Wuala update

After my earlier post concerning Wuala I was contacted by Dominik Grolimund, the CEO of Wuala, who provided me with additional information and asked me to post an update.

First, the comment I quoted from Dominik's interview with Allan Stern concerning the CIA and "top secret" was a mistake, and the interview has already been corrected to replace "used by the CIA for top secret files" with "state-of-the-art encryption" (which is a fairly reasonable thing to say about AES at least). I wish reporters were so accommodating when I pointed out mistakes in their stories!

Second, Dominik provided some of the details which, while critical to the overall security of a system, weren't mentioned on the Wuala website:

Overall, I can't say that my correspondence with Dominik has made me eager to try out Wuala as it currently exists. On the positive side, as Dominik has pointed out, they're still in alpha testing, and have lots of time to get the security details right before Wuala enters widespread use. Dominik certainly seems interested in fixing the problems (which is more than I can say for certain other people) so we'll have to wait and see -- hopefully the Wuala website will be updated at some point to describe how all of these issues are being addressed, so that Wuala's security can be assessed without needing to get into an email exchange.

UPDATE 2008-11-07: Wuala's security has significantly improved.

Posted at 2007-10-26 23:15 | Permanent link | Comments

Happy birthday Portsnap!

Three years ago today, I announced the availability of the first version of FreeBSD Portsnap. Almost a year later, in August 2005, Portsnap was added to the FreeBSD base system, and since then it has grown to four official mirrors and now supports almost 40 thousand users -- not bad for a three year old. Happy birthday Portsnap!

Posted at 2007-10-26 21:00 | Permanent link | Comments

Wuala: Willful ignorance, or fraud?

Like most people working in the areas of cryptography and computer security, I come across wild and unsubstantiated claims quite frequently. In early 1999, Bruce Schneier famously provided a list of nine signs that you might be dealing with cryptographic snake oil; unfortunately, snake oil has become more sophisticated, and even the crypto-illiterate have become buzzword-literate, so separating the good from the bad has become far more difficult in the past 8 years.

Earlier today, I came across an interview between Allan Stern and Dominik Grolimund, the CEO of the online storage and file-sharing startup Wuala. Partway through, I found the following question and answer (italics are mine):

Allen: Can you discuss the security - if I upload files and they are stored on another person's computer, can they access my files?
Dominik: No, they can't, not at all! Privacy is a very important issue for us. All files are encrypted on your computer, before anything is uploaded. All encryption and decryption performed locally (again an advantage if you have software running on the client). Your password never leaves your computer, so that no one, not even our team can see what files you store or share with friends. In Europe, privacy is an important issue and we think that everyone should have a place where he can store files privately. A lot of people are concerned if all their data is stored on servers of big corporations, which is why a lot of users do not use Gmail etc. In our system, everything is encrypted and the encryption is used by the CIA for top secret files.

This brings to mind Schneier's Warning Sign #7 -- Unsubstantiated claims -- and his reference to companies which claim "military-grade" security. Moving to the Wuala website, I find the following edifying paragraph:

Security is a key design issue in Wuala: All files stored in Wuala are encrypted and all cryptographic operations are performed locally. Your password never leaves your computer - so no one, including us, can access your files unless you publish them. Wuala employs the 128 bit AES algorithm for encryption and the 2048 bit RSA algorithm for authentication.

This immediately indicates that Dominik's claim of "used by the CIA for top secret files" is bogus: The US Committee on National Security Systems Policy No.15 states that "TOP SECRET information will require use of either the 192 or 256 [bit] key lengths [of AES]". Since 128-bit AES is not 192-bit AES or 256-bit AES, the cryptography used by Wuala may not be used by any US Governmental agency for top secret files.

More important than what the Wuala website says, however, is what it doesn't say. A block cipher algorithm is only one small component of a complete encryption system: As the aforementioned Policy No.15 comments, "NSA-approved cryptography consists of an approved algorithm; an implementation that has been approved for the protection of classified information in a particular environment; and a supporting key management infrastructure". Even if you're not planning on using an encryption system for protecting classified information, it's worth listening to the NSA; Wuala's security depends on all of the following factors, none of which are disclosed:

All told, I think Diminik Grolimund falls more into the category of "willfully ignorant" -- he doesn't understand cryptography, and he apparently hasn't made any attempt to consult people who do. But whether he's deliberately lying about the security of Wuala of actually believes what he claims -- that the encryption used by Wuala is used by the CIA for top secret files -- doesn't really matter in the end: If you care about your data, don't trust him with it.

UPDATE 2007-10-26: See my more recent post for more information about Wuala.
UPDATE 2008-11-07: Wuala's security has significantly improved.

Posted at 2007-10-21 06:15 | Permanent link | Comments

Portsnap builds back online

Portsnap builds were offline over the weekend due to a hardware failure. As a result, the portsnap mirrors were not being updated; systems which ran portsnap would update to 2007-09-29 09:40 UTC, and thereafter report "No updates needed / Ports tree is already up to date".

The failed hardware has been dealt with and portsnap builds are now running again, so portsnap should now return to being within 1-2 hours of cvsup-master's ports tree.

Posted at 2007-10-02 09:30 | Permanent link | Comments

Recent posts

Monthly Archives

Yearly Archives