Skip to content
  • Home Home Home, current page.
  • Moments Moments Moments, current page.

Saved searches

  • Remove
  • In this conversation
    Verified accountProtected Tweets @
Suggested users
  • Verified accountProtected Tweets @
  • Verified accountProtected Tweets @
  • Language: English
    • Bahasa Indonesia
    • Bahasa Melayu
    • Català
    • Čeština
    • Dansk
    • Deutsch
    • English UK
    • Español
    • Filipino
    • Français
    • Hrvatski
    • Italiano
    • Magyar
    • Nederlands
    • Norsk
    • Polski
    • Português
    • Română
    • Slovenčina
    • Suomi
    • Svenska
    • Tiếng Việt
    • Türkçe
    • Ελληνικά
    • Български език
    • Русский
    • Српски
    • Українська мова
    • עִבְרִית
    • العربية
    • فارسی
    • मराठी
    • हिन्दी
    • বাংলা
    • ગુજરાતી
    • தமிழ்
    • ಕನ್ನಡ
    • ภาษาไทย
    • 한국어
    • 日本語
    • 简体中文
    • 繁體中文
  • Have an account? Log in
    Have an account?
    · Forgot password?

    New to Twitter?
    Sign up
rootkovska's profile
Joanna Rutkowska
Joanna Rutkowska
Joanna Rutkowska
Verified account
@rootkovska

Tweets

Joanna RutkowskaVerified account

@rootkovska

Strategy & security at @golemproject. Previously: founder of @QubesOS and Invisible Things Lab. Distrusts computers.

Warsaw
blog.invisiblethings.org
Joined July 2014

Tweets

  • © 2018 Twitter
  • About
  • Help Center
  • Terms
  • Privacy policy
  • Cookies
  • Ads info
Dismiss
Previous
Next

Go to a person's profile

Saved searches

  • Remove
  • In this conversation
    Verified accountProtected Tweets @
Suggested users
  • Verified accountProtected Tweets @
  • Verified accountProtected Tweets @

Promote this Tweet

Block

  • Tweet with a location

    You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more

    Your lists

    Create a new list


    Under 100 characters, optional

    Privacy

    Copy link to Tweet

    Embed this Tweet

    Embed this Video

    Add this Tweet to your website by copying the code below. Learn more

    Add this video to your website by copying the code below. Learn more

    Hmm, there was a problem reaching the server.

    By embedding Twitter content in your website or app, you are agreeing to the Twitter Developer Agreement and Developer Policy.

    Preview

    Why you're seeing this ad

    Log in to Twitter

    · Forgot password?
    Don't have an account? Sign up »

    Sign up for Twitter

    Not on Twitter? Sign up, tune into the things you care about, and get updates as they happen.

    Sign up
    Have an account? Log in »

    Two-way (sending and receiving) short codes:

    Country Code For customers of
    United States 40404 (any)
    Canada 21212 (any)
    United Kingdom 86444 Vodafone, Orange, 3, O2
    Brazil 40404 Nextel, TIM
    Haiti 40404 Digicel, Voila
    Ireland 51210 Vodafone, O2
    India 53000 Bharti Airtel, Videocon, Reliance
    Indonesia 89887 AXIS, 3, Telkomsel, Indosat, XL Axiata
    Italy 4880804 Wind
    3424486444 Vodafone
    » See SMS short codes for other countries

    Confirmation

     

    Welcome home!

    This timeline is where you’ll spend most of your time, getting instant updates about what matters to you.

    Tweets not working for you?

    Hover over the profile pic and click the Following button to unfollow any account.

    Say a lot with a little

    When you see a Tweet you love, tap the heart — it lets the person who wrote it know you shared the love.

    Spread the word

    The fastest way to share someone else’s Tweet with your followers is with a Retweet. Tap the icon to send it instantly.

    Join the conversation

    Add your thoughts about any Tweet with a Reply. Find a topic you’re passionate about, and jump right in.

    Learn the latest

    Get instant insight into what people are talking about now.

    Get more of what you love

    Follow more accounts to get instant updates about topics you care about.

    Find what's happening

    See the latest conversations about any topic instantly.

    Never miss a Moment

    Catch up instantly on the best stories happening as they unfold.

    1. Joanna Rutkowska‏Verified account @rootkovska Oct 14

      I think the 3 fundamental problems with the Cloud are: 1. We don't control the CODE (service provider-owned apps might be sharing our data), 2. We don't control the INFRASTRUCTURE (admins have access to our data), 3. We don't control the AVAILABILITY (we might get cut off).

      77 replies 462 retweets 1,046 likes
      Show this thread
      Joanna Rutkowska‏Verified account @rootkovska Oct 14

      Ad 1. If we could ensure specific code of the cloud/apps services, we could audit them and make sure they e.g. don't let service providers to access our data.

      1:41 AM - 14 Oct 2018
      • 8 Retweets
      • 66 Likes
      • caleb Franks Nelson Van Buren Elio Torrisi K2 6ix9ine4our London Crypto Services Ltd golem Roman V Shaposhnik
      11 replies 8 retweets 66 likes
        1. New conversation
        2. halvarflake‏ @halvarflake Oct 14
          Replying to @rootkovska

          Do we control the hardware, though, and does inspecting the code make much sense if you cannot inspect the hardware? It makes *some* sense, but depends on threat model?

          2 replies 1 retweet 6 likes
        3. Joanna Rutkowska‏Verified account @rootkovska Oct 14
          Replying to @halvarflake

          That falls under #2 (infra), doesn't it?

          1 reply 0 retweets 2 likes
        4. halvarflake‏ @halvarflake Oct 14
          Replying to @rootkovska

          Ah, ok. I thought #2 was more narrowly scoped.

