

Box hands cloud encryption keys over to its customers - AdmiralAsshat
http://arstechnica.com/information-technology/2015/02/box-hands-cloud-encryption-keys-over-to-its-customers/

======
ecdavis
Seems like it will protect data-at-rest really well. Unfortunately there's
still the issue of the file/Box Key existing[0] in plaintext on Box's servers.
You're trusting them to keep those servers secure against intrustion, and not
to retain copies of the plaintext file/Box Key.

If you use this feature and someone seizes all your existing data from Box
then they'll still need to use your Customer Keys and your HSMs to decrypt it.
Fantastic. If, however, they compromise the servers and start stealing the Box
Keys as they are generated then they'll have be able to decrypt the data
encrypted with those Box Keys. Not so fantastic. It's a trade-off which may be
worth it in some cases, but it's a trade-off nonetheless.

I wish reporters who write about this stuff would challenge the security model
more than just asking Box PR if the service is secure.

[0] In memory, during encryption/decryption.
[https://blog.box.com/2015/02/breaking-the-last-barrier-to-
cl...](https://blog.box.com/2015/02/breaking-the-last-barrier-to-cloud-
adoption-with-box-enterprise-key-management/)

------
robotnoises
Seems cool. I think it's safe to assume that the #1 concern of those unwilling
to store their data in "the cloud" is the (valid) fear that service-provider-X
has the ability to look at your files.

I think it's worth noting that this seems very similar to Spider Oak's zero-
knowledge feature ([https://spideroak.com/zero-
knowledge/](https://spideroak.com/zero-knowledge/)), which they implemented a
long time ago.

