It's one thing to create edited video that fools a casual observer, and another that stands up to forensic analysis.

It won't matter once the general population is too stupid to understand the science behind forensic analysis. And we're heading rapidly in that direction.

It's Google or Apple listening to your phone's mic. Facebook just buys the data your phone's OS provider is already harvesting.

They run it because they have to. Didn't always used to be that way, but I've not seen significant technical innovation out of Oracle in a very, very long time. And given their other disasters with managed services, if I were running Oracle, I certainly wouldn't entrust it to their cloud service.

"Assuming an attacker has access to the computer's console"

I was always taught that this pretty much means game over. It might be an interesting way to get a root shell, but if I am sitting in front of the machine with console access, I can think of a number of other ways to get a root shell.

Every device with a microphone should have a physical, hardwired switch with an indicator that tells when it's enabled or disabled.

Sounds to me like they want to *write* student loans. Which is quite different from selling them. I would be interested in buying the notes, if that's what they were selling. Usurious interest rates, no chance of discharge in bankruptcy, no expiration. This is the kind of investment vehicle I would want to own.

RAID and snapshots protect the primary data. RAID also protects the backups, which are local but run to a physically separate machine. And finally, I do off-site rotation of physical media.

Good point. Any prosecutor or law enforcement official with an axe to grind could point at any random string of characters they found on anyone's device, and say, "Look! Unbreakable encryption!"

I recently stayed in a hotel that provided a tablet in every room for accessing amenities, such as room service. It appeared to be equipped with a camera and microphone, as most tablets are. And I have little doubt the security at that hotel was as bad as what the poster described.

This article https://theintercept.com/2015/11/15/exploiting-emotions-about-paris-to-blame-snowden-distract-from-actual-culprits-who-empowered-isis/ is a pretty good discussion of what's in play. Kudos to the NYT for pulling the article. Shame they published it in the first place.

Keep in mind, /. is not stale news for nerds for the most part.

Have you been to Arstechnica, Phoronix, and The Register? Browse their headlines and you'll see a 12-24 hour preview of what's going to show up on /.

The government already has all that, they don't need to break into DropBox or OneDrive to read that stuff.

True, and the government is not my main concern with putting sensitive data, albeit encrypted, in the cloud. My main concern is that someday, the encryption might be broken. Once that happens any script kiddie with the right tools can to get to the data, and there's no sure way to remove it from the cloud.

you will be at no risk of hackers or anyone else gaining access that way

I disagree. Encryption algorithms are constantly being tested and broken, and there is great incentive for that to continue. From the NSA and other governmental entities deliberately weakening the tools we use to encrypt, to as-yet undiscovered flaws, nobody can say with 100% certainty that current encryption technology will forever be secure.

And that's the biggest problem with the cloud. Once a single copy has been posted, you no longer have a sure way to delete every copy in existence.

In other words, it's only terrorism when it suits our political agenda to call it that.