          3 replies 0 retweets 0 likes
        5. Joanna Rutkowska‏Verified account @rootkovska Oct 14
          Replying to @halvarflake

          In the same vein #1 (code) means: the entirety of the service/app, incl. configs, which has been created and is being managed by the service provider. Where service provider (e.g. Fitbit) is usually a different entity than the party controlling/ owning the infra (e.g. AWS).

          0 replies 0 retweets 1 like
        6. End of conversation
        1. New conversation
        2. Matthew Green‏ @matthew_d_green Oct 14
          Replying to @rootkovska

          Would moving to self-hosting on a cloud provider like AWS help? It obviously wouldn’t stop someone from accessing your data if they wanted to, but neither will code audits (unless you use client-side encryption.)

          3 replies 0 retweets 2 likes
        3. Joanna Rutkowska‏Verified account @rootkovska Oct 14
          Replying to @matthew_d_green

          Yeah, it'd solve #1. Except no one has resources to maintain all those apps and services... That's why we have all those 3rd party service providers, whose only job is to maintain all these apps...

          1 reply 0 retweets 1 like
        4. Joanna Rutkowska‏Verified account @rootkovska Oct 14
          Replying to @rootkovska @matthew_d_green

          ...so, rather than getting rid of them, we need some forms of remote... attestation of what they have deployed. (And yes, I'm using this in a broader meaning than mere TCG/SGX remote attestation).

          1 reply 1 retweet 4 likes
        5. Matthew Green‏ @matthew_d_green Oct 14
          Replying to @rootkovska

          But the path towards doing that could flow through something like “publish an AMI (or Docker image) and provide a SIMPLE means for people to provision it on the hosting provider of their choice.”

          1 reply 0 retweets 3 likes
        6. Matthew Green‏ @matthew_d_green Oct 14
          Replying to @matthew_d_green @rootkovska

          All the other attestation stuff is only worth a damn once you have cloud services wrapped up in easily auditable containers. And tackling that first part (with revenue and subscription services included) seems like its a single, re-usable technical task.

          1 reply 0 retweets 3 likes
        7. 1 more reply
        1. Daniel Baird‏ @danieljbaird Oct 14
          Replying to @rootkovska

          @Beaker started Cloud Audit about 10 years ago, but it seems to have fizzed out. Ahead of its time I reckon. More customer pressure needed.https://cloudsecurityalliance.org/working-groups/cloudaudit/#_overview …

          0 replies 1 retweet 3 likes
          Thanks. Twitter will use this to make your timeline better. Undo
          Undo
        1. WoodenBeachSigns‏ @WoodenBeachSign Oct 19
          Replying to @rootkovska

          I belive we should be beyond this conversation if we as humans demand open dialect in democratic but moreover 'free" soieties, which should be glaring if not for the utter lack of knowledge the masses have on this.

          0 replies 0 retweets 0 likes
          Thanks. Twitter will use this to make your timeline better. Undo
          Undo
        1. London Crypto Services Ltd‏ @CryptoAuditUK Oct 15
          Replying to @rootkovska @golemproject

          Another issue is in cross jurisdiction storage of information in particular personal data and regulatory requirements arising.

          0 replies 0 retweets 0 likes
          Thanks. Twitter will use this to make your timeline better. Undo
          Undo
        1. Ian Oliver  🏴󠁧󠁢󠁷󠁬󠁳󠁿 🇫🇮 🇪🇺‏ @i_j_oliver Oct 15
          Replying to @rootkovska

          How far back in the supply chain do you want to go? If you run your own servers, or even rely upon trusted hardware, there is still a limit, unless you fabricate your own CPUs, motherboards, firmware etc. Serious question though: where is the acceptable limit to the trust chain?

          0 replies 0 retweets 0 likes
          Thanks. Twitter will use this to make your timeline better. Undo
          Undo
        1. Stephan Neuhaus‏ @stephanneuhaus1 Oct 14
          Replying to @rootkovska

          Given the complexity of today's software stacks, I think (comprehensively) auditing cloud software is out of the question.

          0 replies 0 retweets 0 likes
          Thanks. Twitter will use this to make your timeline better. Undo
          Undo
        1. Karel Gardas‏ @KarelGardas Oct 14
          Replying to @rootkovska

          This is overly optimistic idea. First of all, admin of hypervisor still can access VMs. And, hardware platform ensuring they can't is reportedly broken. Besides all this, hardware platform running majority of current cloud is side-channel attack friendly as 2018 proved so far.

          0 replies 0 retweets 0 likes
          Thanks. Twitter will use this to make your timeline better. Undo
          Undo
        1. ∃dwin de Jong‏ @gedejong Oct 14
          Replying to @rootkovska

          Ad 1: You control the code running on your Intel CPU? Ad 2: In any large organisation, this is the case. It can be resolved using trust, contracts, audits. Ad 3: This is the case anyways: ISPs and hosting providers can cut you off as well.

          0 replies 0 retweets 0 likes
          Thanks. Twitter will use this to make your timeline better. Undo
          Undo
        1. Lee Newcombe‏ @lee_newcombe Oct 14
          Replying to @rootkovska

          This is the fundamental point for me. It's really a question of visibility and trust. A lot of organisations see your listed problems as opportunities because they have visibility of how poor their in-house capabilities are. However they do need assurance CSPs deliver on claims.

          0 replies 0 retweets 0 likes
          Thanks. Twitter will use this to make your timeline better. Undo
          Undo

      Loading seems to be taking a while.

      Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

        Promoted Tweet

        false

        • © 2018 Twitter
        • About
        • Help Center
        • Terms
        • Privacy policy
        • Cookies
        • Ads info