Classified Cloud | TechSNAP 15

Classified Cloud | TechSNAP 15

This week on, TechSNAP!

The UK Government is building a cloud of secrets, but can it ever possibly be secure enough?

Plus we’ll cover the FBI Arresting 16 suspected members of Anonymous, and being prepared when forced to decrypt your laptop!

All that and more on this week’s TechSNAP!

Direct Download Links:

HD Video | Large Video | Mobile Video | MP3 Audio | OGG Audio | YouTube

Subscribe via RSS and iTunes:


Show Notes:

Thanks to the TechSNAP Redditors!

UK Government to use the Cloud to share Restricted Documents

  • Files will be hosted on the UK internal cloud, the Government Secure Application Environment (GSAE)
  • The system will allow civil servants, diplomats and other Government officials to share documents up to the secrecy level IL3, or Restricted
  • “Information marked as Restricted is at a level where the release of the material will have effects such as significant distress to individuals, adversely affecting the effectiveness of military operations, or to compromise law enforcement.”
  • The internal cloud will use SaaS software from established tech startup Huddle.
  • Planned upgrades to the GSAE and Huddle software will allow it to support IL4 or Confidential information
  • “The effects of releasing information marked as Confidential include considerable infringement on personal liberties, material damage to diplomatic relations, or to seriously disrupt day-to-day life in the country.”
  • A possible obstacle to the deployment of a cloud based system for storing classified information is that policy states that the end users must have local disk encryption to be allowed to access the documents

FBI Arrests 16 suspected members of Anonymous

  • 14 of the arrests are related to the attacks on PayPal after they announced they would no longer accept donations on behalf of WikiLeaks
  • The defendants are charged with conspiracy to intentionally damage protected computers
  • The remaining arrests are related to attacks on InfraGard (Affiliated with the FBI) and a former AT&T Contractor who stole files from AT&T and gave them to members of LulzSec
  • Similar arrests were also made in the UK and the Netherlands
  • The charge of “intentional damage to a protected computer” is punishable by a maximum of 10 years in prison and a $250,000 fine, while conspiracy carries a maximum penalty of five years in prison and a $250,000 fine.

US General Criticizes Defense IT Infrastructure

  • The Military and Defense Department use far too many proprietary systems
  • During the 2nd invasion of Iraq, The Army and Marine Corps used different proprietary encrypted radios, and were therefore unable to communicate directly with each other, because of this, they had to be assigned to different areas of the country to avoid running in to each other
  • Proprietary systems meet the states requirements, but are not flexible and require a long time to modify or adapt the hardware and software.
  • The General places most of the blame on the procurement process, and contractors who design their systems to be proprietary.
  • The Federal CIO worries about the IT Cartel, a small group of companies that understand the Government IT Procurement process better than other companies, and get a disproportionate share of contracts.

DoJ asks Federal Judge to order Defendant to Decrypt Laptop

  • A woman being accused of mortgage fraud is contesting a court order that she provide the decryption key for her laptop
  • The laptop was seized during a raid of her home
  • This case could set the president, as no Appeals Court has yet ruled on whether such an order would violate a defendant’s 5th amendment right to not incriminate themselves.
  • The DoJ goes on to state that “Public interests will be harmed absent requiring defendants to make available unencrypted contents in circumstances like these”. Failing to compel defendants amounts to a concession to potential criminals (be it in child exploitation, national security, terrorism, financial crimes or drug trafficking cases) that encrypting all inculpatory digital evidence will serve to defeat the efforts of law enforcement officers to obtain such evidence.
  • Prosecutors clarified that they were not asking for the pass phrase it self, and that the defendant would be allowed to enter the pass phrase on the computer without anyone looking over her shoulder
  • The U.S. Supreme Court already affirms that defendants can be forced to provide fingerprints, blood samples, or voice recordings, however past rulings have affirmed that a defendant cannot be forced to disclose the contents of their mind.
  • The EFF filed a brief supporting the rights of the defendant, stating “Decrypting the data on the laptop can be, in and of itself, a testimonial act–revealing control over a computer and the files on it“ and “Ordering the defendant to enter an encryption password puts them in the situation the Fifth Amendment was designed to prevent: having to choose between incriminating themselves, lying under oath, or risking contempt of court“
    Submitted by: port-forward-podcast


Bitcoin Blaster:

Question? Comments? Contact us here!