Google To Encrypt Cloud Storage Data By Default 217
jfruh writes "Worries about snooping are now a permanent part of our computing landscape, but Google is attempting to ameliorate those fears by encrypting all data on its Google Cloud Storage service by default. Data is encrypted with 128-bit AES, and you can manage the keys yourself or have Google do it for you. A Google spokesperson said that the company "does not provide encryption keys to any government."" (Also at SlashCloud.)
Lies Lies Lies (Score:5, Insightful)
Just like how they already lied the first time. Lies Lies Lies. But I don't care. Go ahead and do that NSA thing.
Re: (Score:2, Insightful)
That this comment got modded +4 insightful shows how far Slashdot has fallen.
Why should we trust you? (Score:5, Insightful)
Re: (Score:1)
They still hand data over to the government.
From the article:
A Google spokeswoman said via email the company does not provide encryption keys to any government and provides user data only in accordance with the law.
"Our legal team reviews each and every request, and we frequently push back when the requests appear to be fishing expeditions or don't follow the correct process," she wrote. "When we are required to comply with these requests, we deliver it to the authorities. No government has the ability to p
Re: (Score:2)
Goggle complies with local laws ... (Score:5, Interesting)
"The new local Google site, expected to be launched Wednesday at Google.cn, will include notes at the bottom of results pages that disclose when content has been removed, said Andrew McLaughlin, senior policy counsel for Google. "Google.cn will comply with local Chinese laws and regulations," he said in a statement. "In deciding how best to approach the Chinese--or any--market, we must balance our commitments to satisfy the interest of users, expand access to information, and respond to local conditions.""
http://news.cnet.com/Google-to-censor-China-Web-searches/2100-1028_3-6030784.html [cnet.com]
When a legal order to turn over info is received they will do it. The only question is what constitutes a legal order.
Re: (Score:2)
And we have what guarantee, exactly, that they're telling the truth?
Following up on your rhetorical question: None really; that's why the expression "Trust, but verify." exists. Without some type of enforceable checks and balances in place, our only hope is for the operators to be benevolent. Even then, we're not in the decision making process; they may think their decisions are in our best interests and we might be lucky enough once in awhile for it to be the right one. Usually though, without informed personal experiences to temper the outcome, it won't; especially if th
Re: (Score:2)
The purpose in the first part of my reply was to express that I was not oblivious to and in agreement with the point being made in the question's intent posed by the parent comment. It had nothing to do with the improperly used sophomoric indignation done by some people to counter an idea they disliked. I've rarely used the word with others, perhaps at most 3 or 4 different times in my life; once in writing — the one (properly used) in the previous comment — and the rest verbally (and improperl
Re: (Score:3, Insightful)
Well, the question is whether only you have the keys.
Re: (Score:2)
It's hard to see how they could get yours keys without someone noticing. The client software will be scrutinized in detail by various third parties to verify it does what it claims to do. If they locally generated key is ever sent over any network connection we will find out about it pretty quickly.
The more attack vector is a flaw in the implementation of the crypto that gives the NSA a back-door even without the key.
of course not (Score:1)
Of course they don't provide encryption keys to any government, they just hand over the plaintext.
Encrypt your own data ... (Score:2)
Of course they don't provide encryption keys to any government, they just hand over the plaintext.
Now how are they going to do that if one encrypts the data before sending it to the cloud service? Don't give your cloud service the plain text.
Patriot act? (Score:5, Insightful)
A Google spokesperson said that the company "does not provide encryption keys to any government.""
As Google is a U.S. based company, I'm pretty sure this is a bald faced lie due to the "Patriot Act".
Re: (Score:2)
They way this usually works is the precise statement is true, but they leave the encryption keys where the government can find them.
Re: (Score:3)
Re: (Score:2)
Conspiracy theorists give people that expose real conspiracies a bad name. When you have crackpots out there claiming the moon landing never happened and other such BS the real conspiracies are lost in the noise.
There could even be a government conspiracy to hide real conspiracies in the noise of fake ones. Or it could just be a bunch of nut jobs with paranoia, I put my money on the nut jobs..
Re: (Score:2)
You'd be wrong if you believed that. There's no law that says they can't encrypt a users data.
Nice phrasing. But there is a law that says they have to decrypt it for the US government without anyone ever telling about it, which is exactly the reason why Lavabit and Silent Circle gave up their business.
does not provide encryption keys (Score:5, Insightful)
Until they receive a National Security Letter and a gag order to boot.
Re: (Score:2)
If you set up your system is such a way that you really absolutely cannot provide encryption keys what happens?
What does it matter... (Score:1)
What does it matter if they encrypt it all and then give the keys to the government?
Re: (Score:2)
It's not totally useless. If the NSA officially provided encrypted cloud storage for free or cheap, this might be interesting to US American companies and people who want to protect their data against others and have nothing against being snooped on by their own government. Heck, some people would probably give up their freedom and democratic principles for a glass of free beer.
What does this mean exactly? (Score:5, Insightful)
What does this mean, exactly? That they would provide encryption keys in accordance with the law? That they could?
A robust system would mean the hosting company wouldn't be more able to decypher encrypted damage than anyone else. Are they offering that?
Re: (Score:2)
Re:What does this mean exactly? (Score:5, Informative)
It means that they don't provide the encryption keys. And the unencrypted data is provided to government agencies in accordance with the law. Since there are secret laws, we don't know under what conditions the data is provided.
Re:What does this mean exactly? (Score:5, Informative)
"A Google spokeswoman said via email the company does not provide encryption keys to any government and provides user data only in accordance with the law."
What does this mean, exactly? That they would provide encryption keys in accordance with the law?
It means they will decrypt the data and then hand it over.
Its server side encryption. The server has the keys.
Re: (Score:3)
About the only obvious way to do this in a secure way would be "client side". Such that all that is ever stored (and transmitted) would be cyphertext. (Without it being knowlable to Google or the "spooks" even what encryption algorithm was used.)
Re: (Score:2)
Does Google charge more for data that doesn't compress? (Encrypted data doesn't compress, so if you're going to encrypt your data yourself you should compress it yourself too first.)
The fix (Score:1)
A Google spokesperson said that the company "does not provide encryption keys to any government... yet.""
fify
Call me paranoid (Score:5, Insightful)
"If you require encryption for your data, this functionality frees you from the hassle and risk of managing your own encryption and decryption keys," Barth wrote. "We manage the cryptographic keys on your behalf using the same hardened key management systems that Google uses for our own encrypted data, including strict key access controls and auditing."
That sounds meaningless.
All that it prevents is interception of data to/from your computer.
It does nothing to stop the NSA from requesting your data from Google, who would control your encryption keys.
A Google spokeswoman said via email the company does not provide encryption keys to any government and provides user data only in accordance with the law.
Which is exactly my point. If they control your key, they have access to your data.
Re: (Score:2, Interesting)
It will be difficult to avoid such requests entirely, but this technology, implemented well, prevents the NSA or others from intercepting the data en route and reading it without a court order.
I'd also point out that Google has, in the past, pushed back against data requests.
Re: (Score:2)
I'd also point out that Google has, in the past, pushed back against data requests.
and you know that, exactly, how?
oh right, they said so. yeah. ok. we're done here.
Re: (Score:2)
A Google spokeswoman said via email the company does not provide encryption keys to any government and provides user data only in accordance with the law.
And once US starts to publicize their laws, that would maybe mean something
For now, "in accordance with the law" means nothing because of all the secret laws or secret law-interpretations that are out there.
Re: (Score:2)
Ummm, if you want to store your data in Google's cloud, or anyone else's, then all you need do is encrypt it before uploading. Then the responsibility for keeping the key secret is yours. If Google reencrypts your data, there is usually no significant gain or loss of security. You can even share documents with anyone else who has the key, perhaps delivered by carrier pigeon. (Surprisingly, multiple different encryptions can sometimes be weaker than any of the individual encryptions - read that somewhere
Re: (Score:2)
Re: (Score:3, Interesting)
Yes, but this prohibits use of Google's many server-side tools for editing documents, spreadsheets, calendar, etc. If confidentiality of your data is to be preserved, that data can never be transferred unencrypted out of machines you control. That prevents the server-side application from checking your spelling, evaluating your spreadsheet calculations, or anything else. The cloud becomes nothing but a distributed filesystem.
But Google wants to read your data in order to advertise to you. That's why the
Re: (Score:2)
PGP/GPG have always had the ability to generate a cyphertext which can be decrypted by multiple keys. Which might be another option if the number of people who need to share is small.
Re: (Score:2, Funny)
TFA (Score:5, Interesting)
Of course, if you prefer to manage your own keys then you can still encrypt data yourself prior to writing it to Cloud Storage.
Which is how it should all be done. Relying on Google's honesty, or some Google employee who doesn't want his fingers broken one by one, is just false security.
Re:TFA (Score:4, Insightful)
No.
That is not how it should be done.
It should be done as follows:
You DO NOT give Google your data IN THE FIRST PLACE.
They have no business keeping your data for you. The sooner you learn this, the sooner you can start on the path to become a free man.
Fool me once.... (Score:5, Informative)
Given what we know about the NSA, NSLs, and Lavabits, " [we do] not provide encryption keys to any government" is a worthless statement. With an NSL, Google will turn over everything and won't be able to say anything about it. With an NSL, Google will be required to lie (like claiming data is encrypted when it's not). Lavabits received an NSL and chose to shut down rather than honor it and sell out their customers. Google compiles with their NSLs.
You cannot trust Google or the cloud with your data.
Re:Fool me once.... (Score:5, Insightful)
You cannot trust Google or the cloud with your data.
If you store your data in the cloud, it means that:
The best way to store your data is on your own HDD, encrypted. The observer still can break into your house, but they would have to do it without any information leading to that. (Such as they wouldn't know that you even have a computer, let alone how often you modify certain files.) Modern terabyte drives (USB 3.0 or eSATA) remove every reason to bother with cloud storage - unless you want an additional bottleneck in form of the Internet link and a bunch of additional vulnerabilities, often for a small extra fee. Most people would be perfectly happy with an encrypted USB Flash disk (IronKey etc.) that they can always carry with them.
Re: (Score:2)
http://www.foreignpolicy.com/articles/2013/07/16/the_cias_new_black_bag_is_digital_nsa_cooperation [foreignpolicy.com]
During a coffee break at an intelligence conference held in The Netherlands a few years back, a senior Scandinavian counterterrorism official regaled me with a story. One of his service's surveillance teams was conducting routine monitoring of a senior militant leader when they suddenly noticed through their high-powered surveillance cameras two men breaking into the militant's apartment. The target was at Friday evening prayers at the local mosque. But rather than ransack the apartment and steal the computer equipment and other valuables while he was away -- as any right-minded burglar would normally have done -- one of the men pulled out a disk and loaded some programs onto the resident's laptop computer while the other man kept watch at the window. The whole operation took less than two minutes, then the two trespassers fled the way they came, leaving no trace that they had ever been there.
It did not take long for the official to determine that the two men were, in fact, Central Intelligence Agency (CIA) operatives conducting what is known in the U.S. intelligence community as either a "black bag job" or a "surreptitious entry" operation. Back in the Cold War, such a mission might have involved cracking safes, stealing code books, or photographing the settings on cipher machines. Today, this kind of break-in is known inside the CIA and National Security Agency as an "off-net operation," a clandestine human intelligence mission whose specific purpose is to surreptitiously gain access to the computer systems and email accounts of targets of high interest to America's spies.
Stealing passwords with a key logger or phishing e-mail undoubtedly involves less paperwork than using the rubber hose.
Re: (Score:2)
What might be a good use for cloud is backups. Not live storage like box.net or Dropbox, but an encrypted blob of data [1] that is tossed onto a remote site and read from it as one large object.
With this in mind, managing remote data becomes an issue of key management. If each remote file is stored with a different key, just erasing that key (could be a password, or an actual keyfile as in the case of TrueCrypt) would ensure that the remote data isn't usable by anyone short of a complete AES break.
The adv
Re: (Score:3)
Backup is all i use cloud storage for.
Some of it mildly proprietary. For that I use SpiderOak.com. Its client side encryption and They. Don't. Have. The. KEY.
Re: (Score:2)
Doesn't matter at all. It's a US company and they have full access to your machine. Or is the endpoint software open source and has been compiled and security audited by yourself?
Re: (Score:2)
Some of it mildly proprietary. For that I use SpiderOak.com. Its client side encryption and They. Don't. Have. The. KEY.
Can you be fully sure you are protected? It seems they use their own proprietary client to transfer the data. At that point, well, they can do pretty much anything. Maybe there is another "NSAKEY" which works as an alternative universal key to decrypt any backup. Or maybe a three-letter-organization forces them to deliver a secret patch which contains an exception for your user account and suddenly makes it send everything unencrypted.
