Debate to spook stocks? Friday, 23 Sep 2016 | 5:23 PM ET | 03:04
“I don’t have any idea what he’s going to do, and I don’t think the markets have any idea either.”
That was George Selgin, director of the Center for Monetary and Financial Alternatives at the Cato Institute, speaking CNBC this morning about what Trump about the economy if elected president.
Now that the Fed is out of the way, at least until December, traders are pondering exactly what the election of either major candidate will mean for the markets.
One thing’s for sure: Up to this point, the presidential election has not moved markets much. Goldman acknowledged this in a recent note, saying, “While it is already a common topic of conversation with clients, it does not yet seem to be affecting investment decisions.”
But that will change soon — particularly after the first presidential debate on Monday.
Here is the conventional narrative:
The base case is divided government. Markets are positioned for a Clinton win, with the House staying Republican.
Markets are not positioned for a Trump victory. Therefore, as we get closer to the election and if it appears Trump has a reasonable chance of winning, market volatility will notably increase.
Smart traders are bringing up two points about the election and markets. No matter who wins, austerity will likely be de-emphasized, and the conventional narrative that a Trump victory will be bad for the markets should be questioned.
1) No matter who wins, it’s likely that austerity is over, and several sectors will be likely beneficiaries. Congress may seem gridlocked, but there is a growing consensus that the new Congress — whoever controls it — may be in a mood to spend.
“One of our key themes for both the US and global economy is that fiscal policy is shifting from austerity to modest stimulus,” Ethan Harris, global economist for Bank of America Merrill Lynch, wrote in a recent report.
Some are even more aggressive. “Government austerity is over, and monetary policy will pass the baton to aggressive fiscal policy,” Michael Arone, chief investment strategist for State Street Global Advisors’ U.S. intermediary business, said in a recent note.
But what kind of stimulus? Both candidates have expressed a desire for more infrastructure spending and both are strong on defense. That would mean that certain industrials and materials firms with exposure to higher infrastructure spending, as well as aerospace & defense stocks, would be logical choices. Goldman specifically cites Honeywell,Northrop Grumman, and L-3 Communications in the aerospace & defense space. It also highlights Vulcan Materials, Martin Marietta Materials, Summit Materials (all building materials) and Gerdau (steel) in the materials space.
OK, that makes sense. But past these sectors, it gets murky. Clinton and Trump differ significantly on many sectors that could affect markets, including:
Energy: Clinton, for example, favors more regulation of the fracking industry and more investment in alternative energy. Trump favors less regulation.
Health care: Clinton supports keeping the Affordable Care Act, which will continue to benefit hospitals. Drug companies will face pressure on drug costs. Trump would repeal the ACA.
Congress is also a significant wild card. Beyond infrastructure spending, it’s not clear where Congress may come down on many critical issues. Corporate tax reform, for example, is frequently cited as an area of cooperation between Clinton and GOP House Speaker Paul Ryan, but that would depend on whether they could find common ground on a lower rate and closing loopholes.
That also applies to trade. Current deals will stay in place but the Trans-Pacific Partnership is likely in trouble.
On financial regulations, a Republican-dominated House would not support big tax increases on the wealthy or a significant expansion of Dodd-Frank or other financial regulations, as Clinton supports.
2) The conventional narrative on a Trump victory, that the markets will be more volatile and stocks will decline should be questioned.
Didn’t we learn this lesson from the British referendum on leaving the European Union? It was the same scenario: Markets were positioned for a “no” vote. Polls indicated a “no” vote was the winner. When the UK voted “yes,” the S&P 500 dropped a little more than 100 points in the following two days, but then gained it all back in the next few days! Even more, it was the start of a significant breakout, with the major indices powering to historic highs in the next six weeks.
OK, a Trump victory has different characteristics, but you get the point.
Another point rarely discussed is that a Paul Ryan-led House will not necessarily be Trump’s lapdog. Ryan, by all accounts, is no fan of Trump’s and will almost certainly serve as a break on any of his more controversial proposals.
We could thus ultimately see a Trump victory — a victory that seems like a radical departure from everything that came before it — turn into something that is much more status quo Republican than anyone is really thinking.
A sign is displayed outside of a Wells Fargo bank in San Francisco, California.
