Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Encrypting seed drives for offsite storage with same privately issued keys


  • Please log in to reply
1 reply to this topic

#1 makishdu

makishdu

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:47 AM

Posted 08 October 2017 - 02:08 PM

In conversation with several online cloud data backup services for both consumers and commercial operations, I kept coming across the same problem that their software was not open source, so how to trust? As in most cases it’s best to never trust the provider, but the software encryption! Services then which allow the generated keys to be in the possession of the user, and only the user, seem like the best way forwards.
 
But then the second issue: upstream speed. My theory then was that if open crypto-algorithms likes AES were relied upon by the company, then surely a Seed Drive could be encrypted before hand with the same keys and mailed in safely?
 
The solution time and time again rubbished the idea of a Seed Drive (storage mediums pre-populated with data and sent through traditional post to the storage provider for the sakes of speed) due to technical issues:
 
• Extra manual work requirements
 
• The Seed Drive(s) require software changes
 
• New security protocols needed for how staff interact with Seed Drives
 
• Increased complexity to add Seed Drive data into existing storage infrastructure
 
 
As if my suspicions were not raised enough already, why then does every avenue to true anonymity keep being blocked off? 
(don’t get me started on crypto-payments)
 
 
My question is what are the steps needed to provide such a service?


Edited by hamluis, 08 October 2017 - 03:13 PM.


BC AdBot (Login to Remove)

 


#2 makishdu

makishdu
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:47 AM

Posted 15 October 2017 - 01:49 AM

The best I could find was open source encryption software called "borg" (http://tinyurl.com/borgbackup) and online storage solution rsync.net, which seems to be what I want, and for a better price than SpiderOak.

 

ref:  (https://www.stavros.io/posts/holy-grail-backups/)






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users