Select Page

Not without my data: property and security

by

Blog | Cybersecurity

Insights
Insights

El volume of data generated per second it is growing almost uncontrollably. So much so that it gave us just enough time to name it: «Big data"(I believe that this time it was not necessary a world congress to baptize the offspring), just before starting to abuse him.

This creature feeds on popular cloud storage services (the acquaintances dropbox, Sugarsync, GDrive, SkyDrive, Box and a thousand more, some of them automatic). Companies are capable of generating a large volume of data, which remains an anecdote compared to the aggregate capacity of all Internet users: photos, videos, geographic data, social networks, etc. all seasoned with a good dose of compulsive replication. Almost nothing.

But we are not going to discuss in this article where this takes us technologically. There are already good entry points, such as «a little introduction»Of the tireless Enrique Dans.

Assuming that the bug will be large and that we will have technology to tame it, what I want to share with you is my concern for a couple of details, which are on the way to being "Collateral damage".

1.- In case the joke that software manufacturers bring with their null functional commitment to the programs they sell or deliver to us (see entry "This software is delivered as is"), now they have decided to get their hands on the result of the use of their programs. Did I say "reach out"? nerd! I must say:  Stay directly with our data!.

Sounds ugly, right? Exaggerated even, we might say. Look, I almost put a I facilitate example and each oneself.

Clause: Your content in our Services
 
Some of our services allow you to submit content. If you do, you will continue to be the owner of the intellectual property rights you have over that content. Simply put, what belongs to you is yours.
 
When uploading content or by sending it by other means to our Services, you grant Morroogle (and its contributors) a worldwide license to use, host, store, reproduce, modify, create derivative works (for example, those that result from the translation, adaptation or other changes that we make so that your content is better adapted to our Services), communicate, publish, perform or publicly display and distribute such content. Morroogle will use the rights conferred by this license solely for the purpose of providing, promoting and improving the Services and developing new services. This license will remain in effect even when you stop using our Services. (for example, in the case of a business listing that you have added to Morroogle Maps). Some Services allow you to access the content you have provided and remove it. In addition, some of our Services include conditions or adjustments that limit our use of the content that has been sent to them. Make sure you have the necessary rights to grant us this license to any content you submit to our Services.
 
Cloud + Thief2-300x246For more information on how Morroogle uses or stores content, see the privacy policy or additional terms of each Service. Morroogle may use the comments or suggestions that you send in relation to our Services without any commitment.  

Just remember the case of Google, which has unified its Terms of Service after the pressure received in Europe. And they keep fighting.

A clear line of future development in morroogle would be to minimize the number of Services that «allow access to the content you have provided and delete it", no?

Viewed.

2.- We are talking about data. Then, How are we doing security?.

Temita tricky where they exist. Once again, we have some Germans coming to the rescue: the security department of the German Fraunhofer institute (no less) has produced a report [PDF in English] over seven cloud storage services.

In summary, we will say that the security of the following services has been analyzed:  CloudMe, CrashPlan, dropbox, Mozy, TeamDrive, Ubuntu One y Wuala. The functions examined being the copy, backup, synchronization and exchange, based on the fact that they are services directly accessible by means of a client software installed locally.

For not making you suffer, the fundamental conclusions are that there are different vulnerabilities that affect registration and login, encryption and shared access to data from various services. The worst stopped was CloudMeCrashPlanTeamDrive y Wuala they are criticized for not using the SSL / TLS standard. TO dropbox y Ubuntu One they jolt them because the service provider can read the stored data.
Triptych_Cloud_CGAE-300x298To top it off, a section is also dedicated to Legal issues. It turns out that data stored by US companies does not enjoy the same level of protection as that offered by European firms. But for this topic you don't have to go that far either. The General Council of Spanish Law has issued a report «Use of 'cloud computing' by law firms and protection of personal data«, Along with a diptych worked, whose understanding we recommend.

 

In short: there is still a long way to go.

If you have been wanting, you have a somewhat more extensive summary on the blog of the friends of Follow Info News. In any case, I can assure you that if, unfortunately, you are victims of any of these weaknesses, I will not be the one to chase you by saying "I told you so !!" … or if? 😉

Finally, to degrease, if we go back to the first paragraph we have no choice but to acknowledge that they have been very clever NOT by calling the phenomenon this «big information»... because come on, whoever does not have the same photo repeated seven times ...

Put it in the comments and we'll adore you in our Hall of Fame! 😉

                                         

Updated:

(January 11, 2013)
Movistar shut down your Terabox cloud disk service ... for the (almost) bravas.

More details at:

Movistar seized personal documents of its clients at Christmas
- About closing Terabox en Movistar Community

(February 01, 2013)
Telefonica (Movistar) launches the service "Virtual Hard Disk in Network" for companies to store their data safely. It is a service based on the solution of CTERA Networks, which combines cloud storage with local storage with NAS to Cloud functionality.

Interesting product, more details in:

-  Telefónica launches the "Virtual Hard Disk in Network" service
- CTERA Networks products (from the hand of Exevi)

 

 

 

 

Miguel Ángel Nicolaus

Miguel Ángel Nicolaus

Miguel Ángel is CIO, Director of Innovation and co-founder of Panel Sistemas. Follow @ mnicolao11 on Twitter, or visit their profile at Analysis. You can also contact him via e-mail at this address.

Leave us your comment

1 Comment

  1. David Gutiérrez
    David Gutiérrez on October 10, 2013 at 10:29 am

    Very interesting topic that we should not ignore, and more so with everything we hear lately with the topic of spying on the network (Snowden case for example).

    Therefore, it is more than advisable to always read the conditions of service before signing up for services such as Facebook, Twitter, etc ... as you already mentioned in another post.

    There is an Open Source tool called OwnCloud that is used to create your own cloud and save the data on your own infrastructure. http://owncloud.org.

    By the way, the link page "Use of cloud computing by law firms and protection of personal data" cannot be found.

    Reply

Trackbacks / Pingbacks

  1. Is it possible to deploy a private "dropbox"? | The Blog of Panel Sistemas - […] of mobile files). As platforms that they are, there are several aspects to consider when choosing a partner: legal restrictions on treatment ...
  2. Is it possible to deploy a private "dropbox"? - Panel Sistemas Informáticos, a Spanish software development company, software quality services and IT outsourcing. - […] of mobile files). As platforms that they are, there are several aspects to consider when choosing a partner: legal restrictions on treatment ...

Send a comment

Your email address will not be published. Required fields are marked with *

You may also like:

Share This