Two former Wells Fargo employees have filed a class action in California seeking $2.6 billion or more for workers who tried to meet aggressive sales quotas without engaging in fraud and were later demoted, forced to resign or fired.
The lawsuit on behalf of people who worked for Wells Fargo in California over the past 10 years, including current employees, focuses on those who followed the rules and were penalized for not meeting sales quotas.
“Wells Fargo fired or demoted employees who failed to meet unrealistic quotas while at the same time providing promotions to employees who met these quotas by opening fraudulent accounts,” the lawsuit filed on Thursday in California Superior Court in Los Angeles County said.
Wells Fargo has fired some 5,300 employees for opening as many as 2 million accounts in customers’ names without their authorization. On Sept. 8, a federal regulator and Los Angeles prosecutor announced a $190 million settlement with Wells.
The revelations are a severe hit to Wells Fargo’s reputation. During the financial crisis, the bank trumpeted being a conservative bank in contrast with its rivals.
A Wells Fargo spokesman on Saturday declined to comment on the lawsuit.
The lawsuit accuses Wells Fargo of wrongful termination, unlawful business practices and failure to pay wages, overtime, and penalties under California law.
Former employees Alexander Polonsky and Brian Zaghi allege Wells Fargo managers pressed workers to meet quotas of 10 accounts per day, required progress reports several times daily and reprimanded workers who fell short.
Stumpf: Deeply sorry we failed to serve customers Tuesday, 20 Sep 2016 | 10:13 AM ET | 01:45
Polonsky and Zaghi filed applications matching customer requests and were counseled, demoted and later terminated, the lawsuit said.
While executives at the top benefited from the activity, the blame landed on thousands of $12-per-hour employees who tried to meet the quotas and were often required to work off the clock to do so, the lawsuit said.
Employees with a conscience who tried to meet quotas without engaging in fraud were the biggest victims, losing wages, benefits and suffering anxiety, humiliation and embarrassment, the lawsuit said.
Wells Fargo was aware many accounts were illegally opened, unwanted, carried a zero balance, or were simply a result of unethical business practices, the lawsuit said.
“Wells Fargo knew that their unreasonable quotas were driving these unethical behaviors that were used to fraudulently increase their stock price and benefit the CEO at the expense of the low level employees,” the lawsuit said.
Optimism about the outlook for Britain’s financial services sector is at its lowest point since the financial crisis, a survey of finance firms showed on Monday.
The latest survey of 115 financial services firms by business lobby CBI and consultancy PwC found that optimism fell during the three months to September, the third quarter in a row that it has dropped, marking the longest decline since the depths of the financial crisis in 2009.
Over half of all financial firms surveyed said the general impact of Britain’s Brexit vote was negative, with only one in ten firms seeing any upside.
“With firms voicing strong concerns about the impact of Brexit, especially the risks to the wider economy in the years ahead, the government must allay their unease with clear plans for negotiations to leave the EU,” CBI Chief Economist, Rain Newton-Smith, said in a statement.
Britain’s financial industry is the economy’s biggest tax earner as firms benefit from a European Union “passport” allowing them to operate across the bloc from a British base.
Britain will have to negotiate new trading terms with the EU and it is unclear if full passporting for financial services will continue so that companies can avoid having to invest in a new base inside the EU.
Is Brexit anxiety here to stay? Monday, 12 Sep 2016 | 10:48 PM ET | 01:16
The Lloyd’s of London insurance market said last week it was planning to move some underwriting activity to the EU if there is no full access to the single market.
“Many of our clients are considering their options, including potential restructuring and relocation of their businesses,” Andrew Kail, UK financial services leader at PwC, said.
“However, it’s the domino effect on people, productivity and position as a financial hub that must be guarded against.”
The survey also showed that a squeeze on profitability from very low interest rates, changes in technology and strong competition were also weighing on business sentiment.
Optimism was “broadly stable” in life and general insurance, and fell only slightly among banks, but dropped sharply among finance houses, building societies and investment managers.
Several property funds still bar investors from withdrawing their money after commercial real estate took a hit following the vote in favor of Brexit.
Growth in overall business volumes is expected to slow in the coming quarter, the survey, which was conducted between August 16 and September 1, said.
Meanwhile, a separate survey published on Monday showed that three-quarters of British company bosses are considering moving operations abroad following the vote to leave the European Union.
