (or the reality of them), but the fact remains they are real.
The implementation of technology should always be mindful these risks exist, and as long as humans are in the game they will continue to. Consequently, all walks of life should proceed with care when it comes to data, and only expose data which they don't care about having compromised...in places like the "cloud".
I think the cloud has a place but most companies are doubling down on security and data management.
Many places will stick to in house racks, not just by their own desires but because clients demand it.
its already happening!
Many places will stick to in house racks, not just by their own desires but because clients demand it.
its already happening!
originally posted by: Flyingclaydisk
a reply to: SudoNim
Nope, never been scammed personally. However, I have personally seen numerous intrusions into places where people just shouldn't be able to get into, and from the most unlikely of sources too. I work closely with a network security team of individuals (I don't work on the security personally, but in a field related/in support of it). It is all related to the aviation sector. It is stunning to me how absolutely vulnerable data is, despite very well funded efforts to prevent it from being so. The attacks on data are endless, all different and the creativity of the methods used to compromise it are mind boggling! So yeah, I have some exposure to the things I say.
So your exposure is hearsay from the network security team who feed you buzz words.
You must work in a cloud based computing field judging by your reaction...
Nope.
as if these words are a deadly poison to your future (and the truth may well be just this).
Yes, i'm worried about how FlyingClayDisk's posts on a conspiracy website might effect my future...
No data is secure...NONE! For every single encryption method out there, there is a way to get at it. Every single one! Nothing, is absolutely safe.
Sigh, incorrect. You really are over dramatic. Encryption isn't the only security method you know?
Absolute "trust" is a fantasy, an illusion. Why? Because, simply put, humans are involved. Name a large single business or government who hasn't been hacked(?) Amazon, Target, Google, NASA, DOD, FBI, IRS, the list goes on and is nearly limitless...and these are all just ones you've heard about, in a world where getting hacked is really, really, bad for business and consumer trust, and the trust of the general populace. Consequently, the general populace doesn't ever even hear of 99% of the attacks, because there is no legal reason for disclosure. Think about this for a moment...if you dare.
How is trust an illusion? What the hell are you talking about, complete nonsense. Are you trying to say it's ill advised to absolutely trust cloud security. If so, bravo. But saying absolute trust is a fantasy is gibberish.
You really are paranoid delusion, you swallow the whole fear of hacking. You are a marketing dream, fear based sales... I bet you are a sucker for buying all those anti-virus scams.
Further, neither you nor anyone else can "prove" beyond any shadow of a doubt my data has not been compromised.
I don't give a sh1t about your data, I can tell if mine has.
We just have to 'believe' these people at their word. Oh sure, there's lots of simplistic ways to see when a file has been accessed, etc., but as you should certainly know, there are many ways around these tools. Simple bulk copying of encrypted data is just one example. The files aren't accessed, and because they're in a blob of hashed data there's no manipulation of the files or the data...just straight up copy. Then the files are accessed in a separate environment (where the hackers don't care about time stamps anymore because they're isolated from the network the data was removed from).
We? I think you mean you. Please name those simplistic ways... are you really saying copy and paste is a way around compromising data? This is kindergarten stuff, please stop. What are you talking about timestamps and copying files.
I can see in your mind "hacking" is someone copy and pasting in File Explorer... its a lot more complex than I think you can understand. Especially since your knowledge comes from what you overhear from the network guys and googling words.
Then there's 'the Web'... How does all this data get into the cloud in the first place?
Please just stop. If you have to ask that question... just stop.
So, let's just assume (just pretend) for a moment that the NSA is 100% trustworthy with not a single soul working there who has nefarious intentions (remember, we're just pretending here)...this data still has to be moved around from data center to data center for analysis, exposing it to other prying eyes in the process. Over and over...and over again.
Why do I care about the NSA?
Frankly, it's impossible to believe that any, ANY, data is even the remotest bit secure when you consider all the permutations of ways that it can be compromised. It's just impossible NOT to be!!
Sigh... again, you have no idea what you are talking about.
Oh, I'm not surprised in the least that there are people out there who will say all kinds of things in attempts to dismantle this argument...starting with "you have no idea what you're talking about". Who will stop at nothing to assassinate the character of people who say things such as I have. No surprise at all...it's huge business!! People's lives and fortunes depend on this dirty little secret never being fully exposed. And there are those who are literally paid to search the web strike down these arguments, but the power of reality will ultimately prevail.
I can assure you that no-one cares what you think about "the cloud", in fact... please summarise what YOU think the "cloud" is that is leaking. I'll wait.
Data Breaches
So tell me, after reading this list; do you see even a single market/business/govt sector not represented????? Do you?
Go and learn what cloud storage or cloud security is and then come back and read this thread. It is a pointless waste of time.
You are posting like a child whose just learnt the basics of C++ and is desperate to tell his parents. You've sold yourself these lies, no-one has told you data is 100% secure. You don't even understand the basics of how it works.
You've made up lies to argue against, you clearly aren't in an IT environment because you fail to understand the role "the cloud" has and its benefits that outweigh its risks.
originally posted by: Flyingclaydisk
a reply to: opethPA
The implementation of technology should always be mindful these risks exist, and as long as humans are in the game they will continue to. Consequently, all walks of life should proceed with care when it comes to data, and only expose data which they don't care about having compromised...in places like the "cloud".