Re: (Score:2)
SpiderOak derives your key from (only) the password that you log into the website with. That password is also stored as a hash on their webserver. Make sure you choose a good password, because that few bits of entropy are all that are protecting your data, and it's very probable that the NSA have ever-growing rainbow tables to bypass the hash.
But really, like all third parties, you have to take SpiderOak's claims at face value and decide whether you really want to trust a third party with sensitive data. Yo
Re: (Score:2)
Your website log in key is not your spideroak encryption keep. You can't deduce one from the other unless you were stupid enough to use the same key for both.
Re: (Score:2)
That's an odd thing to say, since it's demonstrably not true. I just set up a new account with them, picked a password of "1" (which didn't didn't set off any warnings, even though that is the sole secret protecting all of the data), then logged into the website with that password.
Furthermore, you can't change one password separately from the other. As listed on their site:
NOTE - PASSWORD CHANGE: Due to our security measures, you may only change your password within the SpiderOak application. This ensures our zero-knowledge privacy environment. You may change your password within the application by opening the 'Account' section in the upper right corner.
Re: (Score:2)
When you first set up the account they may be the same, but from then on out, you need never access the website again. But if you do they don't write it to disk. So if you dont trust SSL, just don't visit the website. Do everything through the client.
You can't change the password on the website. (Why? Because they recognize that is insecure). You can only change it in the client application (a locally installed piece of software), and as soon as you do that your machine gets busy re-encoding all of you
Re: (Score:2)
Even if you don't access their site again, they still have your password in plaintext long enough to make a hash for the webserver to use. If you do ever use their site again (which many people might do: for instance, their site is the only way to buy more space), the login page on their site is a simple POST for the submission of the password so it's easy enough to snatch it there if they were compelled to. That's not even getting into their use of a closed source server and client and unverified crypto im
Re: (Score:2)
Oh, forgot, go carry on your argument with SpiderOak. Start here: https://spideroak.com/engineering_matters [spideroak.com] where they explain exactly how it works.
Re: (Score:2)
Basically, your whole argument boils down to "they say...", "they say...", "they say...", but you're given no means to verify any of it. That's not how you do security.
Do you know the people running SpiderOak? Then why do you trust them so implicitly?
Even a layered approach, like TrueCrypt on Google's "encrypted" Cloud dilutes the trust you need to put in any one party. You're putting all of your eggs in one basket, which has exploitable holes, and trusting that basket entirely because of the basketmaker's
Re: (Score:3)
You cannot trust Google or the cloud with your data.
Doesn't this really boils down to, you can't trust your government? Nothing is safe.
Re:Fool me once.... (Score:5, Funny)
Google compiles with their NSLs.
interesting. the rest of us use gcc. does nsl optimize better?
You cannot trust Google or the cloud with your dat (Score:2)
I trust them with my unimportant data as its not important if its seen like a book i purchased or a movie ( its still wrong of course ). I also trust them to house my pre-encrypted data, where i hold the key.
Red riding hood (Score:5, Insightful)
Fool me once..
Possible Benefits? (Score:2)
Server side encryption is only potentially beneficial for limited data breaches where the attacker gains access to the data but not the keys. In the case of government requests, they have the same rights to ask for the keys as for the data. Perhaps if there is a seizure of entire disks then having encryption may oblige them to ask for specific keys and therefore protect your data from snooping when you are not the target. It is also unclear exactly how unique/granular the keys are.
Re: (Score:2)
It also protects against theft of the physical servers and residual data on discarded drives. Not as big of an issue for Google, but server side encryption is good for small operations.
THIS IS NOT GOOGLE DRIVE (Score:5, Informative)
Don't trust the cloud, period. (Score:5, Insightful)
Re: (Score:3)
That embarrassing photo is out there forever, though.
Yes, the distribution of that photo is embarrassingly parallel [wikipedia.org]. :)
Convenient (Score:5, Informative)
In other news leaked internal NSA documents show that they only begin to have trouble cracking AES at 256-bit key sizes and higher.
... only in accordance with the law. (Score:3, Insightful)
The summary leaves out a critical bit of the company spokesperson's quote from the article: they won't give anyone your encryption keys directly, but they'll happily USE the encryption keys they're managing for you to decrypt your data and give the decrypted data to anyone who makes a legal request.
All this buys you is a tiny bit of defense in depth in case someone tracks down the Google server(s) that are storing your data, breaks into the data center, and physically yanks the hard drive out of the machine. Doesn't do anything to prevent a government from getting access by asking politely, and doesn't do anything to address the wide-open front door of someone guessing your account password.