The KPMG survey of 100 UK chief executives, from companies with revenues between 100 million pounds and 1 billion pounds ($130 million-$1.30 billion), found 86 percent were confident about their company’s growth prospects and 69 percent were confident about the British economy’s growth prospects over the next three years.
However, 76 percent said they were considering moving either their headquarters or their operations outside Britain because of the June 23 “Brexit” vote.
“CEOs are reacting to the prevailing uncertainty with contingency planning,” said Simon Collins, KPMG UK chairman.
“Over half believe the U.K.’s ability to do business will be disrupted once we Brexit and therefore, for many CEOs, it is important that they plan different scenarios to hedge against future disruption.”
The June vote has created uncertainty over Britain’s future economic and trade relationship with the European Union.
John Nelson, chairman of Lloyd’s of London, told Reuters last week that the insurance market would be ready to move some of its business to the EU as soon as Britain invoked Article 50 of the EU’s Lisbon Treaty, which triggers the start of exit from the bloc.
Aides to Prime Minister Theresa May have suggested she hopes to trigger Article 50 early next year, opening the way for up to two years of negotiations.
Asked what would encourage businesses to continue investing in Britain following the Brexit vote, the majority of CEOs surveyed by KPMG ranked certainty over trade terms as the most important.
Only one CEO said a timetable for triggering the formal divorce process and the subsequent exit was the most important factor.
KPMG said 72 percent of the CEOs surveyed had voted to remain in the EU.
The Brexit vote has hit the British currency, with sterling skidding to a five-week low close against the dollar on Friday, but a Reuters poll this month found Britain is expected to narrowly dodge a mild recession that was widely predicted after the referendum.
More than 20 European business associations and companies interviewed by Reuters said they backed their governments’ position that Britain’s banking sector can only enjoy EU market access post-Brexit if the country still follows the bloc’s rules.
It’s not necessary that only students who take coaching from top-notch institutes or from metropolitan cities gets admission to Indian Institute of Technologies (IITs), Indian Institute of Management (IIMs), other premier institutes.
Here’s the story of a laborer’s son from Kota, who is the first one from his village to get admission to India’s premier institute, IIT Delhi.
More about Abhishake Meen:
Meet, Abhishake, an 18-year-old who native of Chatrapura village in Etawa area of Kota district
Being the son of a NREGA labourer, Ramdayal, Abhishake has seen all the pains his father took to fulfill his dream
As per reports, this boy was completely unaware about the IITs till class 10
It was only when he got 72 per cent in his class 10 board examination that the concerned schoolteachers suggested his father to send him to Kota for coaching and to prepare for IIT
All the years, he did his schooling from a Hindi-medium school in the village itself
In the IIT-JEE exam this year, he attained 257th rank (reserved category)
While speaking about this achievement, Abhishake said, “I took coaching for only IIT and did self studies for class 12 exams and obtained 83 per cent. However, my friends and coaching faculty helped me by providing notes for the higher secondary studies.”
Moreover, he added that in his first attempt for IIT, he did clear the exam but was not allotted any college. “That did not discourage me and I decided to try again,” he said
And now, he will be pursuing Industrial Production at IIT
His father, Ramdayal, had to borrow money for his coaching expenses from a local lender at an interest of 2 per cent as NREGA wages and income from their agriculture land were not enough to cover the fees.
Moreover, his father, Ramdayal said, “I am overwhelmed with joy. I am very happy as my son has succeeded in the exam and has become the first IITan of the village.”
What after IIT?
After completing his engineering degree, Abhishake hopes to purse innovative research that will benefit the lives in the villages of India.
“There is huge talent in the villages and I would work to bring out the same with innovative engineering education,” he added.
The central government will conduct student learning outcome assessment in various schools every year to improve educational quality in schools, said Union HRD Minister Prakash Javadekar.
Delivering the Dr APJ Abdul Kalam Memorial Lecture at Vedavyasa Vidyalayam Senior Secondary School in Kozhikode, the minister said that in the learning outcome assessment, the government would assess every three per cent of the students studying in zila parishad and municipal schools and schools run by organisations like Vidya Bharti, besides private ones and those run by educational societies.
