Online backup - convenience vs paranoia
-
From what I can see there several tiers you can go on between one and the other and was wondering where people here who use a backup service are operating at? From most convenient to most secure: -1) Client on PC automatically syncs new files to server. Data is not encrypted on the server and can be accessed by anyone who has the URL to the file. 0) Client on PC automatically syncs new files to server. Data is encrypted using a generic key known by the backup company and stored on their servers. 1) Client on PC automatically syncs new files to server. Data is encrypted using a key unique to you but known by the backup company and stored on their servers. 2) Client on PC automatically syncs new files to server. Data is encrypted using a key unique to you and not known by the backup company or stored on their servers. 3) Option 2 but your computers hard disks are all encrypted. 4) Client on PC manually syncs new files to server, and requires the user to input the key because it's not stored locally. Key is only in memory for the duration of the encryption process. Data is encrypted using a key unique to you and not known by the backup company or stored on their servers. My thoughts on the options: After the MegaUpload debacle I no longer consider option -1 to be a reliable option due to the risk of having your data lost because other people are using the service illegally. Option 1 don't appear to offer significant increase in protection over option 0 to your data. If the back companies servers are compromised either by hackers or cops on a fishing expedition your data is exposed. Having to gain a user specific key instead of a company wide one doesn't seem to offer much additional protection and the encryption levels are high enough that a rainbow table type breaking method (is this called something else when attacking a symmetric key?) Option 2 leaves you safe if the backup company is compromised but if your home computer is compromised your data can be accessed. The catch is that if you ever lose/forget/etc the password your data is non-recoverable. Option 3 provides moderately more protection in that if your computer is powered off even if it's taken your data is secure. Option 4 means you're safe unless your laptop is grabbed unlocked during a sync, but without an automatic update process your data is more likely to be stale.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, waging all things in th
-
From what I can see there several tiers you can go on between one and the other and was wondering where people here who use a backup service are operating at? From most convenient to most secure: -1) Client on PC automatically syncs new files to server. Data is not encrypted on the server and can be accessed by anyone who has the URL to the file. 0) Client on PC automatically syncs new files to server. Data is encrypted using a generic key known by the backup company and stored on their servers. 1) Client on PC automatically syncs new files to server. Data is encrypted using a key unique to you but known by the backup company and stored on their servers. 2) Client on PC automatically syncs new files to server. Data is encrypted using a key unique to you and not known by the backup company or stored on their servers. 3) Option 2 but your computers hard disks are all encrypted. 4) Client on PC manually syncs new files to server, and requires the user to input the key because it's not stored locally. Key is only in memory for the duration of the encryption process. Data is encrypted using a key unique to you and not known by the backup company or stored on their servers. My thoughts on the options: After the MegaUpload debacle I no longer consider option -1 to be a reliable option due to the risk of having your data lost because other people are using the service illegally. Option 1 don't appear to offer significant increase in protection over option 0 to your data. If the back companies servers are compromised either by hackers or cops on a fishing expedition your data is exposed. Having to gain a user specific key instead of a company wide one doesn't seem to offer much additional protection and the encryption levels are high enough that a rainbow table type breaking method (is this called something else when attacking a symmetric key?) Option 2 leaves you safe if the backup company is compromised but if your home computer is compromised your data can be accessed. The catch is that if you ever lose/forget/etc the password your data is non-recoverable. Option 3 provides moderately more protection in that if your computer is powered off even if it's taken your data is secure. Option 4 means you're safe unless your laptop is grabbed unlocked during a sync, but without an automatic update process your data is more likely to be stale.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, waging all things in th
IMO, and I'm not a lawyer. If you put data in (on?) the Cloud, it should be encrypted; you own the data, and only rent space on the backup company system, they should not have access to your data unless a legal search warrant has been issued, and disclosure should be done in your/client presence. Also, try to use a company with a brick and mortar address in your country so you can have full legal recourse in case something horrific happens. The big issue I have with cloud backup system is that at some point it can take a long while to backup stuff (upload time) and there can be technical difficulties to do the backup that you don't have real control over it. M.
