Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cloud anything + privacy = evil


  • Please log in to reply
7 replies to this topic

#1 shadow_647

shadow_647

  • Banned
  • 1,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:59 AM

Posted 11 December 2016 - 08:18 PM

Seems so many programs of late are using one stile or a another of cloud based computing, problem is the min the data is off your computer you no longer know who has access to it and from a privacy point of view that hell.

 

Just look at the new cloud base anti-virus setups, thing's are like full remote access backdoor to your computer and any file they want they can take "they can see everything on your computer" and it just get sent to AV home base or disappears in to the cloud.

 

So what do you all think about cloud computing when it comes to privacy ?

Do we need more leaks like edward snowden did to wake people up ?

 

http://www.youtube.com/watch?v=5yB3n9fu-rM

 

https://technet.microsoft.com/en-us/library/jj554305.aspx

 

http://www.computerworld.com/article/2476331/cloud-security/no-cloud-privacy-or-security--if-nsa-wants-your-cloud-data--be-big-boys-about-it-.html

 

http://www.cepis.org/index.jsp?p=641&n=825&a=4758



BC AdBot (Login to Remove)

 


#2 JohnC_21

JohnC_21

  • Members
  • 24,312 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:59 AM

Posted 11 December 2016 - 08:27 PM

If I was using any other cloud service besides SpiderOak to upload personal data I wanted to stay private I would encrypt the data into a Veracrypt container before uploading it.



#3 TsVk!

TsVk!

    penguin farmer


  • Members
  • 6,234 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Antipodes
  • Local time:01:59 AM

Posted 11 December 2016 - 09:04 PM

Even standard antivirus software has a fully fledged backdoor into your system. It can see any file and can created encrypted streams between the application and the provider server.

 

There have been times when monitoring traffic that here we've noticed massive uploads (2GB) being sent to Kaspersky servers. Whether or not that was 12 months worth of scan logs from our domain or something else, we'll never know. There is a implied trust relationship when you use software that has this type of capability.

 

But yeah totally... cloud data services. This has so many flaws. Oh so many.



#4 shadow_647

shadow_647
  • Topic Starter

  • Banned
  • 1,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:59 AM

Posted 11 December 2016 - 09:29 PM

i hear ya john, id probably encrypt anyways just for the hell of it before hand.

 

Even standard antivirus software has a fully fledged backdoor into your system. It can see any file and can created encrypted streams between the application and the provider server.

 

 

Well My AV can't, everything blocked at a firewall level but it douse still try and phone home from time to time for unknown reasons.



#5 TsVk!

TsVk!

    penguin farmer


  • Members
  • 6,234 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Antipodes
  • Local time:01:59 AM

Posted 11 December 2016 - 09:35 PM

 

Even standard antivirus software has a fully fledged backdoor into your system. It can see any file and can created encrypted streams between the application and the provider server.

 

 

Well My AV can't, everything blocked at a firewall level but it douse still try and phone home from time to time for unknown reasons.

Maybe it wants updates?



#6 shadow_647

shadow_647
  • Topic Starter

  • Banned
  • 1,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:59 AM

Posted 11 December 2016 - 10:23 PM

So it would seem, can't turn that off in avira for some reason, just checked, and i don't touch anything that's cloud my self and a AV that wants a network connection i don't see the point and i don't need or want that my self.

 

All the AV of late seem to be going cloud, sad.

In in nut shell what their doing is they made a botnet only this time its a defense stile botnet with full admin rights to everyone's computer that their software is installed on, sadly its still a botnet, and one that makes your privacy a big fat zero.

 

I don't know whats worse sometimes, the people trying to infect computers with no legal agreements or the ones trying to infect computers but come with legal agreements, they both end up trying to make you their slave.



#7 TsVk!

TsVk!

    penguin farmer


  • Members
  • 6,234 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Antipodes
  • Local time:01:59 AM

Posted 11 December 2016 - 10:56 PM

I could so derail this with Winspy 10 chatter here, but I won't digress.

 

I think the updates are required to maintain the best protection the service can provide as anti-virus applications are generally signature based. It's a good thing, not something most would recommend blocking.

 

The other problem with cloud based solutions is dependence on network. I know it's not an issue for many, but  it's not that uncommon to have the internet cut because of floods or cyclones in this area. If all my stuff was on the cloud not only would I have no internet but none of my files and services also. What a mess.



#8 shadow_647

shadow_647
  • Topic Starter

  • Banned
  • 1,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:59 AM

Posted 12 December 2016 - 12:19 AM

True, didn't think of that, of cores if theirs a cyclones chances are the power going to go out too and a UPS power setup won't power a computer for long unless its a laptop then your golden, still no internet though.

 

Ps: im a true hater of Winspy 10 too

 

I think the updates are required to maintain the best protection the service can provide as anti-virus applications are generally signature based. It's a good thing, not something most would recommend blocking.

 

 

true, but when it comes to privacy im a tin-foil hat my self,i like having my update's in full installers only that are downloaded manual stile only, anything that phones home and send out a ping all the time is like a IP/GPS tracker for my pc imho.

i don't even like Avira update downloader tool for signature updates, imho is just a Trojan to farm data and theirs no reason why i shouldn't be able to download updates from a FTP server when using TOR/I2P/proxy network or a VPN of any reason. Don't know why anyone would do it that way besides "A" to farm data off someones computer or "B" try and install trash i don't want, its relly the only two reasons that make sense logically for doing it that way.

 

Mostly i just use avira heuristic on max level all files everything enabled.

 

just installed the newest version of Avira a feu min before i started typing this and reset my firewall rules for that AV, my god it trys to phone home a lot and pounded on the firewall and yet everything on the phone home topic is disabled as best i can tell besides checking for updates once per 22 days "that's max" i can't 100% turn it off the check for updates.

 

anytime i try and touch anything in the AV it provokes his on the firewall.

 

seems it wants 185.123.227.13 & 62.146.210.33,62.146.210.31 ips all on port 80.

since installing the newest version iv had to make a total of 12 rules to block it and counting, at lest when i installed it it asked me if i wanted to use cloud "NO" and "ask me" before sending any file "YES"

 

And no i didn't read avira privacy agreement, probably a sack of poo anyways judging from how well it like to pound on my firewall.

 

The black listing way "signature" is kind of fail in any case, its how anti-virus software was first setup in the old days but sadly the way it works is it needs to know what its looking for and has to be something that's known, if you use polymorphic code and mix it up as to were and how it installs all the way around this way of finding unwanted code fails hard.

 

Clam AV still uses this stile of finding unwanted code last i checked.

 

White listing works better then this setup, it acts like everything that's not known is evil and blocks it, till someone checks the code out at HQ your not allowed to use it, why theirs no anti-virus or anti-spyware in most of the Linux distros iv seen, Linux mint is setup like that, to download anything you have to use app's that built in to the Os and all the programs that are listed have all ready bin checked out and bin labeled as safe.

 

Cloud based AV im shoure is the best way but it rapes your privacy and i don't want to be part of a botnet that can take anything off my computer anytime it wants.

 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users