Announcement

Collapse
No announcement yet.

Security and Cloud Computing

Collapse
X
Collapse
 
  • Page of 3
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 template Next
  • #16
    Re: Security and Cloud Computing

    Originally posted by hydruh View Post
    Understood!

    Valkyrie, I apologize, I perhaps am not taking this as seriously as I should.

    Admittedly, I was thinking more about the conceptual twists that make Cloud computing inherently insecure (like structural divisions, elevation of authority problems, and eighteen year old kids with root privilege), not specific 0-day exploits. If you look at what I write, I am not that kind of author (though perhaps I should be.)

    I'll be at 17, and we'll all chat, perhaps.

    S
    No worries. I am not that difficult to find. I suggest you run down Bascule as well, though he may now decide to hide. :-) Others to talk with will be those who have shown up in this forum. I would think that particularly picking Xor's and the Streaker's brains would avail you of some delicious nuggets of knowledge with which to pepper your paper or talk or whatever it is you have in mind.

    You still have to sign a non-disclosure agreement. :-D

    Regards,

    valkyrie
    ______________________________________________
    sapere aude

    Comment

    • #17
      Re: Security and Cloud Computing

      Originally posted by streaker69 View Post
      Those are big concerns of any system, not just cloud computing.
      That is very true.

      My experience has been this - Microsoft and Amazon, especially, and the smaller cloud providers, are pushing to host the big applications on the cloud; those applications that Nationwide and Chase are hosting in their own datacenters are a key focus. Chase wouldn't put their credit card management portal on the cloud, but that is exactly what Microsoft is suggesting is a good idea. The veiled premise is that it is MORE secure because it is the cloud, when really it is less. You don't know where the machines physically are, even. At least when I host with CeraNet, I can go TOUCH the machines.

      I don't know - maybe I am reaching. It seems like there are more problems with virtualization and shard computing than usual application service providers, and yet the focus is to move bigger more important systems there, while the providers are providing less information about the security than even small providers provide about their systems.

      S

      Comment

      • #18
        Re: Security and Cloud Computing

        Originally posted by hydruh View Post
        That is very true.

        My experience has been this - Microsoft and Amazon, especially, and the smaller cloud providers, are pushing to host the big applications on the cloud; those applications that Nationwide and Chase are hosting in their own datacenters are a key focus. Chase wouldn't put their credit card management portal on the cloud, but that is exactly what Microsoft is suggesting is a good idea. The veiled premise is that it is MORE secure because it is the cloud, when really it is less. You don't know where the machines physically are, even. At least when I host with CeraNet, I can go TOUCH the machines.

        I don't know - maybe I am reaching. It seems like there are more problems with virtualization and shard computing than usual application service providers, and yet the focus is to move bigger more important systems there, while the providers are providing less information about the security than even small providers provide about their systems.

        S
        Please look very carefully at the last paragraph you wrote. Reflect on it. Really reflect on it. You are coming to your own conclusions.

        Regards,

        valkyrie
        ____________________________________
        sapere aude

        Comment

        • #19
          Re: Security and Cloud Computing

          Originally posted by valkyrie View Post
          Please look very carefully at the last paragraph you wrote. Reflect on it. Really reflect on it. You are coming to your own conclusions.
          Damn, it's barely a paragraph. It's one sentence. I'm an author? Glad I have editors.

          Reflecting now. Breaking out the absinthe. (Really!)

          S

          Comment

          • #20
            Re: Security and Cloud Computing

            Originally posted by hydruh View Post
            Damn, it's barely a paragraph. It's one sentence. I'm an author? Glad I have editors.

            Reflecting now. Breaking out the absinthe. (Really!)

            S
            I snack on smart asses. :-)

            regards,

            valkyrie
            _________________________________
            sapere aude

            Comment

            • #21
              Re: Security and Cloud Computing

              Originally posted by valkyrie View Post
              I snack on smart asses.
              You broadly misinterpret. I am hardly a smartass. There is a prerequisite of being smart. Comments I make are sincere. You'll see. Look me up at 17. You'll be shocked!

              S

              Comment

              • #22
                Re: Security and Cloud Computing

                Originally posted by hydruh View Post
                You broadly misinterpret. I am hardly a smartass. There is a prerequisite of being smart. Comments I make are sincere. You'll see. Look me up at 17. You'll be shocked!

                S
                Quit trying to flirt with me. :-)

                Regards,

                valkyrie
                -----------------------------------------------------------------
                sapere aude

                Comment

                • #23
                  Re: Security and Cloud Computing

                  Originally posted by valkyrie View Post
                  Quit trying to flirt with me. :-)
                  Damn.

                  S

                  Comment

                  • #24
                    Re: Security and Cloud Computing

                    This talk by Craig Balding was quite good. The A/V should be up in a few weeks. but the slides are here:

                    https://www.blackhat.com/presentatio...ity-slides.pdf
                    PGP Key: https://defcon.org/html/links/dtangent.html

                    Comment

                    • #25
                      Re: Security and Cloud Computing

                      Thank you for sharing. I don't nomally click linkies. Very nice.

                      Comment

                      • #26
                        Re: Security and Cloud Computing

                        Originally posted by valkyrie View Post
                        Thank you for sharing. I don't normally click linkies. Very nice.
                        If you don't click linkies(needs to be added to the dictionary) then how do you circumnavigate the WWW?

                        xor
                        Just because you can doesn't mean you should. This applies to making babies, hacking, and youtube videos.

                        Comment

                        • #27
                          Re: Security and Cloud Computing

                          Originally posted by xor View Post
                          If you don't click linkies(needs to be added to the dictionary) then how do you circumnavigate the WWW?

                          xor
                          Only from trusted advisors. Most of my education is old school. They are called "books." :-D

                          Regards,

                          valkyrie
                          ________________________________
                          sapere aude

                          Comment

                          • #28
                            Re: Security and Cloud Computing

                            That linky was worth it. Thanks, DT. Looking forward to the AV.

                            S

                            Comment

                            • #29
                              Re: Security and Cloud Computing

                              Originally posted by valkyrie View Post
                              Only from trusted advisers. Most of my education is old school. They are called "books." :-D
                              Yes you won't find a multi-headed polymorphic Goatse forever rootkit in one of those.

                              xor
                              Just because you can doesn't mean you should. This applies to making babies, hacking, and youtube videos.

                              Comment

                              • #30
                                Re: Security and Cloud Computing

                                Originally posted by xor View Post
                                Yes you won't find a multi-headed polymorphic Goatse forever rootkit in one of those.

                                xor
                                Probably why my computer is not infected with multi-headed polymorphic Goatse forever rootkits.

                                :-)

                                Regards,

                                valkyrie
                                ____________________________________________
                                sapere aude

                                Comment

                                Previous 1 2 3 template Next
                                Working...
                                X