
Cloud Encryption Is Worthless - mooreds
https://www.chrisfarris.com/post/cloud-encryption/
======
dane-pgp
> What are the most likely vectors of information disclosure or alteration in
> the cloud? Is it Ninjas descending on us-east-1a to steal the hard-drives
> your data is stored on?

Why doesn't AWS use full disk encryption everywhere, such that the ninjas
would find only random-looking data once they plugged the drives into the
machines back at their base?

Arguably people wouldn't want to pay the financial and performance cost for
this security if they are just hosting publicly downloadable files in their S3
buckets, but I would hope that the cost would be negligible these days.