While I feel like every thing you said in your reply to me is fair and logical we can agree to disagree on the last line.
A cloud or hosted solution running over a dedicated circuit is no more or no less secure than running something on prem. You could make the case that an open connected cloud solution is more insecure than on prem and we could probably come to an agreement on that after debating both sides.
Like anything in the IT world items like this are only as good as your design, the engineers implementing your design and your A side/Z side actually doing their jobs correctly. Are there scenarios where using AWS or some other cloud based service can be insecure, 100% but I can also tell you that in a previous life I made a lot of money exploiting phone systems for companies that were on prem so by default should have been more secure.
It doesnt make a difference if we are talking R/S, Collaboration (my field), DC, CyberOps or whatever the biggest weak point in the IT equation is and always will be layer 8 or the human element and that doest matter if its in the cloud or on prem.. =)
edit on 7-8-2017 by opethPA because: (no reason given)
A cloud or hosted solution running over a dedicated circuit is no more or no less secure than running something on prem.
More attack vectors in the first, I would think. What about that box outside the building for that dedicated line. If the NSA has employees who compromise data, what can be said of the people working at some commercial data center.
But Joe Blow's data probably isn't a target, company propriety data and secrets might be.
originally posted by: roadgravel
A cloud or hosted solution running over a dedicated circuit is no more or no less secure than running something on prem.
More attack vectors in the first, I would think. What about that box outside the building for that dedicated line. If the NSA has employees who compromise data, what can be said of the people working at some commercial data center.
But Joe Blow's data probably isn't a target, company propriety data and secrets might be.
If you are going to take that stance then you can say that about every single type of service ever. Literally anything that connects to something else is an attack vector if you want to. Having previously worked in a TS and above classified DC I can tell you that even the PBX eventually got to something else that could have made it a target. Hell copper phone lines and their access terminals were not secure either. Ask anyone that ever boxed back before VOIP , and they will tell you how easy it was to get free dialtone.
What Im going with is a well engineered and implemented cloud or hosted solution is just as secure as on prem but just faces different Infosec challenges.
new topics
-
Weinstein's conviction overturned
Mainstream News: 1 hours ago -
Supreme Court Oral Arguments 4.25.2024 - Are PRESIDENTS IMMUNE From Later Being Prosecuted.
Above Politics: 2 hours ago -
Krystalnacht on today's most elite Universities?
Social Issues and Civil Unrest: 2 hours ago -
Chris Christie Wishes Death Upon Trump and Ramaswamy
Politicians & People: 3 hours ago -
University of Texas Instantly Shuts Down Anti Israel Protests
Education and Media: 5 hours ago -
Any one suspicious of fever promotions events, major investor Goldman Sachs card only.
The Gray Area: 7 hours ago
top topics
-
VP's Secret Service agent brawls with other agents at Andrews
Mainstream News: 16 hours ago, 11 flags -
Krystalnacht on today's most elite Universities?
Social Issues and Civil Unrest: 2 hours ago, 7 flags -
Nearly 70% Of Americans Want Talks To End War In Ukraine
Political Issues: 17 hours ago, 6 flags -
Sunak spinning the sickness figures
Other Current Events: 17 hours ago, 5 flags -
Electrical tricks for saving money
Education and Media: 15 hours ago, 5 flags -
Supreme Court Oral Arguments 4.25.2024 - Are PRESIDENTS IMMUNE From Later Being Prosecuted.
Above Politics: 2 hours ago, 5 flags -
Weinstein's conviction overturned
Mainstream News: 1 hours ago, 4 flags -
University of Texas Instantly Shuts Down Anti Israel Protests
Education and Media: 5 hours ago, 3 flags -
Any one suspicious of fever promotions events, major investor Goldman Sachs card only.
The Gray Area: 7 hours ago, 2 flags -
Chris Christie Wishes Death Upon Trump and Ramaswamy
Politicians & People: 3 hours ago, 1 flags
active topics
-
Weinstein's conviction overturned
Mainstream News • 11 • : 5thHead -
University of Texas Instantly Shuts Down Anti Israel Protests
Education and Media • 105 • : cherokeetroy -
Supreme Court Oral Arguments 4.25.2024 - Are PRESIDENTS IMMUNE From Later Being Prosecuted.
Above Politics • 37 • : WeMustCare -
Chris Christie Wishes Death Upon Trump and Ramaswamy
Politicians & People • 12 • : mysterioustranger -
Candidate TRUMP Now Has Crazy Judge JUAN MERCHAN After Him - The Stormy Daniels Hush-Money Case.
Political Conspiracies • 747 • : Justoneman -
Nearly 70% Of Americans Want Talks To End War In Ukraine
Political Issues • 81 • : FlyersFan -
Biden--My Uncle Was Eaten By Cannibals
US Political Madness • 73 • : CarlLaFong -
-@TH3WH17ERABB17- -Q- ---TIME TO SHOW THE WORLD--- -Part- --44--
Dissecting Disinformation • 671 • : daskakik -
VP's Secret Service agent brawls with other agents at Andrews
Mainstream News • 46 • : CarlLaFong -
HORRIBLE !! Russian Soldier Drinking Own Urine To Survive In Battle
World War Three • 42 • : FlyersFan