Several providers cloud services promise users full protection of their privacy and protection from tracking, through the adoption of security policies zeroof knowledge (zero knowledge policies).
Zero knowledge cloud services work by storing data in encrypted form and providing users with unique wrenches for their decryption, which providers do not have access to.
However, a recent study by Johns Hopkins University calls into question the security of these security policies:
Experts have found that if data is shared through a cloud service, these keys could be vulnerable to attacks, allowing providers to access customer data.
Several cloud service providers that promise zero knowledge protection – such as Spider Oak, Wuala and Tresorit – use a method where data is encrypted when stored in the cloud and only decrypted when download από κάποιον χρήστη. Αυτό το μοντέλο είναι safe. But the researchers warn that if the data is shared in the cloud, meaning it is sent through the service, without the user downloading it to their system, then providers have a chance to see it.
For more information you can see the full report here.
Source: iguru.gr
