Yahoo Encrypting Data In Wake of NSA Revelations 137
Nerval's Lobster writes "Following reports that the NSA aggressively targets Google and Yahoo servers for surveillance, Yahoo is working to encrypt much of the data flowing through its datacenters. 'As you know, there have been a number of reports over the last six months about the U.S. government secretly accessing user data without the knowledge of tech companies, including Yahoo,' Yahoo CEO Marissa Mayer wrote in a Nov. 18 blog posting. 'I want to reiterate what we have said in the past: Yahoo has never given access to our data centers to the NSA or to any other government agency.' In order to make Yahoo's systems more secure, she added, the company is introducing SSL (Secure Sockets Layer) encryption to Yahoo Mail with a 2048-bit key. That security measure will supposedly be in place by January 8, 2014. Beyond that, Yahoo plans on encrypting all information that moves between its datacenters by the end of the first quarter of 2014. Around that same time, the company will give users the option to encrypt all data flowing to and from Yahoo; it will also 'work closely with our international Mail partners to ensure that Yahoo co-branded Mail accounts are https-enabled,' Mayer wrote. (While it's not a crushing expense for massive companies such as Yahoo, introducing this sort of security does add to infrastructure and engineering costs, and takes time to actually put in place.)"
Re:Which Encryption Scheme is Safest? Can we tell? (Score:5, Informative)
Not mentioned was which encryption schemes Yahoo is considering. Maybe it's simply HTTPS, but is that good enough
HTTPS isn't an encryption scheme, it's a mechanism to establish a (theoretically) secure channel of communications. The actual ciphers to be used are negotiated between server and client, and can range from "You're kidding, right?" (RC4) to "The Federal Government claims it's good enough for Top Secret data." (AES-256)
As with everything, there's a level of third party trust (the certificate authorities) or shoe-leather (exchanging keys in person) that's required regardless of the ciphers you end up using. That's a whole different discussion though.
Re:Which Encryption Scheme is Safest? Can we tell? (Score:5, Informative)
IPSec is no more an encryption scheme than HTTPS. Both are protocols that use authentication and encryption schemes, they just work at different layers of the stack.
Re:Which Encryption Scheme is Safest? Can we tell? (Score:5, Informative)
Yes, that is how encryption works. But if your key is large enough, the time & energy to brute force it will take much longer than your lifespan. As an example I just googled, brute-forcing AES-128 at 10 Petaflops would take 10 quintillion years (10^18). http://www.eetimes.com/document.asp?doc_id=1279619 [eetimes.com]
The _real_ concern is that the NSA knows of weaknesses in these encryption schemes, and doesn't have to brute force it.
Re:Which Encryption Scheme is Safest? Can we tell? (Score:4, Informative)
No one is ever going to brute force a 256-bit symmetric key. Even if you imagine a matrioshka brain (turn the entire energy output of a star into computation) it would take longer than the age of the universe. A 128-bit symmetric key is safe from brute force vs all realistic threats.
If the math is flawed, OTOH, or your "random" key wasn't so random, it's easy (there is deep suspicion about the RNG built into Intel procs these days).
Re:Which Encryption Scheme is Safest? Can we tell? (Score:4, Informative)
It depends on where the "brains" are. Facebook (IIRC) has the redundancy on the backend app layer where coupled with NoSQL, if something drops... there is some redundancy built in somewhere to pick it off, or drop a couple tuples, but the tables still have their integrity. Whole servers can drop off the map, and Facebook will keep going. Isn't pretty, but their model really can handle stuff getting tossed here and there.
Apple, on the other hand, uses Teradata systems with NetApp appliances on the backend, so one large cloud provider does go with the more traditional storage stack model found in the enterprise. However, unlike losing a FB post or two, a user losing chunks of their data would not be a good thing, so Apple's model tends to be more rigidly ACID compliant.