He also awarded the winners of all Kerala Quiz competition 2016 conducted by Vedavyasa Vidyalayam Senior Secondary School. The theme of the quiz competition was ‘Indian Culture’.
Excerpts from minister’s speech:
“We have a mission in our mind that is to improve the quality of education. Therefore, learning outcome becomes important. There are several assessment reports before us. Now, the government will also conduct assessment every year of mathematical, language, reading and writing abilities of students in various schools,” the minister said
“We will assess every year three per cent of students and will give a correct picture of quality of education being imparted in our primary schools,” he said
“The ultimate objective of education is to bring about in us a good human being,” he said, adding that teachers have to play a key role
Javadekar said, “our strength is that our culture is based on the rich ethos of unity in diversity.”
India has achieved expansion of education and now there is a need to improve the educational quality, said Javadekar.
If you’d walked by our test bed while we were testing Akitio’s Thunder3 PCIe SSD, external drive, you’d probably have stopped and done a double-take. 2GBps transfers from an external drive? No way.
How could this possibly be, you ask? The Thunderbolt 3 interface is basically PCIe over a wire, and features a massive 5GBps transfer rate. The Thunder3 PCIe SSD is a classy-looking, Thunderbolt 3 enclosure that contains a single PCIe slot. Put a 1.2GB Intel 750 NVMe SSD in said slot, and for all intents and purposes, it’s the same as putting it in an internal PCIe slot. 2GBps? Thunderbolt 3 isn’t even breaking a sweat.
Alas, this marvelous demonstration of advanced technology isn’t cheap. Actually, at $1,299, which includes the $800-plus drive (or even $1,270 on Amazon), it’s not even within shouting distance of affordable. But dang, if its speed isn’t enticing.
The silver-hued Thunder3 PCIe SSD measures approximately 9.2 inches deep, by 6 inches tall, by 3 inches wide. That’s large, but necessary to accommodate all types of PCIe cards, including full-height and double-width if necessary. In this case, the card is the single-width, low-profile Intel 750, which means more room for airflow to keep it cool. The back of the drive sports two Thunderbolt 3 ports, as well as what the online specs say is a single DisplayPort 1.1 port.
The Thunderbolt 3 chip is an Intel Alpine Ridge, which supports DisplayPort 1.2, but Akitio informed us that there have been issues with some 1.2 displays, so it’s sticking with DP 1.1. Note that Thunderbolt 3 uses the same Type-C connector as USB 3.x, but requires a more expensive cable with embedded electronics. A Thunderbolt 3 cable is included with the drive. And no, the Thunder3 PCIe SSD won’t work with USB 3.1.
Our test box came pre-populated with the Intel 750 SSD, but captive thumbscrews on the back make opening the unit and adding your own PCIe card SSD a snap. So yes, you can pay $400 for the box and roll your own adapter card/M.2 PCIe solution.
We’ve already told you that the Thunder3 PCIe SSD is really, really fast, but there’s nothing like a chart or two to drive home that point. We’ve included internally mounted Samsung 950 Pro M.2 NVMe and Intel 750 SSDs to illustrate the relatively even performance between internal and external PCIe.
The Atech Flash VX-2SSD, a very fast external USB 3.1/SATA RAID enclosure that would dominate most external drive graphs, seems slothful by comparison. Though not shown, random access times are in line with an internal NVMe SSD as well—0.03 to 0.06 milliseconds.
As shown below, the Thunder3 PCIe SSD’s performance simply squashes that of other external drives. Especially plain USB 3.0 hard drives such as the Seagate Backup Plus Slim and WD My Passport Wireless Pro. Then again, the Akitio drive costs nearly 30 times more than a plain 2TB USB 3.0 drive. Ouch.
We used an Asus X99 Deluxe motherboard with an Asus Thunderex 3 expansion card attached to its Thunderbolt header for testing. Note that the Thunder3 PCIe SSD is not compatible with OS X, and you can’t boot from it.
The Akitio Thunder3 PCIe SSD is a great product, and a joy to use. But, of course, we didn’t have to pay for it. The nearly $1,300 price tag pretty much relegates the pre-populated version to deep-pocketed early adopters and speed freaks, or multimedia production types in a hurry. Even $400 for the enclosure is sure to make the average user blanch. I, and I suspect the majority of the public, will make do with those $80 2TB, 130MBps USB 3.0 drives for a bit longer. Sigh.
