Google ‘Drives’ Up Encryption, But Can It Be Trusted?
With privacy concerns over cloud storage services at an all time high, Google is reported to be experimenting with new methods of encrypting files stored within Google Drive. Though Google has yet to confirm or deny the story, the move is likely one that’s aimed at easing user’s fears that the US government might have access to their confidential data.
Ex-NSA contractor Ed Snowden claims that various government agencies have been given direct access vast swathes of data being stored by companies like Google and Microsoft, so these privacy concerns are pretty valid in spite of the companies’ denials. This is why offering to encrypt files would be such an important step – doing so is believed to protect data against anyone spying on it, because even if they do gain access to it they’d only be able to ‘see’ those files if they possess the right decryption keys.
Google already uses some level of encryption to protect against “man-in-the-middle” attacks. Any file uploaded to Google Drive is automatically encrypted with HTTPS, which protects the data whilst its being transmitted between servers, preventing anyone from intercepting that data. However, once the files reach Google’s servers, this data is then unencrypted, according to an April 2012 post on the Google product forum.
So why can’t Google just leave the data in an encrypted state the whole time? Well, doing so simply isn’t that easy, as it creates all manner of problems to do with indexing and searching for that data. This would require a vast increase in computational power, and given the size of Google’s Drive operation that’s presumably not an easy feat to achieve. However the benefits of doing so are clear enough – if Google Drive was encrypted the whole time, it would mean that even Google’s employees would have no idea what those files contained, with no way looking at them to find out.
Of course, the cynics will argue that even if Google does start offering to encrypt your data, what’s to stop them creating duplicate keys, or some other method of gaining access? Only last week we heard more allegations from Ed Snowden, who claimed that Microsoft was collaborating so closely with the NSA that it even worked with it to develop methods of circumventing its own data encryption. Supposing these allegations are true, then it seems just as likely that the government could impose some secret court order that compels Google to provide the same kind of assistance.
Encryption or no, it’s likely that some people will continue to have doubts over the security of larger US cloud providers, but there are a couple of alternatives that’ve been gaining publicity in recent weeks. One idea could be to just get the hell out of dodge altogether and go with a non-US based provider like Artmotion. Governed by Switzerland’s ultra-strict data privacy laws, its hosting services are trusted by some of the most secretive companies in the world, including tobacco firms, oil companies and banks.
Alternatively, you might feel more secure with the innovative approach take to storage by BitTorrent Sync, a non-cloud storage solution that uses the peer-to-peer BitTorrent protocol to transfer files between your devices without ever passing through an intermediary server. Although BitTorrent Sync is limited to the amount of storage space on your own devices, it seems like one of the best options for private individuals. So long as no-one knows your private encryption key, the only way anyone can gain access to your data is if they’re literally holding a gun to your head – in which case, your data probably won’t seem all that important anyway :)
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU