from the what-goes-around-comes-around dept.
Hasn't this idea been re-cycled before ? What was old is now new again dept:
Private information would be much more secure if individuals moved away from cloud-based storage towards peer-to-peer systems, where data is stored in a variety of ways and across a variety of sites, argues a University of Cambridge researcher.
In an article published in the Proceedings of the Royal Society A, Professor Jon Crowcroft argues that by parcelling and spreading data across multiple sites, and weaving it together like a tapestry, not only would our information be safer, it would be quicker to access, and could potentially be stored at lower overall cost.
The internet is a vast, decentralised communications system, with minimal administrative or governmental oversight. However, we increasingly access our information through cloud-based services, such as Google Drive, iCloud and Dropbox, which are very large centralised storage and processing systems. Cloud-based services offer convenience to the user, as their data can be accessed from anywhere with an internet connection, but their centralised nature can make them vulnerable to attack, such as when personal photos of mostly young and female celebrities were leaked last summer after their iCloud accounts were hacked.
Storing information on the cloud makes it easily accessible to users, while removing the burden of managing it; and the cloud's highly centralised nature keeps costs low for the companies providing the storage. However, centralised systems can lack resilience, meaning that service can be lost when any one part of the network access path fails.
http://phys.org/news/2015-01-era-cloud.html
[Paper]: http://rspa.royalsocietypublishing.org/content/471/2175/20140862
(Score: 2) by pkrasimirov on Tuesday January 27 2015, @01:19PM
Use encryption, Snowden told you. However the devil is in the details. Also you must always have a hold on the private key.
(Score: 0) by Anonymous Coward on Tuesday January 27 2015, @04:22PM
You can encrypt it into a zip file using AES. Simply choose a password that's relatively easy for you to remember but difficult for someone else to guess or crack.
(Score: 0) by Anonymous Coward on Tuesday January 27 2015, @08:27PM
Encrypted communications are kept by the US government forever hence they will be decrypted sooner or later. Unencrypted ones have an expiration policy so far. It appears that steganography is currently the best option.
(Score: 2) by Open4D on Wednesday January 28 2015, @03:03PM
Was that a Snowden revelation? Or is it just an educated guess?
(Score: 1) by Anal Pumpernickel on Wednesday January 28 2015, @03:18PM
Right. They'll be decrypted longer after I'm dead, so a lot of good it will do them.
(Score: 1, Insightful) by Anonymous Coward on Tuesday January 27 2015, @01:26PM
The internet isn't yours. It isn't your friend.
Airgap, obfuscate, avoid.
(Score: 5, Informative) by MrGuy on Tuesday January 27 2015, @01:31PM
How do you protect your privacy in the era of cloud computing? Don't use cloud computing.
Once you upload something to "the cloud," you should assume a few things. First, you will never be able to actually delete it - it's out there forever, regardless of whether you want it there or not. Second, many copies are going to be made, by processes you don't control or understand. Third, that eventually that thing you uploaded will be able to be accessed without your consent, whether it be through a shady advertising agreement someone has with a third party, or someone compromising a server somewhere, or whatever other reason - someone WILL be able to access the file you uploaded. Fourth, anything you share with anyone, you've lost control of forever.
Encryption helps mitigate these problems, but does not eliminate them. Uploaded an encrypted file doesn't mean it won't be copied to hell, it just means the copies have the same encryption as the source. That's assuming YOU encrypted the file before you uploaded it - if you're relying on the cloud provider to encrypt it for you, well, you're putting a lot of trust in them to do it properly, and they still have access to the unencrypted original (if they encrypt it, they can decrypt it).
Not that files are totally safe if they're on your machine and you never deliberately upload them anywhere. But expecting to have control of something you uploaded elsewhere? All I can say is "good luck."
(Score: 0) by Anonymous Coward on Tuesday January 27 2015, @01:41PM
If your file is properly encrypted, why would you care how many copies of it are made? For anyone not having the key, it is just random bits without any information content. Let them copy those random bits. Let advertisers run their algorithm on that noise; it won't make them any wiser. Heck, put it on public servers for everyone to see! As long as it s properly encrypted, the data inside is still protected.
Just be sure to never give away the key. And yes, make sure that the data is encrypted properly.
(Score: 2) by MrGuy on Tuesday January 27 2015, @01:50PM
And there's the rub.
I am not a cryptography expert. I do not have a PhD in Applied Mathematics or a similar field. How do I know what "properly" encrypted means? I'm running a program I didn't write implementing an algorithm I didn't design to encrypt my data. Which means I'm taking on faith that the algorithm is strong, and that the implementation is good.
Even open algorithms can be weak. Dual_EC_DRBG's implementation was open for years before anyone outside the NSA found the flaw. MD5 was found to be weak after years of usage. You can't know the algorithm you're using is perfectly secure (even IF you're one of the PhD's). We don't know if P = NP.
And even if an algorithm is in fact good (AFAIK RSA is still believed not to be broken), specific implementations can be weak. Open source and peer review happens on some implementations, which is great, but not all implementations are perfect, and peer review isn't a silver bullet (Heartbleed was a bug in a widely used library that was there for years without being noticed). Entropy sources for most computing applications are frequently weak.
Your encrypted information is secure until the crypto you used on it is broken. Or your key is compromised, which is probably a more likely case.
(Score: 0) by Anonymous Coward on Tuesday January 27 2015, @02:02PM
If my key gets compromised, so does any other local data stored on the same device.
Of course if you want to have provably working encryption, you can always use a one-time pad.
And if you now fear that your random numbers might not actually be random enough, then you better also check that your computer doesn't contain a hidden sender that sends your valuable data out (in which case, even not connecting your computer to anything won't help).
(Score: 2) by VLM on Tuesday January 27 2015, @02:18PM
"How do I know what "properly" encrypted means?"
Most of the attacks are simple social hits that have pretty easy analogies. No math needed.
So ... You meet a dude on the street, no reputation known, and he offers to follow you home and replace the locks on your house with what he claims are better locks (which he made and you don't know anything about, so who knows) and obviously he has your keys because he's the guy who made and installed the lock in your door for you. Even worse he has a website you can go to on your phone to unlock your door at any time, so you'd have to be pretty stupid to think he doesn't keep a copy of your keys (how else does he unlock your door from your cell phone?) and doesn't have full access to your house and wouldn't give anyone else full access to your house, ranging from marketing survey people to cops to corporate spies. But shady dude has as his marketing phrase that no one has access to your house but you. You'd have to be pretty stupid to believe that. But there is product shipping today in the security field with that analogous design.
Another analogy is a locksmith paid by .gov to claim he encrypts everything with super secure 4096 bit encryption but to make everything convenient and simple you just enter a short one word password, and that decrypts the 4096 bit key that encrypts the data, so you know 99% of the users have some iteration of "Password1" as their password. This variety of snake oil is like the guy who markets his deadbolt lock as being all criminal proof, if you use the lock, but for your convenience this deadbolt has a lever on both sides of the door so the lock itself and its key don't really matter.
"Well, we can't let you look at this lock very closely, all patented and stuff, but I assure you its a really secure lock" and anyone who looks close and sees its a 1850 skeleton key paid for by the NSA gets a DMCA violation, arrested, etc. You have to be pretty dumb to risk everything on some PoS home depot lock that you can't even look at. But there's plenty of commercial security theater products like this.
Just sit there for a second and assume the guy you're doing business with is a criminal... how easy would it be to rip you off? Most don't need hours of study, they tend to be pretty blatant. Another game is assume some 3rd party criminal (like your .gov, another .gov, really any .gov...) is trying to break in, how hard would it be?
As an example of something that works, say you layer encfs on dropbox. Well, encfs has nothing to gain from trying to rip me off because everything it does is public and has no ability to access my encrypted data (directly). And dropbox can give encrypted versions of my file to anyone but they can't get the contacts. So, not bad. I store some financial stuff that way. So when the inevitable happens and the contents of people dropboxes start appearing in torrents, I have little to worry about.
Pretty much whenever in the real world someone offers nothing other than "convenience" and "trust" they're probably out to screw you. Doesn't matter if there's a computer involved or not. Sounds like a bank. Or insurance. Or cops.
(Score: 2, Interesting) by Buck Feta on Tuesday January 27 2015, @04:53PM
Note that data which is encrypted properly today may be easily cracked in the future.
- fractious political commentary goes here -
(Score: 2) by mcgrew on Tuesday January 27 2015, @02:50PM
How do you protect your privacy in the era of cloud computing? Don't use cloud computing.
Well, unless it's your own cloud. I ordered a Seagate external drive a week ago yesterday (that they haven't shipped), and they're calling it a "personal cloud". It's the only kind of "cloud" I'd trust.
Carbon, The only element in the known universe to ever gain sentience
(Score: 2) by frojack on Tuesday January 27 2015, @08:23PM
I ordered a Seagate external drive a week ago yesterday (that they haven't shipped), and they're calling it a "personal cloud".
I use one of these (from Western Digital, not Seagate).
But I don't trust it enough to allow access from outside my network, so its not really a "cloud" regardless of what they call it. Its just Network Attached Storage. I refuse to open inward ports in my firewall for it.