Watched code never compiles.
-
IMO, and I'm not a lawyer. If you put data in (on?) the Cloud, it should be encrypted; you own the data, and only rent space on the backup company system, they should not have access to your data unless a legal search warrant has been issued, and disclosure should be done in your/client presence. Also, try to use a company with a brick and mortar address in your country so you can have full legal recourse in case something horrific happens. The big issue I have with cloud backup system is that at some point it can take a long while to backup stuff (upload time) and there can be technical difficulties to do the backup that you don't have real control over it. M.
Watched code never compiles.
Maximilien wrote:
If you put data in (on?) the Cloud, it should be encrypted; you own the data, and only rent space on the backup company system, they should not have access to your data unless a legal search warrant has been issued, and disclosure should be done in your/client presence.
Absolutely!
-
IMO, and I'm not a lawyer. If you put data in (on?) the Cloud, it should be encrypted; you own the data, and only rent space on the backup company system, they should not have access to your data unless a legal search warrant has been issued, and disclosure should be done in your/client presence. Also, try to use a company with a brick and mortar address in your country so you can have full legal recourse in case something horrific happens. The big issue I have with cloud backup system is that at some point it can take a long while to backup stuff (upload time) and there can be technical difficulties to do the backup that you don't have real control over it. M.
Watched code never compiles.
Maximilien wrote:
If you put data in (on?) the Cloud, it should be encrypted; you own the data, and only rent space on the backup company system, they should not have access to your data
The main counter argument for use as a backup service (and I haven't checked to see if pricing levels back this up) is that if the same key is used for all customers data they can do deduplication much more efficiently (only 1 copy of popular songs from download services instead of thousands) which should allow for larger quota's for a given price tier. Going beyond basic backup, being able to share files with people by URL requires them to have an unencrypted copy to put on the web.
Maximilien wrote:
The big issue I have with cloud backup system is that at some point it can take a long while to backup stuff (upload time) and there can be technical difficulties to do the backup that you don't have real control over it.
For the initial upload some companies offer a fedexnet protocol where they overnight you external HDs to do the initial transfer (and recovery). In my case the initial upload will be around 55GB in size; which should take a bit under 4 days to complete (a bit under 3 if there really isn't a catch between the 15/1.5 and 20/2 tiers my ISP is offering at the same price); and is mostly static content (images/audio files).
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, waging all things in the balance of reason? Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful? --Zachris Topelius Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies. -- Sarah Hoyt
-
From what I can see there several tiers you can go on between one and the other and was wondering where people here who use a backup service are operating at? From most convenient to most secure: -1) Client on PC automatically syncs new files to server. Data is not encrypted on the server and can be accessed by anyone who has the URL to the file. 0) Client on PC automatically syncs new files to server. Data is encrypted using a generic key known by the backup company and stored on their servers. 1) Client on PC automatically syncs new files to server. Data is encrypted using a key unique to you but known by the backup company and stored on their servers. 2) Client on PC automatically syncs new files to server. Data is encrypted using a key unique to you and not known by the backup company or stored on their servers. 3) Option 2 but your computers hard disks are all encrypted. 4) Client on PC manually syncs new files to server, and requires the user to input the key because it's not stored locally. Key is only in memory for the duration of the encryption process. Data is encrypted using a key unique to you and not known by the backup company or stored on their servers. My thoughts on the options: After the MegaUpload debacle I no longer consider option -1 to be a reliable option due to the risk of having your data lost because other people are using the service illegally. Option 1 don't appear to offer significant increase in protection over option 0 to your data. If the back companies servers are compromised either by hackers or cops on a fishing expedition your data is exposed. Having to gain a user specific key instead of a company wide one doesn't seem to offer much additional protection and the encryption levels are high enough that a rainbow table type breaking method (is this called something else when attacking a symmetric key?) Option 2 leaves you safe if the backup company is compromised but if your home computer is compromised your data can be accessed. The catch is that if you ever lose/forget/etc the password your data is non-recoverable. Option 3 provides moderately more protection in that if your computer is powered off even if it's taken your data is secure. Option 4 means you're safe unless your laptop is grabbed unlocked during a sync, but without an automatic update process your data is more likely to be stale.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, waging all things in th
Dan Neely wrote:
After the MegaUpload debacle I no longer consider option -1 to be a reliable option due to the risk of having your data lost because other people are using the service illegally.
