View Single Post
Estel's Avatar
Posts: 5,028 | Thanked: 8,613 times | Joined on Mar 2011
#5
Originally Posted by Mentalist Traceur View Post
To be fair, if the encryption key/password/whatever never leaves your phone, and they're just storing the encrypted data directly in the cloud, then it's only slightly less secure than your physical phone itself. Yes, a government could get the data, and you should always assume their bruteforcing abilities are way better than a normal attackers, but if the encryption algorithm is good and it's encrypted/decrypted phone-side only, even if they get it it should in theory take them a decently long time to crack it.

(...)

But yeah, I really really hope they encrypt/decrypt it ONLY phoneside and nowhere else (and are upfront that you are sacrificing a layer of security when using cloud storage). If they fail to do so, then like you say, it is snake oil peddling.
Absolutely true (your's and impeham's points) - maybe I should be more precise about it. Of course, if you encrypt something on your device (using strong methods), and put it in *encrypted* form somewhere in the net, if should be safe - even if you use "compromised" services, like some google storage.

What concerns me, is "encrypted in the cloud" - it doesn't sound lice normal storage where you put encrypted files, but rather, like some thing that does encrypting on server-side.

But, maybe, I'm just making wrong assumptions here - they're so vague about it, that it may mean ~anything.

/Estel
__________________
N900's aluminum backcover / body replacement
-
N900's HDMI-Out
-
Camera cover MOD
-
Measure battery's real capacity on-device
-
TrueCrypt 7.1 | ereswap | bnf
-
Hardware's mods research is costly. To support my work, please consider donating. Thank You!
 

The Following 2 Users Say Thank You to Estel For This Useful Post: