Experts warn of cloud snooping

Jason Wright jason at thought.net
Fri Feb 1 21:34:08 CST 2013


I believe you are incorrect about Spideroak. They imply this misconception, but the proof is that you can access your files from an arbitrary computer that does not have the Spideroak client installed... Just visit their with a web browser, login, and download a file or two.  The key management is local to their servers not your client (if the keys were local to you, you would not be able to access your files from arbitrary machines).

Now, there is a storage service that does it right (local to you key management): ciphertite from conformal systems. The user interface is not so good, but there is no way to access files except from where you have your keys installed (they are both generated locally and stored locally).

--Jason Wright

On Feb 1, 2013, at 7:41, Louis Mamakos <louie at transsys.com> wrote:

> I have back-up drives too.  Hopefully the most recent back-ups won't be sitting next to my computer and share whatever fate befalls it.
> 
> It's always a balance of convenience against other risks.  I like having all my Music in Google Play, so I can stream anything from the whole collection rather than just what fits on my phone.  And if someone figures out that I own the soundtrack from "Cats", well, I suppose I'll just have to suffer the taunting.  oops.
> 
> For storage of files and syncing then between computers and mobile device, the Dropbox guys have a good user experience, but a poor security model where they can also access your files.  Their mobile clients can automatically add photos that you take to your dropbox folder and sync them to your desktop.  This has turned out to be really handy for me, though my subject matter is pretty tame and I'm not too worried about photos of my pets, telescope or other dumb stuff leaking out to random people.  I treat Dropbox like Facebook: I don't trust either of them, and "privacy" settings are mostly a tool to avoid getting spammed by ads, not to be trusted to restrict access.
> 
> For stuff for which I care about security and that I want to have backed up and subsets synced between computers, I use SpiderOak.  They have a zero-knowlege security system where the files are encrypted (at the your client computers) and they don't have access to the crypto keys.  This means if your computer dies and you loose your password, you're SOL, they can't help you recover the cleartext.  They've clients for Mac OSX, iOS, Android and yeah, Windoze, but I don't use the latter.
> 
> louie
> wa3ymh
> 
> 
> On Feb 1, 2013, at 9:12 AM, "fgentges at mindspring.com" <fgentges at mindspring.com> wrote:
> 
>> tacoistas,
>> 
>> "What happens in Los Vegas stays in Los Vegas".  Your data is not so well protected.  What you send to the cloud can be snooped on. Large hard drives are cheap and so are backup drives.
>> 
>> If you have not noticed, Microcenter is now selling 1 terabyte drives for $70 and 3 terabyte drives for $130.   Best keep your data there.  I don't want the cloud.
>> 
>> Frank K0BRA
>> 
>> 
>> On 1/31/13 11:20 PM, Andre Kesteloot wrote:
>>> 
>>> 
>>> ** Experts warn of cloud snooping **
>>> A piece of US legislation that gives authorities the right to spy on cloud data could be a major privacy issue for Europe.
>>> < http://www.bbc.co.uk/news/technology-21263321 >
>>> 
>>> 
>>> 73
>>> André N4ICK
>>> 
>>> 
>>> 
>>> _______________________________________________
>>> Tacos mailing list
>>> Tacos at amrad.org
>>> https://amrad.org/mailman/listinfo/tacos
>>> 
>> 
>> _______________________________________________
>> Tacos mailing list
>> Tacos at amrad.org
>> https://amrad.org/mailman/listinfo/tacos
> 
> _______________________________________________
> Tacos mailing list
> Tacos at amrad.org
> https://amrad.org/mailman/listinfo/tacos


More information about the Tacos mailing list