Menu

Filter by
content
PONT Data&Privacy
  • PONT home
    • mill

    0

    Vital infrastructure
    Vitale infrastructuren zoals energievoorziening, gezondheidszorg en communicatie zijn onmisbaar voor de samenleving. Dit dossier richt zich op de digitale weerbaarheid van deze sectoren, de relevante wetgeving en de noodzaak van publiek-private samenwerking.

    Researchers discover security vulnerabilities in end-to-end encrypted cloud services

    Researchers Jonas Hofmann and Kien Tuong Truong of the Eidgenössische Technische Hochschule Zürich (ETH Zurich) examined several cloud services. In doing so, they discovered several vulnerabilities in end-to-end encrypted cloud services. It was even possible to access data.

    Informatiebeveiliging Nederland November 1, 2024

    News press release

    News press release

    Zero knowledge encryption

    They are Sync, pCloud, Icedrive and Seafile. These cloud companies offer end-to-end encrypted storage. These cloud providers, by their own admission, have no access to user data. They themselves describe this as zero-knowledge encryption.

    Vulnerabilities

    The security vulnerabilities include failure to authenticate user key material, allowing a malicious party to inject its own keys. Other vulnerabilities include unauthenticated public keys, protocol downgrades, exchanging files via links, unauthenticated encryption modes, "unauthenticated chunking," modifying file names and their location, modifying file metadata and injecting folders and files.

    Share article

    Comments

    MORE REACTIONS

    Leave a comment

    You must be logged in to post a comment.

    NEWS

    Rekenkamer waarschuwt: quantum kan overheidssystemen kraken

    News/press release

    Hybride dreiging vanuit Rusland neemt toe

    News/press release

    NS outsources part of its automation to American company DXC Technology

    News/press release

    Critical infrastructure on American servers: Solvinity and the limits of Dutch digital autonomy

    News/press release

    The potential acquisition of Dutch IT service provider Solvinity by American giant Kyndryl is causing considerable unrest among politicians and regulators. During a...

    Government invests millions in reliable digital infrastructure for road safety

    News/press release
    Editorial PONT | Data & Privacy
    A large building with many windows next to a body of water

    Coalition takes legal action over takeover of DigiD supplier

    News/press release

    DigiD must not fall into American hands

    Blog

    European member states fear Brussels 'power grab' in fight against Chinese tech

    News/press release

    New national security requirements for public procurement

    News/press release
    General Intelligence and Security Service

    Expert membership

    Expert membership

    Benefit now

    Masterclass EU Legislation: Navigate Successfully Through Data, Cyber & AI

    Many new laws and regulations around data, cyber, technology, AI and digital platforms are coming our way from Brussels. Consider, for example, the impact of the Data Act, the AI Act, the CRA and NIS2. Important new legislation: what's the latest? In this course we address the question of how you as a professional can prepare yourself. You will get an overview of the most important laws and regulations and we will discuss the latest developments.

    Learn more

    Join PONT | Data & Privacy

  • Access to Knowledge Base
  • Read e-books
  • Contact with peers
  • Own news overview
    • BECOME A MEMBER

    General

    Service

    Navigate

    Berghauser Pont Media Group

    CONTACT

    𝕏

    Copyright 2026 Berghauser Pont | Website created by Buro Zero