Techly NewsGet the app

Get the latest tech news

Researchers Discover Flaws In Five End-to-End Encrypted Cloud Services


SC World reports: Several major end-to-end encrypted cloud storage services contain cryptographic flaws that could lead to loss of confidentiality, file tampering, file injection and more, researchers from ETH Zurich said in a paper published this month. The five cloud services studied offer end-t...

However, ETH Zurich researchers Jonas Hofmann and Kien Tuong Truong, who presented their findings at the ACM Conference on Computer and Communications Security (CCS) last week, found serious flaws in four out of the five services that could effectively bypass the security benefits provided by E2EE by enabling an attacker who managed to compromise a cloud server to access, tamper with or inject files. The E2EE cloud storage services studied were Sync, pCloud, Seafile, Icedrive and Tresorit, which have a collective total of about 22 million users. And SC World does note that all 10 of the tested exploits "would require the attacker to have already gained control of a server with the ability to read, modify and inject data.

Get the Android app

Or read this on Slashdot

Read more on:

Photo of end

end

Photo of researchers

researchers

Photo of flaws

flaws

Related news:

News photo

Researchers Discover Flaws In 5 End-to-End Encrypted Cloud Services

News photo

OpenAI’s Whisper transcription tool has hallucination issues, researchers say

News photo

Researchers say an AI-powered transcription tool used in hospitals invents things no one ever said

« DragonRuby Game Toolkit hits v6.0
Writes and Write-Nots »