It does fetch software updates once in a while, and I do worry about that, because firewall piercing technology is easy if you allow any outbound ports to be opened. I have egress filtering on for it at the firewall. Every 3 or 4 months I allow it to talk to the web to check for updates).
TFS/TFA says:
Crowcroft argues that by parcelling and spreading data across multiple sites, and weaving it together like a tapestry, not only would our information be safer,
This is bullshit of the first order. You won't fool anyone when your clients are making simultaneous connections to 6 different clouds. If you can do it THEY can do it.
EVEN if you are heavily encrypted with your own mechanism, spreading your data around is foolish and dangerous. You've just created multiple points of failure. A server seizure here or there and you are dead.
Someone might propose a totally encrypted Raid 5 system with drivers for all of the many cloud services, and redundancy against at least two service failures/seizures, and I might be tempted to try that.
But simple scattering is simply not trustworthy.
No, you are mistaken. I've always had this sig.
(Score: 2) by mcgrew on Wednesday January 28 2015, @01:54PM
Indeed, I only plan to use it at home. My devices all have adequate storage and I can always offload data later.
Carbon, The only element in the known universe to ever gain sentience
(Score: 2) by urza9814 on Thursday January 29 2015, @06:25PM
He's not talking about spreading it across Google and Bing and Dropbox. He's talking about something peer-to-peer. Something like Freenet probably, where you encrypt it, chop it into chunks, and ship those chunks out using onion routing to be stored and duplicated on dozens or even hundreds of different peers.
The problem -- but also benefit -- is that such networks will almost certainly have a more limited memory. With Freenet, it duplicates things as they're retrieved, and purges them if they aren't. So data that is commonly requested is duplicated across many nodes making it quick to retrieve and less likely to be lost if one node goes offline. Data that is rarely retrieved eventually gets replaced with something more popular. So it's quite good for distributing the latest movies, but a pretty terrible place to store last year's tax data in case you get audited.
(Score: 2) by Thexalon on Tuesday January 27 2015, @02:55PM
And even if you encrypt it yourself, and you use a method believed to be secure, there's no guarantee that the encryption cannot be broken: It's possible that some organization has a break for that method of encryption and is keeping it secret, or that some future discovery will render the method of encryption you used obsolete.
And, of course, the unencrypted original could be sniffed in transit from you to the cloud provider by a third party.
The only thing that stops a bad guy with a compiler is a good guy with a compiler.
(Score: 3, Insightful) by WizardFusion on Tuesday January 27 2015, @01:43PM
I moved all my "cloud" computing back into my home. I have an ownCloud running on my Synology NAS for my contacts and calendar. Dropbox is no longer used, my files are sync'd with my home NAS.
I am looking for a way of self-hosting my emails too, to remove them from my current provider.
(Score: 1) by curunir_wolf on Tuesday January 27 2015, @02:17PM
I love the Synology products, but the ones I want are a little out of my budget, so I've decided to go with the WD My Cloud [pcworld.com] and just add a USB drive to it for backups.
I've been using my own email server for many years. I also have a GMail account, and I just use Google's "archive" services to download an archive of everything periodically. Just go to myaccount [google.com] on Google and hit "download data". You'll get an offline copy of everything, including email.
I am a crackpot
(Score: 2) by cmn32480 on Tuesday January 27 2015, @02:48PM
I did the same thing. With the same hardware.
I'd be interested in the mail server option, if you find one. Particularly if it runs on the Synology. How do you intend to get past the "No servers" clause on the residential internet connection?
"It's a dog eat dog world, and I'm wearing Milkbone underwear" - Norm Peterson
(Score: 2) by WizardFusion on Tuesday January 27 2015, @02:53PM
I don't have too - My UK ISP doesn't have one. :)
(Score: 2) by urza9814 on Thursday January 29 2015, @07:23PM
I've been working on my own email solution, just about got it finalized, so here's what I'm going with if it helps:
1) Buying a mail pack from Gandi.net (already have a domain name there). They're basically just going to be an endpoint. Less because of my ISP's ToS (sure, they SAY you can't run servers, but who cares?) but more to get around the fact that mail coming from a residential IP will almost certainly be flagged as spam. So I'm using them as a relay to keep my address more trustworthy.
2) From there, the mail is downloaded and purged from their server and transferred onto my own using fetchmail. First advantage is that this limits the amount of time the mail is out of my control, secondly unread email receives greater legal protection in the US than stored mail, and finally they probably have better uptime than I will so it reduces the risk of lost mails.
3) Then my home server is running Dovecot to serve the mail to all my devices via IMAP.
