Stolen master key: ownCloud: Microsoft fails to live up to its key role as hyperscaler

August 3, 2023

Holger Dyroff, Co-Founder and COO of ownCloud (Source: ownCloud)

Stolen master keys, lack of transparency and questionable technological solutions: The scandal surrounding the latest security breach at Microsoft is not abating. For Holger Dyroff, co-founder and COO of ownCloud, this is a prime example of why the big players on the market have long had a problem when it comes to data protection and digital sovereignty.

The loss of a master key, with which unauthorised persons can issue themselves functioning access tokens, is in itself a debacle for any serious software provider. But in the case of Microsoft, after the initial shock, more questions arise: Why does the company continue to remain silent about the extent and possible consequences? Why does Microsoft rely on a technology based on a master key at all? And why do third parties succeed in stealing it? To begin with: the existence of master keys is neither a questionable business practice, nor is it a failure on the part of the provider. Rather, it is a necessity of the business model, where Microsoft both hosts the cloud services and monitors the respective access to them. And even if the providers cannot be accused of malicious intent, it is ultimately the users who suffer the consequences of the theft.

This example shows why the centralised orientation of hyperscalers poses a considerable security risk and how the dependence on large companies like Microsoft has an impact – because all customers depend on the communication and transparency of the providers to whom they have entrusted their data. But what if companies simply remain silent about such and similar incidents? And how many other, comparable risks and problems are concealed in this way? In the end, the public usually only learns about it when a security-critical incident becomes public. A fatal mistake in dealing with all our data. The answer must therefore be: More communication, more transparency, more decentralisation and more open source culture. Then our digital sovereignty will also work.

Related Articles

Smart Cities market predicted to top $1,100 billion by 2028

Smart Cities market predicted to top $1,100 billion by 2028

The adoption of smart cities has witnessed a remarkable surge in recent years, driven by advancements in technology, growing urbanisation, and increasing recognition of the benefits of smart solutions.  This market is, according to the latest research from...

One year of Cell Broadcast in Baden-Württemberg

One year of Cell Broadcast in Baden-Württemberg

Minister Thomas Strobl: "The last 12 months have shown that cell broadcasting enables us to reach a large number of people quickly and easily in an emergency" "In the event of imminent danger or damage, it is crucial that we warn the population and give people...

Share This