Skip to main content

privacy on the cloud

There is a huge variety of cloud-based data archival and backup services available today. The following were shortlisted based on certain desirable features such as encrypted storage, personal encryption (zero knowledge), storage size and bandwidth limits and cross-platform support. 

The pricing structure and other particular features are outlined below. The order reflects the slight preferences of the author.
  1. MEGA
    • # machines : ?
    • Pricing
      • 50GB – Free
      • 4TB - $12/m
  2. Crashplan
    • # machines : up to 10 computers
    • Pricing
      • Unlimited - $13.99/m, $150/y
    • Other features
      • de-dup
      • can run server-free, exchanging backup space with friends and family
  3. AltDrive
    • # machines : 3 computers
    • Pricing
      • Unlimited - $9.95/m, $99/y
    • Other features
      • de-dup
  4. Bitcasa
    • # machines :  up to  5 devices
    • Pricing
      • 20GB - Free (up to 3 devices)
      • 1TB - $10/m, $99/y (up to 5 devices)
      • 5TB - $49/m, $499/y (up to 5 devices)
      • Unlimited - $99/m, $999/y (up to 5 devices)
  5. Elephant Drive
    • # machines : up to 10 devices
    • Pricing
      • 100GB - $9.95/m, $100/y
      • 250GB - $19.95/m, $201/y
      • 1TB     - $85.95/m, $86/y
      • 2TB - $169.95/m, $1713/y
  6. Wuala
    • Pricing
      • 5GB – Free
      • 50 GB - $6.99/m, $75/y
      • 100GB - $11.99/m, $129/y
      • 200GB - $22.99/m, $249/y
      • 500GB - $54.99/m, $599/y
      • 1TB - $99.99/m, $1099/y
      • 2TB - $179.95/m, $1999/y
  7. Spider Oak
    • # machines : unlimited
    • Pricing
      • 2GB – Free
      • 100GB - $10/m, $100/y
      • 200GB - $20/m
      • 500GB - $50/m
      • 1TB - $100/m
    • Other features
      • de-dup

A prudent cloud-backup strategy would involve using multiple services – diversified geographically, both in terms of the location of the company and the location of the data. So, for e.g., a combination of MEGA, Crashplan and AltDrive, would satisfy both criteria.

Local Encryption
Locally securing the data in an encrypted vault, using tools such as BoxCryptor,  TrueCrypt or FreeOTFE (see here for a comparison), before sending along the wire, adds an additional layer of security and privacy. "There is a potential backup trap when it is used for files that will be synced or stored in the cloud. Encryption programs that create encrypted “volumes” (files that contain encrypted files) do not change the size of the volume (container file), and often – intentionally – do not change the modified date of the volume, even though files in the volume have been changed or added. The result can be that your cloud service does not recognize that the volume file has changed, and will fail to update the online copy. TrueCrypt is an example of an encryption program that does not change the modified date of volume files (encrypted file container). However, some cloud backup services – Dropbox for example – check the hash value of volume files, not the date, and if that changes Dropbox stores the latest copy of the volume file. If you’re using Dropbox, that makes TrueCrypt an excellent way to implement client-side encryption for your most sensitive files. SkyDrive, monitors the modified date – not a hash value – so TrueCrypt volumes are not updated in the cloud by SkyDrive after their content changes client-side."(quoted verbatim from [2])

The Bottom Line
  1. At the very least, use an online back service that provides the feature of personal encryption (in addition to encrypted storage). This means that nobody in the company can easily break into and peer at your data. This also means, however, that the data can be irretrievable if one forget their personal key/password etc. All of the services listed above provide personal encryption (except, on a technicality, Bitcasa -- but their approach is quite similar).
  2. Optionally, diversify your data and use multiple services.
  3. Optionally, vault your data locally and then backup the vault.
    1. This option can also be used in conjunction with a service that does not provide personal on-the-fly encryption


Popular posts from this blog

Migrating from MS SQL Server to MongoDB

The following contains notes from various attempts at migrating 2.5GB of MS SQL Server data to MongoDB, on an 8 GB, quad-core, 64-bit Windows 7 Enterprise machine.
[TERMINATED] : Simple to use. Exponential slowdown observed in migration. For a total of the 50 million records spanning two tables, the following migration times were observed: 1 second for the first 100,000 records,  30 minutes for 1,000,000, 20 hours for 16 million (after which I terminated the process).[DID NOT WORK] : A ruby-based approach. Use Ruby 1.9.3 (tiny_tds dependency causes problems with Ruby 2.0). Install DevKit before installing the mongify gem. Also, use 'sqlserver' as the adapter in the .config file. Then, before running 'mongify check <config-file>', install the gems activerecord-sqlserver-adapter and tiny_tds. At this stage, it fails. 'mongify translation <config-file>' fails as well.[MODIFIED/WORKED!!]…

Diversity in politics

There are so many strains of thought and ideology in secular democracies around the world, exemplified, perhaps best, in contemporary American political life. Some of these strains of thought are compatible with others and may even be subsets of others. Many of them are violently opposed to others. In the American context, we see, at least, the following :  environmentalismcultural progressivismeconomic socialismprogressive-lite Keynesian welfare + neocon warfare hawks = the establishment / moderates / centristscivil libertarianismnon-interventionismsocial conservatismConstitutional conservatismfree-market libertarianismpopulism, protectionism & nativism, anti-progressivism, anti-establishment
A neat left-right divide no longer makes sense. Most people find themselves on a spectrum between very different political philosophies and emphases.
The two major political parties represent uneasy marriages that exist because for historical reasons or current tactical alliances. The fragil…

The moral filth of neo-liberal and neo-conservative statism

or, progressive socialism is not the greater evil.
After years of trying to make sense of how the world works, economically and politically, and how, according to some, it ought to work, I have increasingly come to the realization that the libertarian political-philosophical persuasion is the only one consistent with justice. A just society must necessarily be a free society. Specifically, one that is founded on libertarian principles -- private property, NAP, non-initiation of violence, easement & homesteading rights, etc. In fact, the “justness” (righteousness) of a society will increase in concert with and to the degree to which a society moves from totalitarian statism to democratic statism (of the neo-conservative or neo-liberal varieties) to minarchism to anarchism.
After spending a few zealous but misguided and ignorantly happy years occupied with mainstream GOP politics, including loyally and foolishly supporting the Bush-Cheney-Rove regime, despite serious mo…