Stories
Slash Boxes
Comments

SoylentNews is people

Cloud Data Scrambler

posted by LaminatorX on Saturday March 01 2014, @06:30AM   Printer-friendly
from the applied-steganography dept.

AnonTechie writes:

"The Register is reporting on a new approach to discourage mining of your cloud-stored data. The so-called 'Melbourne Shuffle' should make it harder for cloud operators to mine or sniff your data.

Researchers from Microsoft, the University of California-Irvine, and Brown University have proposed a technology that should make it harder to derive value from data stored in the cloud. In a paper titled The Melbourne Shuffle: Improving Oblivious Storage in the Cloud, authors Olga Ohrimenko, Michael T. Goodrich, Roberto Tamassia and Eli Upfal kick things off with the statement that, 'One of the unmistakable recent trends in networked computation and distributed information management is that of cloud storage, whereby users outsource data to external servers that manage and provide access to their data.'

'Such services also introduce privacy concerns,' the authors write, '[because] it is likely that cloud storage providers will want to perform data mining on user data, and it is also possible that such data will be subject to government searches. Thus, there is a need for algorithmic solutions that preserve the desirable properties of cloud storage while also providing privacy protection for user data.'"

 
This discussion has been archived. No new comments can be posted.
Cloud Data Scrambler | Log In/Create an Account | Top | 11 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 3, Informative) by Anonymous Coward on Saturday March 01 2014, @10:38AM

    by Anonymous Coward on Saturday March 01 2014, @10:38AM (#9047)

    (Replying anonymously to preserve moderation)

    I modded you up because SpiderOak deserves more notice. Encryption by default is a good thing, and their service works well enough aside from a shoddy android client. However, one thing should be clarified. You said:

    They couldn't release your data with a warrant in their hands and a gun to their head.
    They never know your encryption key.

    That's what they claim, but it's currently not verifiable. The client, which generates the key, still isn't fully open source and auditable, so we have to take their word for it. Still, the fact that they provide encryption at all is a step up compared to most, and it's created by the client on your PC, so it's possible their claims are accurate.

    With that said, if you're really paranoid about sensitive data, you should encrypt it independently before putting it on any cloud storage. Something like EncFS [wikipedia.org] is a good choice, since the encryption is per-file. Set up SpiderOak to sync the encrypted directory EncFS creates from the unencrypted files you make. As a bonus, you keep your local copy encrypted as well (unless you do the backups with the --reverse encfs option)

    Starting Score:    0  points
    Moderation   +3  
       Insightful=1, Informative=2, Total=3
    Extra 'Informative' Modifier   0  
    Total Score:   3