America will destroy the internet if we let it.... It has already corrupted the NZ justice system by seizing assets of an innocent man at request of the SoB American war criminal administration. :mad: Dear FBI GTFO of my country and go home
-
From what I can see there several tiers you can go on between one and the other and was wondering where people here who use a backup service are operating at? From most convenient to most secure: -1) Client on PC automatically syncs new files to server. Data is not encrypted on the server and can be accessed by anyone who has the URL to the file. 0) Client on PC automatically syncs new files to server. Data is encrypted using a generic key known by the backup company and stored on their servers. 1) Client on PC automatically syncs new files to server. Data is encrypted using a key unique to you but known by the backup company and stored on their servers. 2) Client on PC automatically syncs new files to server. Data is encrypted using a key unique to you and not known by the backup company or stored on their servers. 3) Option 2 but your computers hard disks are all encrypted. 4) Client on PC manually syncs new files to server, and requires the user to input the key because it's not stored locally. Key is only in memory for the duration of the encryption process. Data is encrypted using a key unique to you and not known by the backup company or stored on their servers. My thoughts on the options: After the MegaUpload debacle I no longer consider option -1 to be a reliable option due to the risk of having your data lost because other people are using the service illegally. Option 1 don't appear to offer significant increase in protection over option 0 to your data. If the back companies servers are compromised either by hackers or cops on a fishing expedition your data is exposed. Having to gain a user specific key instead of a company wide one doesn't seem to offer much additional protection and the encryption levels are high enough that a rainbow table type breaking method (is this called something else when attacking a symmetric key?) Option 2 leaves you safe if the backup company is compromised but if your home computer is compromised your data can be accessed. The catch is that if you ever lose/forget/etc the password your data is non-recoverable. Option 3 provides moderately more protection in that if your computer is powered off even if it's taken your data is secure. Option 4 means you're safe unless your laptop is grabbed unlocked during a sync, but without an automatic update process your data is more likely to be stale.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, waging all things in th
I think you missed an option somewhere between 1 and 2 1.5) Client on PC automatically syncs new files to server. Data is encrypted using a key unique to you. Key is stored on the companies server but is encrypted with a password which only you hold. The unsecured key only exists on your PC. Advantages: 1) You can do web based restores by providing your password so the decryption can be performed server side and the the file downloaded with no special client side software. (Obviously this does mean that temporarily the unsecured key must exist in memory on the server) 2) You can change your password as this only causes the key to be reencrypted and you don't have to reencrypt/reupload the whole data set. Disadvantages: 1) If you forget the password, recovery is not an option 2) The unsecured key does exist temporarily on the server on some occasions. This is what I use (via crashplan[^] ). I consider it paranoid enough for my backups (which is predominantly just family photos anyway, so no major secrecy required), while not reducing the convenience of being able to access the files directly over a http page when I want to get to them. They also offer your options 1 & 2 as alternatives. Obviously if you pick option 2, the web restore feature is disabled. For the occasional bit of more critical data I would just use a separate 3rd party encryption package and have the auto backup software just back up the encrypted blob. (For example I use KeePass[^] to encrypt and store passwords. The encrypted file is backed up, but it means I know it's secure unless my PC is accessed while I actually have my keepass file open and unlocked - and it's set to timeout and auto lock after a few minutes) I also think there is an additional higher level you aren't considering. For long term security I think it should generally be considered that any encryption is not secure enough. For example, if computers continue to get more powerful, in 50 years time current encryption standards will be easily breakable. This is irrelevant for one time communication like SSL, but for backups you need to consider that once you have distributed the file even if it's highly encrypted others may take a copy of that file and just hold onto it for long enough that the encryption becomes obsolete. If you have data that
-
From what I can see there several tiers you can go on between one and the other and was wondering where people here who use a backup service are operating at? From most convenient to most secure: -1) Client on PC automatically syncs new files to server. Data is not encrypted on the server and can be accessed by anyone who has the URL to the file. 0) Client on PC automatically syncs new files to server. Data is encrypted using a generic key known by the backup company and stored on their servers. 1) Client on PC automatically syncs new files to server. Data is encrypted using a key unique to you but known by the backup company and stored on their servers. 2) Client on PC automatically syncs new files to server. Data is encrypted using a key unique to you and not known by the backup company or stored on their servers. 3) Option 2 but your computers hard disks are all encrypted. 4) Client on PC manually syncs new files to server, and requires the user to input the key because it's not stored locally. Key is only in memory for the duration of the encryption process. Data is encrypted using a key unique to you and not known by the backup company or stored on their servers. My thoughts on the options: After the MegaUpload debacle I no longer consider option -1 to be a reliable option due to the risk of having your data lost because other people are using the service illegally. Option 1 don't appear to offer significant increase in protection over option 0 to your data. If the back companies servers are compromised either by hackers or cops on a fishing expedition your data is exposed. Having to gain a user specific key instead of a company wide one doesn't seem to offer much additional protection and the encryption levels are high enough that a rainbow table type breaking method (is this called something else when attacking a symmetric key?) Option 2 leaves you safe if the backup company is compromised but if your home computer is compromised your data can be accessed. The catch is that if you ever lose/forget/etc the password your data is non-recoverable. Option 3 provides moderately more protection in that if your computer is powered off even if it's taken your data is secure. Option 4 means you're safe unless your laptop is grabbed unlocked during a sync, but without an automatic update process your data is more likely to be stale.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, waging all things in th
With the bandwidth issues of major online backups I think you are far better off just using online services for things that you really cannot do without and might need from anywhere if something significant were to happen (fire, flood etc.) Using a program like truecrypt you can set up an encrypted local disk file which appears as a disk drive to your PC and then backup the entire file to the online service each time. Option 2 effectively but with elements of Options 3 & 4 as you only need truecrypt running with password entered whilst you are updating the contents of the "disk" for high volume less immediate information backup to multiple local hard drives/tapes which you rotate and store at least one in another location. for work backups take them home, for home backups take them to a relations house for high volume corporate information take disks/tapes to the bank, take weekly/monthly backups to an office/bank/solicitors in another county/state The good thing about local backups is the speed at which they can be restored whereas your 50Gb of data may take several days to download depending on the speed of connection through to the provider and how many other people are trying to get access to their data at the same time just don't forget to write the password for the encryptions on a piece of paper and stick it to the fridge with a magnet :-D
-
From what I can see there several tiers you can go on between one and the other and was wondering where people here who use a backup service are operating at? From most convenient to most secure: -1) Client on PC automatically syncs new files to server. Data is not encrypted on the server and can be accessed by anyone who has the URL to the file. 0) Client on PC automatically syncs new files to server. Data is encrypted using a generic key known by the backup company and stored on their servers. 1) Client on PC automatically syncs new files to server. Data is encrypted using a key unique to you but known by the backup company and stored on their servers. 2) Client on PC automatically syncs new files to server. Data is encrypted using a key unique to you and not known by the backup company or stored on their servers. 3) Option 2 but your computers hard disks are all encrypted. 