p*******m
发帖数: 20761 | 1 PRISM and other recent revelations put a touch of gray in Chrome's silver
lining.
by Sean Gallagher - Sept 11 2013, 6:20pm EDT
CLOUD NATIONAL SECURITY PRIVACY
53
Moridin_
NSA LEAKS
NSA hands raw intel to Israel, hopes it respects limits on usage
New York Times provides new details about NSA backdoor in crypto spec
Of course NSA can crack crypto. Anyone can. The question is, how much?
Long-shot bill forbidding NSA backdoors in encryption has renewed attention
Spooks break most Internet crypto, but how?
View all…
As Andrew Cunningham reported today, Intel and Google are announcing an
upcoming onslaught of new Google Chromebooks based on Intel's Haswell
architecture processors. The idea of a cloud-tethered notebook that can keep
its owner connected over Wi-Fi and broadband all day long—in some cases
for less than the price of a shiny new Apple iPhone—is going to be awfully
appealing to many.
And without a doubt, no one will be happier than the National Security
Agency (NSA) and law enforcement. While Google's cloud computing has
provided a platform for the company to grab a big chunk of the low-cost
notebook market and upend Microsoft's Windows applecart, the recent NSA
leaks by Edward Snowden have put the cloud under... a cloud.
There are some places where this isn't going to necessarily have much impact
on Google's market ascension. Google has steamrollered the education market
with Google Apps, and the low-cost Chromebook is a natural fit for the
classroom. My middle-school-aged daughter now is required to have a Google
account for school so she can be linked into her teacher's shared documents;
the Chromebook's connection to Google credentials means that she can share
a device with classmates and the school doesn't need IT support to provision
accounts on them.
The Chromebook is also an interesting development platform in many ways—the
recent functional additions to the Google Apps platform have made it more
developer friendly, and collaborative applications live much more happily in
a cloud-connected environment than they do in synchronized caches on
devices scattered from here to hell and back.
And Chromebooks are designed to receive a lot more information from the user
than a tablet might. I've been testing a Chromebook Pixel since June's
Google I/O event, and the top-end Chromebook has its charms (though its $1,
400 price tag is not among them). The Pixel's big and bright touchscreen,
built-in 4G wireless and long battery life make it a somewhat reasonable
alternative to tablets for applications heavy on data entry from a keyboard.
The new Haswell systems will undoubtedly take many of those advantages and
run with them.
But Haswell won't mitigate paranoia over cloud security and compliance, of
course. Google has taken many steps forward in easing businesses' concerns
over the security of Google Apps over the past few years. But the
revelations about the NSA and FBI's PRISM program have added new doubts,
particularly outside the US, about the wisdom of putting everything in
Google's (or any other cloud provider's) basket.
Furthermore, the Chromebook is everything a government watchman could want—
even without Google Apps data and Gmail, it could give those with network
monitoring capabilities a way to pinpoint the location of a credential-
holder via 4G wireless (thanks, Verizon).
If recent revelations from Brazil are correct, Chromebook plus a government-
forged Google certificate equals a man-in-the-middle attack against the SSL
security of Google's services—and a way for the government to read all of
your e-mails and documents as they pass back and forth through an Internet
chokepoint to and from your browser.
None of this is necessarily Google's fault. But it's a weakness of the
browser as platform—by pushing nearly all the computing resources for
applications, beside presentation, back up into the cloud, the Chromebook
model creates a one-stop shop for attackers or observers to inject
themselves into your computing world. As the Syrian Electronic Army has
proven, it doesn't take the power of the NSA to breach a cloud-based
infrastructure—just one bad click on a link and users can give over the
keys to their entire digital lives.
Google has addressed some of the security issues around the Chromebook and
Google Apps model with its two-factor authentication. But until Google can
protect its users' data (physically and legally) at the same level that
users can protect themselves by keeping their data encrypted in their own
offices and homes, the Chromebook is going to be very popular at Fort Meade
—not as something they use, but as something they hope everyone else uses.
I don't worry about the NSA reading my daughter's homework (that much), but
I've grown increasingly wary about whether they're checking what comes into
my work mailbox.
好像google是nsa家开的 |
|
