Daily Archives: May 27, 2016

Apple hires Encryption Expert to Beef Up Security on its Devices

 

Apple
The FBI and other law enforcement agencies have waged legal war on encryption and privacy technologies.

You may have heard many news stories about the legal battle between Apple and the FBI over unlocking an iPhone that belonged to the San Bernardino shooter. However, that was just one battle in a much larger fight.

Now, in an effort to make its iPhone surveillance-and-hack proof, Apple has rehired security expert and cryptographer Jon Callas, who co-founded the widely-used email encryption software PGP and the secure-messaging system Silent Circle that sells the Blackphone.

This is not Apple’s first effort over its iPhone security.

Just a few months back, the company hired Frederic Jacobs, one of the key developers of Signal — World’s most secure, open source and encrypted messaging application.

Now Apple has rehired Callas, who has previously worked for Apple twice, first from 1995 to 1997 and then from 2009 to 2011.

During his second joining, Callas designed a full-disk encryption system to protect data stored on Macintosh computers.

Apple’s decision to rehire Callas comes after rumors that the company is working on improving the security of its iOS devices in such a way that even Apple can’t hack.

“Callas has said he is against companies being compelled by law enforcement to break into their own encrypted products,” the report reads.

“But he has also said he supports a compromise proposal under which law enforcement officials with a court order can take advantage of undisclosed software vulnerabilities to hack into tech systems, as long as they disclose the vulnerabilities afterward so they can be patched.”

Earlier this year, Apple was engaged in a battle with the US Department of Justice (DoJ) over a court order asking the company to help the FBI unlock iPhone 5C of San Bernardino shooter Syed Farook.

Basically, the company was deliberately forced to create a special, backdoored version of its iOS, so that the FBI may be able to Brute Force the passcode on Farook’s iPhone without losing the data stored in it.

Although Apple refused to do so, and now the Apple wanted to remove its own ability to break its iPhone security in future iPhone models, thereby eliminating the chances for government and intelligence agencies for demanding backdoors.

 

What is the cloud and how does it work, “Unlock the Cloud”. Part 2

Unlock_the_Cloud

We  kicked off a  cloud series called, “Unlock the Cloud” yesterday. In this blog, we talk about established and emerging cloud services that are contributing to the dramatic 19.4% compound annual growth rate in public cloud services spending, from $70 billion in 2015 to $141 billion by 2019.

Many enterprises are juggling three primary “as-a-service” categories to best scale their business and IT service delivery via the cloud: Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS) and Software-as-a-Service (SaaS). These services enable organizations to build, deploy and buy virtualized computing resources using more cost-effective, pay-as-you-use pricing models that have changed the way companies everywhere are consuming IT. Here’s a look at all three and some of their data-driven, cloud storage offshoots.

IaaS (Infrastructure as a Service)

Imagine an IT service delivery infrastructure that you don’t have to purchase, house, manage or update. IaaS makes all of your physical and virtual computing resources (compute, storage, operating systems and to some extent networking, etc.) accessible as you need them. The main benefit is you can still design and control the IT infrastructure you want without investing heavily in CAPEX and OPEX.

PaaS (Platform as a Service)

PaaS falls somewhere in between SaaS and IaaS. What makes it distinct is that it enables you to develop and deploy applications using the programming languages, libraries, services, and tools supported by the PaaS provider to bring products and services to market faster. So application developers don’t have to worry about available computing resources because they can leverage the PaaS provider’s IaaS environment, as well as its SaaS-like application development tools and hosting services.

SaaS (Software as a Service)

Don’t want the expense or hassle of deploying and revving applications? Then SaaS is the way to go. Companies don’t need to own or maintain software applications, and updates can be delivered in real time versus waiting for them to be pushed out by IT. Just run a thin-client or Web browser on your device of choice to access a wealth of applications over the Internet as needed (Yes, there’s an app for that!).

Much of the confusion around these services is rooted in the fact that many cloud providers now offer all three. That makes it almost impossible to differentiate each type of service by provider. The real work for your business will be to decide which services and providers best match the workloads you are trying to support.

Cloud Storage Offshoots

Cloud Storage services could possibly mash-up into one of the fastest growing niche cloud service markets based on their growing prevalence along-side SaaS, IaaS and PaaS offerings. Here are some notable cloud storage services:

STaaS (Storage-as-a-Service) – You’re using SaaS if you are storing photos from your smartphone or sharing documents with other users. As the amount of data increases and storage costs rise exponentially, parking portions of your personal and business storage in the cloud is inevitable.

DBaaS (Database-as-a-Service) – The complexity of database management often requires a team of database administrators to select and maintain single or multiple database platforms, and continuously optimize them. DBaaS eliminates the need for costly management resources and storage infrastructure by placing the burden on the DBaaS provider.

DRaaS (Disaster-Recovery-as-a-Service) – DRaaS eliminates the muss, fuss and cost of physically creating and maintaining a geographically separate data center for disaster recovery. It replicates your data center resources in the cloud and makes them available when you most need them. If you don’t need to completely replicate your IT infrastructure, but want to still protect your data, then consider BaaS (Backup-as-a-Service).

In this new “there’s a service for that,” world, choosing the best cloud services will depend on your workloads, and connecting to that service will depend on your cloud interconnection strategy. Stay tuned for upcoming “Unlock the Cloud” articles to learn more.