Many people resist backing up their data to an online backup service like MozyHome, Carbonite, or Backblaze because they worry their data will be poked through by company employees, hijacked by criminals, or provided to law enforcement or government agents without due process.
The sanctity of your data boils down to whether the encryption key used to scramble your data can be recovered by anyone other than yourself. Below I outline the various methods and levels of encryption that can be employed by these services, and then evaluate six of the best options for home users. Several give subscribers full control of their encryption. If you’re already using a service, it’s possible you can even upgrade to take advantage of greater ownership options.
TABLE OF CONTENTS
Choosing the services to evaluate
iDrive and MozyHome
Choosing the services to evaluate
These are the parameters I set up for this roundup:
Focused on services that offer a personal edition, where you can purchase an account for a single computer or a bundle for a family
Included services that are established or well-reviewed.
Excluded services that offer scant information about their security and encryption practices. Subscribers should always be privy to how their data is protected.
Excluded sync services, even those (like SugarSync) that offer continuous backup and versioning. I define a sync service as one that doesn’t encrypt data with a per-user key before being transmitted over a secure connection. That also leaves out Box, Dropbox, iCloud, Google Drive, and others.
I also bypassed services that offer bad advice about file retention or security practices, and ones whose information is years out of date.
Six companies remained after this winnowing: Backblaze, Carbonite, CrashPlan, iDrive, MozyHome, and SpiderOak ONE. Keep reading to see how they rate on encryption features and strength.
Encryption: The ins and outs
Internet-hosted backups have several points of failure where encryption can protect a user’s data. I evaluated the services on each of these points:
Key possession. Encrypted backups require someone to create and possess the underlying key that’s used to encrypt your data before being stored by the host. But there are several aspects to this:
Who creates the encryption key? In all six cases, the native desktop backup software handles key creation, but with two services, you can opt to create a key.
Does the backup host hold the key in a form it can directly access, or in “escrow,” where it’s protected by a passphrase you set and the host doesn’t know? Or does the host never hold the key at all?
Is the passphrase converted through an algorithm into the actual encryption key, or is the passphrase used to unlock the encryption key? In the former case, an attacker who recovers the passphrase also effectively has the key, and can decrypt your backups.
If a backup service lets you reset your account password without losing access to your archives, it has full access to the encryption keys that guard your backups. If it can’t access your files’ contents (and sometimes even the listing of files) unless you enter your password or a custom key, you retain control.
Diversity of keys. Each service varies in whether it uses a single key for all backups, or various keys for different tasks. For instance, CrashPlan uses the same encryption key to scramble all backed-up files across all sessions; Backblaze generates a new key for each backup session; SpiderOak ONE has unique keys for every folder, version, and individual data block within its backups, partly to enable a group encrypted sharing option.
The more unique keys are used, the less risk you face from a single leaked or cracked key, or from advances in cryptographic cracking.
Encrypted before transit. Hosted backups require native apps to scan drives for files and transmit them. Strong encryption should be used by the app before files are transferred to a hosted service.
Encrypted in transit. It’s vitally important that transferred data is strongly protected separately from the encryption that wraps data before it’s sent. That’s to guard against offline attacks, where someone can intercept encrypted data and then attempt various ways to break it, both now and in the future. Encryption that’s unbreakable in 2016 may still break in the future.
Protected at rest. Even encrypted data needs additional layers of security. Some hosts disclose additional information about how they safeguard your data, including certifications and audits from third parties.
Restoring files. When you restore a backup, there’s also a question of where the key winds up. Even for services that allow a user to create a custom full encryption key, that key has to be transmitted to the backup host in a form that can be decrypted in order to restore files.
With all that in mind, we evaluated the following services from Excellent to Poor, summarizing their best and worst points in the pros and cons that follow each rating. For services that offer multiple ways to set up security and privacy, I’ve ranked based on the best method available, as outlined in the section above.
Encryption rating: Very good
Data is encrypted before and in transit
Website lets you access encrypted backups
Platforms: OS X, Windows, iOS, Android
Password is transmitted for recovery
Lacks a client that can restore and browse with local encryption keys
Unique keys can be unlocked with passphrase for master key
Backblaze uses public-key cryptography—the same kind of encryption used widely across the internet, including web connections with SSL/TLS cryptographic protocols. The app creates a public-private key pair and transmits the private key to its servers. For each backup session, Backblaze creates a new strong session key, and uses the private key in the key pair to encrypt it and send to its servers. The key is only stored in memory on the client and never stored in the clear at the server.
