Privacy & Security UK

187 readers

2 users here now

A place to talk online privacy and security. From Personal VPNs to data breaches and everything in between, there should be something for everyone. No matter if you are a seasoned professional, believe you should control your own data or just wanting to know more, let chat.

Rules

The rules are simple:

Keep it clean
Respect the community
Share the knowledge
No question is a stupid one (unless it is)

Other privacy communities

Privacy Guides

founded 1 year ago

MODERATORS

[email protected]

Severe flaws in E2EE cloud storage platforms used by millions (www.bleepingcomputer.com)

submitted 2 days ago by [email protected] to c/[email protected]

0 comments fedilink hide all child comments

Several end-to-end encrypted (E2EE) cloud storage platforms are vulnerable to a set of security issues that could expose user data to malicious actors.

Cryptographic analysis from ETH Zurich researchers Jonas Hofmann and Kien Tuong Turong revealed issue with Sync, pCloud, Icedrive, Seafile, and Tresorit services, collectively used by more than 22 million people.

The analysis was based on the threat model of an attacker controlling a malicious server that can read, modify, and inject data at will, which is realistic for nation-state actors and sophisticated hackers.

The team comments that many of the discovered flaws directly oppose the marketing promises of the platforms, which create a deceptive and false premise for customers...

no comments (yet)

sorted by: hot top controversial new old

there doesn't seem to be anything here