Re: The cloud can leak!

[Rich Kulawiec <rsk () gsp org>]

On Mon, Sep 01, 2014 at 11:46:14AM -0700, Rob, grandpa of Ryan, Trevor, Devon & Hannah wrote:
> Whoever would have guessed it!

Of course every government on this planet which possesses sufficient
resources has long since placed its own personnel inside iCloud and
EC2 and Azure and every other cloud. [1]  These might be dedicated long
term employees who are enjoying two paychecks or they might be temporary
conscripts "hired" via traditional methods such as blackmail or bribery.

It's an obvious, cost-effective, low-risk/high-reward tactic with a very
high probability of success, since nearly all the defenses deployed
by these operations face out, not in.

And, perhaps relevant to this news story, governments are not the only
operations with budgets sufficient to support this.  Other entities may
not be able to achieve coverage as broad and deep, but even temporary
engagements (as in "manila envelope full of tax-free income") will no
doubt suffice in many cases.

---rsk

[1] The same is no doubt true of Yahoo and Google and Facebook and
Pinterest and every other large operation of interest.
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.