However, you can opt to set a passphrase to encrypt the private key before it’s transmitted to the server. In that way, this master private key and each session key are held in escrow. Only someone with the passphrase can access the private key, which in turn can decrypt a session key that restores data associated with a backup session.
Backblaze has engineered its system so that restores all happen via its website, not in the native computer app, so you have to enter that passphrase to decrypt the private key. The passphrase is also required for viewing information about backups through its website and mobile clients. The private key is also held only in memory on its servers and dumped when file browsing and restore operations finish.
This isn’t ideal. Backblaze falls short of other backup services by not offering a client that can handle restoring and browsing with encryption keys kept entirely locally. And while each backup session has a unique key, the fact that all can be unlocked with knowledge of the passphrase used to protect the master private key makes that less impressive. In practice, you’re more secure if you never restore files or browse lists.
Encryption rating: Excellent on Windows, Poor on Mac
Data is encrypted before transit with Private Key encryption for Windows users
Website lets you access encrypted backups (only through Auto option)
Platforms: OS X (limited), Windows, iOS, Android
Data is encrypted before transit with Private Key encryption for Windows users, but not with Auto Encryption (Mac users’ only choice)
Mac users get a server-side key that’s stored on the server
Carbonite is a mixed bag. It offers only Windows users the opportunity to passphrase-protect a private key. Mac users rely on a server-side key that’s generated and stored there. Worse, Carbonite doesn’t encrypt Mac users’ data before transmitting it with its default Automatic Encryption option; it encrypts only on the receiving end. That’s not the case with what it calls Private Key under Windows.
Because encryption happens on the far end, restored files are also decrypted before being transmitted back to a Mac user. Carbonite should step up and provide Private Key for Mac users, as the current situation doesn’t meet the bar for robust protection for backups or restores.
Encryption rating: Excellent
Data is encrypted before and in transit
Password is not transmitted for recovery
Website lets you access encrypted backups
Platforms: OS X (Java app), Windows, Linux, iOS, Android, Windows Phone
The archive key reset via reminder question is not a secure method
CrashPlan for Home requires a Java app, with security, reliability, usability issues
Code42’s CrashPlan offers three distinct options for setting up password and key control:
Standard: At the basic level, Code42 maintains on its servers an encryption key generated by its backup app. Your password manages access to the account as well as tasks like adding computers, using mobile clients, and restoring files.
Archive key password: The CrashPlan client generates a key, but you set a separate passphrase to encrypt the key, which is then stored in escrow at CrashPlan’s servers. You can upgrade from Standard to Archive without dumping existing backups. The archive key can be changed. There’s even an option to add an archive key reset with a reminder question. This reduces security enormously, however, because it effectively means your easier-to-remember answer is now the weakest link in accessing backups. I recommend against using it.
Custom key: You generate a lengthy key in one of several methods that’s never stored in any fashion at the Code42 servers. This custom key option is unique among services surveyed—all others rely on either a key generated by the app, which a user may be able to escrow at a server, or use an algorithm to convert a passphrase into the encryption key. If you switch from standard or archive key, your previous data is dumped, and you can’t downgrade encryption of newly archived files.
CrashPlan can decrypt files entirely via its native app. The archive key or custom key need only be entered when restoring files via the web interface, or viewing files via the web or the mobile apps.
CrashPlan for Home still requires the use of a non-native Java app, something that’s been a security, reliability, and usability sticking point for its customers for years. Even its business services have moved to native apps. Java has many known security issues, but CrashPlan relies on it for a self-contained app, rather than any web-based interaction.
iDrive and MozyHome
Encryption rating: Fair
Data is encrypted before and in transit
Password is not transmitted for recovery
Website lets you access encrypted backups Platforms: OS X, Windows, Linux (iDrive only), iOS, Android
Passphrase conversion carries some risk
These two separate services work in nearly an identical way. Both let a user create a passphrase—iDrive inaccurately calls it a “private encryption key”—which is transformed through a cryptographic algorithm into a 256-bit encryption key.
