TechWhirl (TECHWR-L) is a resource for technical writing and technical communications professionals of all experience levels and in all industries to share their experiences and acquire information.
For two decades, technical communicators have turned to TechWhirl to ask and answer questions about the always-changing world of technical communications, such as tools, skills, career paths, methodologies, and emerging industries. The TechWhirl Archives and magazine, created for, by and about technical writers, offer a wealth of knowledge to everyone with an interest in any aspect of technical communications.
Subject:Re: OT: how safe is "the cloud"? From:Ken Stitzel <kstitzel -at- symplified -dot- com> To:Tech Whirl <techwr-l -at- lists -dot- techwr-l -dot- com> Date:Thu, 7 Jun 2012 12:22:47 -0600
Lauren,
Thanks for the link. The other responders are correct. The article is
unrelated to the LinkedIn hack (at least as far as we know--LinkedIn will
probably be very reluctant to go into details).
The researcher in the article basically rented some computers online from
Amazon because they could crunch more numbers more quickly than his own
computers. That's one of the "cloud" services that Amazon offers.
But then he used that rented computing power to break a widely used (and
old) security algorithm. (The algorithm is just a recipe for making
information more secure while it flies over the wires of the internet. The
recipe makes it look like gibberish or hash. SHA-1 stands for Secure Hash
Algorithm-1. There are also other uses for hash functions.) The fellow in
the article didn't do anything wrong, nor did Amazon's cloud service. He
actually did a service to people that run things on the internet by showing
that SHA-1 is not secure anymore. People who want to protect the encoded
signals zooming around on the internet just need to use a stronger
recipe--and there are plenty.
No shame in admitting you don't know the technology. I know enough to put
my foot in my mouth from working on several security/cloud-related
projects. It's not so hard once you learn it, but the concepts seemed very
strange to me at first. (Just don't put me in charge of locking down the
servers!)
Ken
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Create and publish documentation through multiple channels with Doc-To-Help. Choose your authoring formats and get any output you may need.
Try Doc-To-Help, now with MS SharePoint integration, free for 30-days.