Comment Dumb idea anyhow. (Score 4, Insightful) 174
[T]he service provider has a copy of the keys to a user's cloud 'storage unit'
Why the hell would I want to give a copy of the keys to the service provider?
Just because you use the cloud to store bits of data doesn't mean that you'd want to store unencrypted bits of data there. Those that do risk distribution of your unencrypted data via a multitude of channels, including but certainly not limited to:
- Cloud configuration errors
- Service Policy changes
- Service Security failures
- Data theft by administrators
- Service scanning and reselling of your data
Why would anyone hand the keys to all their important data to a 3rd party that they don't personally know? Just because they're under a contract with that 3rd party? A contract drawn up exclusively by that 3rd party? With clauses designed to exclusively to protect that 3rd party?