When you use this option, neither the passphrase nor the resulting key gets transmitted to the service. Both iDrive and MozyHome also admirably handle decryption in their respective clients without sending the passphrase or key to a remote server.
Even though the key is never sent (good), this passphrase conversion approach is weaker (bad) than a passphrase that locks a separate encryption key. That’s because an attacker only needs to obtain your unencrypted passphrase or break it through brute force to have access to your key. With that, if they can obtain your backup archives from the services or capture them in transit somehow, they can decrypt.
While that scenario sounds unlikely, there have been exploits in the past that allow crackers to break encrypted data transmission. When a passphrase locks a separate encryption key, an attacker might need to obtain your account name and password and the passphrase, and then would either have to break into the backup service’s systems or log in directly and use the backup service’s interface to retrieve files, leaving a trail.
Encryption rating: Very Good
Data is encrypted before and in transit
Password is not transmitted for recovery
Website lets you access encrypted backups
Highly granular shared secure data areas
Platforms: OS X, Windows, Linux, iOS, Android
If you want to share files or use the website, you have to enter the password
SpiderOak ONE is a bit of a hybrid between the iDrive/MozyHome and Backblaze approaches, and its sole method is highly secure—there’s no account password-only default tier.
With SpiderOak, you create a password in the desktop client, and the software derives many, many encryption keys from that. The password is never stored or transmitted to SpiderOak, but the keys—generated uniquely for each data block of the backup, each folder, and each file revision—are wrapped in a layer of encryption and stored on the backup servers.
This is because SpiderOak offers highly granular shared secure data areas, which require storing encryption keys on its servers in such a way that permission can be granted to multiple accounts to access files and folders. The same key can effectively be available to different users without storing it in such a way that SpiderOak (or a third party) can gain access.
In normal backup and restore operations, your password is never sent or used by the SpiderOak servers. However, if you want to share files, use the website for access, or use mobile clients, you have to enter the password to unlock access. As with other services, the keys generated from the password are stored in memory only while being used, and then flushed.
If you recall, Samsung confirmed over a week ago that it will resume sales of its Galaxy Note7smartphone in South Korea on September 28. That, however, is not happening now, as the relaunch has been pushed back.
The tech giant said yesterday that sales of the new Galaxy Note7 units will now begin October 1. As for the reason behind the move, Samsung said it will help speed up the ongoing recall of the phablet in the country.
“The recall rate will likely fall sharply should new sales have resumed on Sept. 28,” a Samsung spokesperson said. “Affected customers would no longer be able to exchange their devices through domestic carriers starting on Oct. 1, making the process more difficult.”
Just to give you an idea, only half (around 200,000) of the total Galaxy Note7 users in South Korea have registered for a replacement unit so far. In case you missed, the company has also extended the Note7 refund period in the country to September 30.
Several alleged images of Xiaomi’s soon to be unveiled Mi 5S smartphone have leaked online, revealing its design as well as availability details. The first image (shown below) clearly shows the device with a circular iPhone-like home button, only that it’s said to be a virtual one that integrates Qualcomm’s ultrasonic fingerprint sensor.
The next image is basically a render of the black colored variant of the device, revealing a design broadly similar to the one shown in the first image above.
Next up is a render of the Plus variant of the Mi 5S (which is said to come with 6GB RAM and 256GB storage). The render clearly reveals a dual rear-camera setup.
And finally, promotional material for the handset has also been spotted in China, revealing a launch date of September 29.
Samsung Galaxy C9 has been spotted on AnTuTu as well, with the listing revealing full HD display, 64GB storage, 16MP rear camera, and 16MP front shooter.
Other specs, including Snpadragon 652 SoC, 6GB RAM, and Android 6.0.1 were revealed by the phone’s Geekbench listing as well.
Original story follows:
The Samsung Galaxy C9 has now appeared on Geekbench, revealing some of its key specs. The listing reveals that the device is powered by Snapdragon 652 chipset, has 6GB RAM, and is powered by Android 6.0.1 Marshmallow.
In case you missed, the phone has been twice spotted on India’s import/export tracking website Zauba so far, revealing a 5.7-inch display on one occasion, and a screen size of 6.0-inch on the other. Rumors say the handset will be launched in the in Oct-Nov time frame.