It is always important to protect our system against external threats, ie hackers, but it is also important to protect against internal threats.
Το μέγεθος των ζημιών από μια εσωτερική απειλή μπορεί να εκτιμηθεί από το παράδειγμα του Edward Snowden ο οποίος είχε εργαστεί στην NSA , και είχε την access σε χιλιάδες απόρρητα έγγραφα, στα δίκτυα και στα συστήματα της NSA.
« According to a recent Verizon report, internal threats account for about 14% of 2013 data breaches.
To avoid the risk of malicious employees who abuse sensitive data, CloudFlare a software was released open code encryptions with the name "Red October"[ Red October] , with encryption - decrypt files in style “rule of two-man”[Two-man rule].
THE "a two-person rule", Is a control mechanism that aims to achieve a high level of security for particularly critical information, such as military secrets, where data decryption will only work when two or more people provide the keys.
"It comes from military history, where a nuclear missile could not be launched if two people did not agree to turn their start keys at the same time. This demand was introduced in order to avoid any mistake of a person (or deliberately) that would start the Third World War. "
All communication with the system "Red October ” is encrypted with TLS, ensuring that passwords are not sent without security.
Each user έχει έναν μοναδικό, τυχαία δημιουργημένο ζεύγος κλειδιών RSA. Το ιδιωτικό κλειδί του χρήστη στη συνέχεια κρυπτογραφείται με ένα άλλο κλειδί που προέρχεται από τον κωδικό πρόσβασης του χρήστη και μετά από salt using scrypt. Data encryption Red October creates a random 128-bit AES key.
To decrypt a file, the end user should be the administrator with the correct password. If two end users are on the list of valid users, having passed their keys, then only decryption will be done.
To prevent unauthorized access to data decryption, o server Red October will not decrypt the user's keys without their password.
We know it, hard for all this and for some incomprehensible but safe. If you want to upload your data to a cloud then you have to think about how to preserve something that is not in your home.
The software is freely available as an open source application on GitHub .