If you care at all, you should be using client-side encryption. If you don't, this is just adding extra latency.
Re: (Score:2)
"In accordance with the law" is a hollow phrase when the laws itself are unjust or secret to begin with.
Everyone following your "laws" and not openly disobeying them is in good company with people "just following orders" in 1933's Germany.
does not provide encryption keys to any government (Score:2)
Means, "we provide encryption keys to the whim of any government." Guessing this is true.
I want my browser to manage my keys (Score:3, Interesting)
When I first read the summary I thought Google was going to provide me a way to manage my own keys in a practical sense. I would like for my browser to automatically decrypt when I download from Google Drive using private keys stored on my local store (with a pass phrase, of course).
Re: (Score:2)
It's just why the satisfactory backup program should be simple and contain no browser and no parts that you cannot possibly understand. Bare minimum: OS, the builtin opensource HDD crypto of this OS, and an orthodox file manager for that OS. Nothing more. And if your OS has no opensource HDD crypto - change the OS before the worst happens.
Re: (Score:2)
No parts that you cannot possibly understand. Do you understand the inner workings of your opensource browser well enough?
words, words (Score:3)
Based on recent evidence these words mean absolutely nothing* and you would be a fool to trust them.
* That doesn't mean they are technically a lie. Maybe 128 bit AES has a hidden weakness. Maybe there is NSA sponsored back door to their code. Who knows?
Who, except for the forensic types, cares?
Same google (Score:2)
This is the same Google that insists in court: of COURSE we read your email... why would you expect anything else, right?
Sing the song (Score:5, Insightful)
And? (Score:2)
In Soviet Russia, all us belong to your base. (Score:2)
The only really secure data are the ones written to your own HDD in your safe in your basement, encrypted with opensource program, with part of encryption key entrusted to some friend who is instructed to return it to you when he is satisfactorily ensured that you are not under coercion.
Transparent PR Stunt (Score:3)
OK, so you have the option to manage your own keys, but we're trusting that Google doesn't copy your keys when you create them and that they don't have a backdoor. Based on recent revelations, I wouldn't put either past them.
Once Google unequivocally tells the feds to fuck off the next time they come sniffing around for user data, I'll put some stock into such supposed privacy measures.
Re: (Score:2)
Once Google unequivocally tells the feds to fuck off the next time they come sniffing around for user data, I'll put some stock into such supposed privacy measures.
Google refuses ~30% of government requests for user data.
Keep in mind that most requests are subpoenas (which can only get extremely limited data; name and IP address, basically), court orders (which can get a bit more, but not e-mail contents) and search warrants, and I think it's quite likely that if you were in a position to look at the requests and their rationale, you'd agree that most of them are legitimate and not only legally must be respected, but should be respected, because it's the right thing
Re: (Score:2)
if you were in a position to look at the requests and their rationale, you'd agree
If you were a dog, and thought like a dog, you would behave like a dog.
Allow me to rephrase: I think just about any intelligent, reasonable person would look at the warrants in criminal investigations, the subpoenas in civil suits, etc., and find the requests reasonable, appropriate and in the interest of justice and society in general. You know, the 4th amendment allows warrants for a reason... because they make society a better place. National Security Letters... that I'm not so sure about. We need real oversight, and (as mentioned in another article on /. today) we don't ha
Too late (Score:2)
It might have been. But too late now.
Useless security without direct control of the box (Score:2)
You might as well be using open to send the password.
Unless you are uploading locally encrypted files to the cloud (for convenience I suppose) and never sharing keys except in person you should be fine.
Until they kick your door in that is.
Why are people worried about the government? (Score:2)
I don't understand all the cynical comments about the government forcing Google to decrypt everyone's data.
Would 128-bit AES encryption really bother the NSA that much? Would it even bother a committed hacker that much? If anything, this will just provide Google with a little ass coverage in case they every get hacked by someone other than the NSA.
But seriously, if this is something that you're really worried about, you should be encrypting your online storage yourself. Or better yet, don't store anythin
Don't be good... (Score:2)
I don't see how anybody could trust them at this point.
128bit AES is insecure (Score:2)
Lies and secrets (Score:2)
"A Google spokeswoman said via email the company does not provide encryption keys to any government and provides user data only in accordance with the law.".