4) Client on PC manually syncs new files to server, and requires the user to input the key because it's not stored locally. Key is only in memory for the duration of the encryption process. Data is encrypted using a key unique to you and not known by the backup company or stored on their servers. My thoughts on the options: After the MegaUpload debacle I no longer consider option -1 to be a reliable option due to the risk of having your data lost because other people are using the service illegally. Option 1 don't appear to offer significant increase in protection over option 0 to your data. If the back companies servers are compromised either by hackers or cops on a fishing expedition your data is exposed. Having to gain a user specific key instead of a company wide one doesn't seem to offer much additional protection and the encryption levels are high enough that a rainbow table type breaking method (is this called something else when attacking a symmetric key?) Option 2 leaves you safe if the backup company is compromised but if your home computer is compromised your data can be accessed. The catch is that if you ever lose/forget/etc the password your data is non-recoverable. Option 3 provides moderately more protection in that if your computer is powered off even if it's taken your data is secure. Option 4 means you're safe unless your laptop is grabbed unlocked during a sync, but without an automatic update process your data is more likely to be stale.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, waging all things in th
Since I don't hold any classified nuclear energy documents, I use dropbox, that would mean option 0 or 1. Dropbox needs to know the keys in order to implement their redundancy system, meaning that if two exact copies are uploaded to dropbox by two different users, only one copy is maintained, so they actually need to analyze the contents of the files so they can save storage space. Their license agreement mentions this and although they can read your files, they won't disclose it unless ordered by court. Having said that, even if dropbox is seized I still have copies of my files on my devices, so it isn't really an issue for me if it's actually taken down like MegaUpload.
"To alcohol! The cause of, and solution to, all of life's problems" - Homer Simpson
-
From what I can see there several tiers you can go on between one and the other and was wondering where people here who use a backup service are operating at? From most convenient to most secure: -1) Client on PC automatically syncs new files to server. Data is not encrypted on the server and can be accessed by anyone who has the URL to the file. 0) Client on PC automatically syncs new files to server. Data is encrypted using a generic key known by the backup company and stored on their servers. 1) Client on PC automatically syncs new files to server. Data is encrypted using a key unique to you but known by the backup company and stored on their servers. 2) Client on PC automatically syncs new files to server. Data is encrypted using a key unique to you and not known by the backup company or stored on their servers. 3) Option 2 but your computers hard disks are all encrypted. 4) Client on PC manually syncs new files to server, and requires the user to input the key because it's not stored locally. Key is only in memory for the duration of the encryption process. Data is encrypted using a key unique to you and not known by the backup company or stored on their servers. My thoughts on the options: After the MegaUpload debacle I no longer consider option -1 to be a reliable option due to the risk of having your data lost because other people are using the service illegally. Option 1 don't appear to offer significant increase in protection over option 0 to your data. If the back companies servers are compromised either by hackers or cops on a fishing expedition your data is exposed. Having to gain a user specific key instead of a company wide one doesn't seem to offer much additional protection and the encryption levels are high enough that a rainbow table type breaking method (is this called something else when attacking a symmetric key?) Option 2 leaves you safe if the backup company is compromised but if your home computer is compromised your data can be accessed. The catch is that if you ever lose/forget/etc the password your data is non-recoverable. Option 3 provides moderately more protection in that if your computer is powered off even if it's taken your data is secure. Option 4 means you're safe unless your laptop is grabbed unlocked during a sync, but without an automatic update process your data is more likely to be stale.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, waging all things in th
As mentioned by Mike Deeks, Truecrypt enables you to store stuff as a big encrypted file. When you mount the content of this file locally using your Truecrypt password, a volume appears in Explorer containing your personal files and you just work with them as normal. All changes are actually saved to the big encrypted file in the background rather than directly to the hard drive. So the benefit here is that you can backup the big encrypted file using DropBox and no-one, including Dropbox will know what it contains. You get the automatic secure cloud backups instead of having to set up a manual backup schedule that asks for a separate encryption password. Encrypted Truecrypt files can be as big as you want and Dropbox will only upload the parts of the file that were changed. Simon makes a good point about advances in technology - once you release your data to the cloud, there is the prospect that in future your supposedly secure encryption will be cracked and your files will be readable by someone else.
