[AusNOG] Australian based cloud storage

Mark Delany g2x at juliet.emu.st
Sun Oct 25 15:06:31 EST 2020


> But what they *say* is irrelevant. Security is not about intention,
> it's about capability. If you want your data absolutely positively
> secret, encrypt it.

And of course if you trust/verify the SDKs, there is always "Using Client-Side Encryption"
https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html which
excludes the possibility of the cloud provider disclosing on *any* basis whether LEA
orders or self-serving content scanning.

Personally, I think that by the time you're issuing an "aws s3 cp", the contents should
already be encrypted as out-sourcing data security seems antithetical to me.


Mark.


More information about the AusNOG mailing list