Skip to main content

privacy on the cloud

There is a huge variety of cloud-based data archival and backup services available today. The following were shortlisted based on certain desirable features such as encrypted storage, personal encryption (zero knowledge), storage size and bandwidth limits and cross-platform support. 


The pricing structure and other particular features are outlined below. The order reflects the slight preferences of the author.
  1. MEGA
    • # machines : ?
    • Pricing
      • 50GB – Free
      • 4TB - $12/m
  2. Crashplan
    • # machines : up to 10 computers
    • Pricing
      • Unlimited - $13.99/m, $150/y
    • Other features
      • de-dup
      • can run server-free, exchanging backup space with friends and family
  3. AltDrive
    • # machines : 3 computers
    • Pricing
      • Unlimited - $9.95/m, $99/y
    • Other features
      • de-dup
  4. Bitcasa
    • # machines :  up to  5 devices
    • Pricing
      • 20GB - Free (up to 3 devices)
      • 1TB - $10/m, $99/y (up to 5 devices)
      • 5TB - $49/m, $499/y (up to 5 devices)
      • Unlimited - $99/m, $999/y (up to 5 devices)
  5. Elephant Drive
    • # machines : up to 10 devices
    • Pricing
      • 100GB - $9.95/m, $100/y
      • 250GB - $19.95/m, $201/y
      • 1TB     - $85.95/m, $86/y
      • 2TB - $169.95/m, $1713/y
  6. Wuala
    • Pricing
      • 5GB – Free
      • 50 GB - $6.99/m, $75/y
      • 100GB - $11.99/m, $129/y
      • 200GB - $22.99/m, $249/y
      • 500GB - $54.99/m, $599/y
      • 1TB - $99.99/m, $1099/y
      • 2TB - $179.95/m, $1999/y
  7. Spider Oak
    • # machines : unlimited
    • Pricing
      • 2GB – Free
      • 100GB - $10/m, $100/y
      • 200GB - $20/m
      • 500GB - $50/m
      • 1TB - $100/m
    • Other features
      • de-dup


Diversification
A prudent cloud-backup strategy would involve using multiple services – diversified geographically, both in terms of the location of the company and the location of the data. So, for e.g., a combination of MEGA, Crashplan and AltDrive, would satisfy both criteria.

Local Encryption
Locally securing the data in an encrypted vault, using tools such as BoxCryptor,  TrueCrypt or FreeOTFE (see here for a comparison), before sending along the wire, adds an additional layer of security and privacy. "There is a potential backup trap when it is used for files that will be synced or stored in the cloud. Encryption programs that create encrypted “volumes” (files that contain encrypted files) do not change the size of the volume (container file), and often – intentionally – do not change the modified date of the volume, even though files in the volume have been changed or added. The result can be that your cloud service does not recognize that the volume file has changed, and will fail to update the online copy. TrueCrypt is an example of an encryption program that does not change the modified date of volume files (encrypted file container). However, some cloud backup services – Dropbox for example – check the hash value of volume files, not the date, and if that changes Dropbox stores the latest copy of the volume file. If you’re using Dropbox, that makes TrueCrypt an excellent way to implement client-side encryption for your most sensitive files. SkyDrive, monitors the modified date – not a hash value – so TrueCrypt volumes are not updated in the cloud by SkyDrive after their content changes client-side."(quoted verbatim from [2])

The Bottom Line
  1. At the very least, use an online back service that provides the feature of personal encryption (in addition to encrypted storage). This means that nobody in the company can easily break into and peer at your data. This also means, however, that the data can be irretrievable if one forget their personal key/password etc. All of the services listed above provide personal encryption (except, on a technicality, Bitcasa -- but their approach is quite similar).
  2. Optionally, diversify your data and use multiple services.
  3. Optionally, vault your data locally and then backup the vault.
    1. This option can also be used in conjunction with a service that does not provide personal on-the-fly encryption

Sources 


Popular posts from this blog

Migrating from MS SQL Server to MongoDB

The following contains notes from various attempts at migrating 2.5GB of MS SQL Server data to MongoDB, on an 8 GB, quad-core, 64-bit Windows 7 Enterprise machine.
[TERMINATED] http://mssql2mongo.codeplex.com/ : Simple to use. Exponential slowdown observed in migration. For a total of the 50 million records spanning two tables, the following migration times were observed: 1 second for the first 100,000 records,  30 minutes for 1,000,000, 20 hours for 16 million (after which I terminated the process).[DID NOT WORK] http://rubydoc.info/gems/mongify/ : A ruby-based approach. Use Ruby 1.9.3 (tiny_tds dependency causes problems with Ruby 2.0). Install DevKit before installing the mongify gem. Also, use 'sqlserver' as the adapter in the .config file. Then, before running 'mongify check <config-file>', install the gems activerecord-sqlserver-adapter and tiny_tds. At this stage, it fails. 'mongify translation <config-file>' fails as well.[MODIFIED/WORKED!!]…

Prohibition of envy in Judaism, Christianity and Islam

"One of the sanest, surest, and most generous joys of life comes from being happy over the good fortune of others." (attributed variously to Robert Heinlein & Archibald Rutledge).


The idea of envy (or, covetousness) is an important subject in the Abrahamic faith traditions of Judaism, Christianity and Islam.

The prohibition against covetousness rounds out the Mosaic moral code, codified as the 10th and final commandment in the Ten Commandments -- the injunction against coveting one's neighbor's property. The rationale behind this is the acknowledgement that all blessings arise from God's sovereign providence and it is not for his creation to question whom and how and when he chooses to bless.

Merriam-Webster's dictionary defines covetousness as :

1. "feeling or showing a very strong desire for something that you do not have and especially for something that belongs to someone else", or
2. "marked by inordinate desire for wealth or possessi…

The moral filth of neo-liberal and neo-conservative statism

or, progressive socialism is not the greater evil.
Introduction
After years of trying to make sense of how the world works, economically and politically, and how, according to some, it ought to work, I have increasingly come to the realization that the libertarian political-philosophical persuasion is the only one consistent with justice. A just society must necessarily be a free society. Specifically, one that is founded on libertarian principles -- private property, NAP, non-initiation of violence, easement & homesteading rights, etc. In fact, the “justness” (righteousness) of a society will increase in concert with and to the degree to which a society moves from totalitarian statism to democratic statism (of the neo-conservative or neo-liberal varieties) to minarchism to anarchism.
After spending a few zealous but misguided and ignorantly happy years occupied with mainstream GOP politics, including loyally and foolishly supporting the Bush-Cheney-Rove regime, despite serious mo…