Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
Dan O'Donovan wrote: > Hsuan-Yeh Chang wrote: >> Is there a way to encrypt data stored with cloud services (such as >> dropbox) that can be decrypted only by the data owner... > > Sure it can, but one of the reasons that DropBox is great is because > it saves incremental backups of your files (tracking changes and the > like). If you start encrypting them you loose this... Not only is the problem solvable, but there are existing open source (rsyncrypto) and and commercial (Wuala) solutions. The only real challenge a DropBox-like service faces when implementing client-side encryption is one of convenience - such as how do you provide the user with access to their files if all they have is a web browser? Decryption would need to be done in Java or JavaScript, and the user would have to have their key, or an adequately strong passphrase to generate a key. It's the usability challenges that undoubtedly led to DropBox taking the less secure approach. Cloud storage is easy compared to securing cloud applications. With the latter the affiliated application data needs to be unencrypted in order for the application to interact with it. There is, however, a researcher at IBM who is working on a type of encryption that makes it possible to perform certain mathematical operations on encrypted data, such that the transformation persists after decryption. If this worked, you'd upload encrypted data to the cloud, process it in the cloud while still encrypted, and finally download and decrypt it. It sounds like something that will never be possible in the general case (more than for a few specific mathematical transformations). About the best you can hope for is a cloud vendor that uses an architecture where your login generates a key and your data gets decrypted on the fly. When you log out, the key gets flushed from memory, and your data resumes being inaccessible to anyone but you. > Hsuan-Yeh Chang wrote: >> If I send an e-mail (with attachment) from Gmail to Hotmail, would >> both Google and Microsoft keep this e-mail on their respective servers >> forever? No, not if you delete it. (Though backups are a different story.) Many people don't realize it, but it is possible to purge messages out of a Gmail account. I have a few Gmail hosted accounts, and I periodically purge all the messages out of them. -Tom -- Tom Metro Venture Logic, Newton, MA, USA "Enterprise solutions through open source." Professional Profile: http://tmetro.venturelogic.com/
BLU is a member of BostonUserGroups | |
We also thank MIT for the use of their facilities. |