

Google Cloud Storage now provides server-side encryption - Sami_Lehtinen
http://googlecloudplatform.blogspot.com/2013/08/google-cloud-storage-now-provides.html

======
erkose
Server side encryption? We want client side encryption and the server doesn't
get to know the key.

------
hannibal5
> To help, Google Cloud Storage now automatically encrypts all data before it
> is written to disk, at no additional charge. There is no setup or
> configuration required, no need to modify the way you access the service and
> no visible performance impact. The data is automatically and transparently
> decrypted when read by an authorized user.

In other words, if someone is able to gain remote access to Google Cloud data,
Google handles the decryption for them automatically. Google data centres have
damn good physical security, so getting access by other means is not big
concern.

While this improves security marginally. This is just Google PR move trying to
distract users from the fact that they have the keys and they give those keys
to NSA when they ask for them.

ps. If they would allow users to set and manage the keys as they please, they
would make NSA snooping little more difficult. Instead of having instant bulk
access to everything, they would need to investigate the apps running and that
would involve humans.

~~~
anxiousest
Not every feature is about the NSA nor every upgrade is a "PR move", this is a
standard feature that Amazon also offers, and keeping law enforcement out
isn't its main objective although it would make things a bit difficult for
them since a warrant would be necessary to get the keys as a court order won't
do, but if you are so inclined no one is preventing you from encrypting your
stuff before uploading.

~~~
hannibal5
My understanding is that google cloud storage is not offering disc space. Data
goes always trough their interfaces and databases. That would make difference
to Amazon's offerings.