Of course, all my mail does still go through Gandi...but I trust them more than Google, they only have it for a short time, and I'm also setting up PGP on all my devices. If you're a bit more paranoid you could probably route only SMTP through the intermediary, since that's the one that's going to be the most trouble from a residential connection...which would probably be a bit easier.
(Score: 3, Funny) by q.kontinuum on Tuesday January 27 2015, @02:18PM
I think I will start a new, gigantic service, called "peer-to-peer-cloud". If this article gets enough publicity, I expect I can find tons of new customers, and I could offer them to consolidate all their data on my new, and so much safer, "peer-to-peer-cloud". Management should love this ;-)
On a more serious note:
If you have any shady images you want to store decentralized, please send them to me. I promise I will send back a copy whenever you need it.
Registered IRC nick on chat.soylentnews.org: qkontinuum
(Score: 3, Funny) by VLM on Tuesday January 27 2015, @02:22PM
I bet you'll get a torrent of customers for your new service
(Score: 1) by Shijiyaku on Tuesday January 27 2015, @02:51PM
What i do is make a lot of email accounts for trivial things like fb, forums, games, et al. It also cuts down on spam!
But the best is - dont be stupid and use different login+passwords.
Born too late for sail;too early for space
(Score: 2) by Magic Oddball on Wednesday January 28 2015, @01:26PM
If you haven't given SpamGourmet [spamgourmet.com] a try, I highly recommend it — it lets us functionally have an endless number of semi-custom (pattern "customword.username@spamgourmet") email addresses created on the fly, so we can set a unique one for each account and limit the number of messages passed through to us from each.
(Score: 1) by WillAdams on Tuesday January 27 2015, @04:02PM
I believe there was a commercial networking product which did this for small local area networks....
Kerbango maybe?
ISTR it get better as one added more machines, and that one could remove a certain percentage of machines and nothing would be lost.
(Score: 1) by TheRealMike on Tuesday January 27 2015, @05:51PM
I am in the unusual position of having just released a new desktop P2P application. Lighthouse [vinumeris.com] does decentralised crowdfunding using Bitcoin. It talks directly to the Bitcoin P2P network to synchronise its wallet with the block chain and also has a bunch of community run servers for other tasks. I've been writing P2P software for Bitcoin for years now, so I am quite familiar with the challenges. I also worked at Google for quite a few years on big, centralised web services like Maps and Gmail.
The core problem is that whilst p2p and decentralisation solve some problems (no central outages due to a bogus config file push, for instance), they introduce a lot more of their own. I'd say the difficulty of doing a decentralised system is much higher than centralised. Not only is the networking code much more complex but the privacy aspects get harder too. It's not enough to say, it's peer to peer therefore it is private. All P2P does is replace one professionally run server farm with lots of smaller, more amateur servers which may or may not stay online and may or may not be well maintained and may or may not be malicious.
One problem is that we lack good tools. The industry has spent years developing tools and skillsets that are most appropriate for the centralised world. Most obviously, web apps are an inherently non-p2p application model, to the extent that data and code are tightly locked together by the same origin policy and the fact that it's all hosted remotely. You can't just install a competing app and open your local files. It's much, much worse than what we worried about in the 1990's with undocumented file formats. But web apps are also what modern developers know how to build, often to the exclusion of any other kind of app. Companies like Google and Amazon have spent years making good, solid toolchains for making "cloud services" ie. things that run on their servers. Every language and runtime comes with the ability to do HTTPS and JSON out of the box, or it's easy to add. But they never come with P2P networking fabrics ..... heck, there isn't even a widely agreed standard protocol layer for P2P applications like there is on the web.
Then throw in the desire to encrypt everything and what you get is ... complexity out the wazoo. You end up spending all your budget on decentralisation whilst your centralised competitors power ahead with adding features. And given a choice, most people will pick features over some often ideological notion of decentralisation.
That's without even getting into the funding problem! There's not much money in decentralised, peer to peer infrastructure. But build a centralised web service with potential for ads and investors will beat a path to your door.
All told, I think we will see more luck in the near term from just adding more encryption to existing centralised products.
(Score: 2) by Open4D on Wednesday January 28 2015, @04:17PM
I confess that includes me. I'm currently using Google services for lots of things. Considering Last Pass for password storage. Etc..
I tell myself I'll transition away from these services and do things properly one of these days when I'm not busy, but that might not be for a long time.
From your argument I can see that decentralisation might not become the norm for many many years.
(Score: 0) by Anonymous Coward on Tuesday January 27 2015, @06:32PM
Install it on your server and host your apps.
(Score: 2) by Open4D on Wednesday January 28 2015, @04:04PM
Interesting, I hadn't heard of this. The concept is explained on their blog [sandstorm.io] and on their (closed, successful) Indiegogo page [indiegogo.com].