-
I think you missed an option somewhere between 1 and 2 1.5) Client on PC automatically syncs new files to server. Data is encrypted using a key unique to you. Key is stored on the companies server but is encrypted with a password which only you hold. The unsecured key only exists on your PC. Advantages: 1) You can do web based restores by providing your password so the decryption can be performed server side and the the file downloaded with no special client side software. (Obviously this does mean that temporarily the unsecured key must exist in memory on the server) 2) You can change your password as this only causes the key to be reencrypted and you don't have to reencrypt/reupload the whole data set. Disadvantages: 1) If you forget the password, recovery is not an option 2) The unsecured key does exist temporarily on the server on some occasions. This is what I use (via crashplan[^] ). I consider it paranoid enough for my backups (which is predominantly just family photos anyway, so no major secrecy required), while not reducing the convenience of being able to access the files directly over a http page when I want to get to them. They also offer your options 1 & 2 as alternatives. Obviously if you pick option 2, the web restore feature is disabled. For the occasional bit of more critical data I would just use a separate 3rd party encryption package and have the auto backup software just back up the encrypted blob. (For example I use KeePass[^] to encrypt and store passwords. The encrypted file is backed up, but it means I know it's secure unless my PC is accessed while I actually have my keepass file open and unlocked - and it's set to timeout and auto lock after a few minutes) I also think there is an additional higher level you aren't considering. For long term security I think it should generally be considered that any encryption is not secure enough. For example, if computers continue to get more powerful, in 50 years time current encryption standards will be easily breakable. This is irrelevant for one time communication like SSL, but for backups you need to consider that once you have distributed the file even if it's highly encrypted others may take a copy of that file and just hold onto it for long enough that the encryption becomes obsolete. If you have data that
Simon P Stevens wrote:
I also think there is an additional higher level you aren't considering. For long term security I think it should generally be considered that any encryption is not secure enough. For example, if computers continue to get more powerful, in 50 years time current encryption standards will be easily breakable. This is irrelevant for one time communication like SSL, but for backups you need to consider that once you have distributed the file even if it's highly encrypted others may take a copy of that file and just hold onto it for long enough that the encryption becomes obsolete. If you have data that *must not* be released even after a long duration then cloud backup should probably be ruled out and local physical secure backup should be used to prevent even distribution of the encrypted files.
IIRC and AFAIK the NSA approves existing 256 bit encryption schemes for transmitting the US Govt's most sensitive data; and they have many-decadal protection requirements and a need to defend against nation state level adversaries; so I think the 448-1024 bit options offered by various services are good enough for my tax records. :)
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, waging all things in the balance of reason? Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful? --Zachris Topelius Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies. -- Sarah Hoyt
-
With the bandwidth issues of major online backups I think you are far better off just using online services for things that you really cannot do without and might need from anywhere if something significant were to happen (fire, flood etc.) Using a program like truecrypt you can set up an encrypted local disk file which appears as a disk drive to your PC and then backup the entire file to the online service each time. Option 2 effectively but with elements of Options 3 & 4 as you only need truecrypt running with password entered whilst you are updating the contents of the "disk" for high volume less immediate information backup to multiple local hard drives/tapes which you rotate and store at least one in another location. for work backups take them home, for home backups take them to a relations house for high volume corporate information take disks/tapes to the bank, take weekly/monthly backups to an office/bank/solicitors in another county/state The good thing about local backups is the speed at which they can be restored whereas your 50Gb of data may take several days to download depending on the speed of connection through to the provider and how many other people are trying to get access to their data at the same time just don't forget to write the password for the encryptions on a piece of paper and stick it to the fridge with a magnet :-D
I've spent the last several years trying, and failing, to implement a regular removable HD backup cycling to my parents house (~70mi away). I've came to the conclusion that unless it's automaticish I'm never going to have one that works reliably.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, waging all things in the balance of reason? Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful? --Zachris Topelius Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies. -- Sarah Hoyt