First of all NSA lied to congress so how do we know that the Google spokeswomen is not lying also? Secondly if the laws are secret then how does the public know what is in accordance?
Proven Evil (Score:2)
How this really does help (a little) (Score:2)
If you strain to look at things in the best possible light, you will figure out there are some scenarios where this helps. And if you take a pessimistic view, I think the conclusion is that this is completely harmless. Unfortunately, it's also very dishonest, so Google earns a demerit anyway, but that's another topic that plenty of people are already going on about. ;-)
Obviously this doesn't protect the data if Google is coerced into giving up the key, or if Marketing decides there might be profiling adva
You have the keys google! Pointless (Score:2)
Re:what about decryption keys (Score:5, Funny)
They don't provide any keys. They provide the decrypted data.
Re:what about decryption keys (Score:5, Funny)
That's funny, because here I thought that Google's Cloud Storage was going to be hosted in NSA's new data center. Brilliant really. Why bring the NSA to you when it's less trouble to let the NSA host your shit for you.
Re: (Score:3)
If you manage your own keys and you use a client that isn't written by Google, how does Google get at the decrypted data? As I understand the system there's nothing they could do and they do allow third party clients?
If so it would be a very good reason to insist your cloud data provider is not the same as your OS vendor. In the end though it's your OS vendor you have to trust for everything since they clearly do have (indirect) access to the keys. Another good reason to use Ubuntu rather than Windows o
Re:what about decryption keys (Score:5, Informative)
According to TFA and the blog post it's server side encryption. Which, of course, does absolutely nothing for security as the NSA will just get the data before it's encrypted.
If you don't want your data read you encrypt it before sending it to someone else.
Re: (Score:2)
"Of course, if you prefer to manage your own keys then you can still encrypt data yourself prior to writing it to Cloud Storage."
is meaningless; In other words, what they are saying is just that you could encrypt your whole file, not that you can encrypt your whole storage remotely?
How do you know? (Score:2)
Re: (Score:2)
If you think the Internet could ever be trusted you started using it way too late.
The Internet once was this cozy anarchistic place where it was all just packets and if you didn't secure your shit, you were owned, right as it should be. Now it's all marketing scum drowning you in ads, trying to get into your pockets and living rooms, global adversaries becoming a real threat and ass-backwards pussies trying to censor your shit.
Fuck that.
Re: (Score:2)
Where are the keys generated? If they are generated at Google and then transmitted to you, then this doesn't really give additional security. Only if the key is generated on your computer and provably never goes to Google, it gives better security than just trusting Google. Of course that means you have to manage it yourself (back it up — not on the cloud, of course —, copy it onto all of your devices — again, not per cloud synchronization, but either through a direct encrypted connection
Re: (Score:3)
Most of the people will have "google managing their keys". Which means google has both keys and data. Which doesn't really help more than before.
For users who are advanced enough to set their own keys, nothing changed.
Re:what about decryption keys (Score:5, Informative)
Its AES. Its a symmetric-key algorithm. The encryption key is the decryption key. Whats with all the jokes about decryption keys?
And the fact the keys are symmetric and held by Google renders the entire exercise entirely worthless. If Google have the key to encrypt/decrypt data then they can just hand it to the NSA or whomever at the same time they hand over the data.
The proper and correct thing to do is to provide a pluggable API in their client apps that allows an extension running client side to manage the key and encrypt / decrypt the data. And similarly for their cloud APIs for languages like Java.
Google would have absolutely no idea what the data contains and absolutely no way to retrieve it either. It might mean certain functionality in their apps / services is affected in some ways (e.g. encrypted folders are inaccessible via a browser) but I assume they could spell out the consequences and people motivated to encrypt data would recognize those limitations.
Re: (Score:2)
Re: (Score:2)
Data might be the new oil, but the data of any one average person is worth almost exactly nothing. Should I charge Google almost exactly nothing for my data?
Re: (Score:2)
There is NO way to prove this. It's just impossible to prove the absence of anything (here: the absence of security holes) except in very special cases.
It's of course possible for them to disclose the program that resides on your computer and stores your data in Google cloud, but it's impossible to prove that this program has not been changed before use, or your Windows has no malware that sends your keys to KGB (Or NSA - doesn't matter). Or that your keyboard has not been bugged, or that you will never be
Re: (Score:2)
Unfortunately, it's THE fate of any large and successful corporation.