Let Me Make This Crystal Clear
The Market Ticker - Commentary on The Capital Markets
Login or register to improve your experience
Main Navigation
Sarah's Resources You Should See
Full-Text Search & Archives
Leverage, the book
Legal Disclaimer

The content on this site is provided without any warranty, express or implied. All opinions expressed on this site are those of the author and may contain errors or omissions. For investment, legal or other professional advice specific to your situation contact a licensed professional in your jurisdiction.

NO MATERIAL HERE CONSTITUTES "INVESTMENT ADVICE" NOR IS IT A RECOMMENDATION TO BUY OR SELL ANY FINANCIAL INSTRUMENT, INCLUDING BUT NOT LIMITED TO STOCKS, OPTIONS, BONDS OR FUTURES.

Actions you undertake as a consequence of any analysis, opinion or advertisement on this site are your sole responsibility; author(s) may have positions in securities or firms mentioned and have no duty to disclose same.

The Market Ticker content may be sent unmodified to lawmakers via print or electronic means or excerpted online for non-commercial purposes provided full attribution is given and the original article source is linked to. Please contact Karl Denninger for reprint permission in other media, to republish full articles, or for any commercial use (which includes any site where advertising is displayed.)

Submissions or tips on matters of economic or political interest may be sent "over the transom" to The Editor at any time. To be considered for publication your submission must be complete (NOT a "pitch"; those get you blocked as a spammer), include full and correct contact information and be related to an economic or political matter of the day. All submissions become the property of The Market Ticker.

Considering sending spam? Read this first.

2016-10-21 12:43 by Karl Denninger
in Technology , 373 references Ignore this thread
Let Me Make This Crystal Clear *

Public cloud computing, that is, computers at a remote location you do not own but lease space on, which have a hypervisor and clients running under it where you do not have complete, 100% control of said hypervisor are not secure.

If you have allegedly "encrypted" data there that is accessed, modified and used on said machine then the key to decrypt said data must also be on the machine and unprotected so it can be used.  If that is the case it can be trivially stolen since the hypervisor has complete access to all of the memory and disk resources of the client process and once stolen any pretense of security vanishes like a fart in the wind.

This is the lesson of the Wikileaks "Podesta" and related hacks.  It is not that Russia was involved (or not), it is not whether the "hack" was criminal, it is nothing of the sort.  It is that many of these people had their data (email in this case) on a public cloud environment and said environment was trivially broken into and the data stolen within minutes of being targeted.

The media and "business channels" have not and will not talk about this underlying fact for the simple reason that a huge percentage of the current market bubble is being driven and sustained by these so-called "innovations" and what they've done to market valuation.

This is continually claimed to be the "future" of corporate computing, but if you follow this road, embrace this path, and do so with data that needs to be secure then this is what's coming to you the moment your data is specifically targeted, whether you like it or not.