LinkBack URL
About LinkBacksWith the NSA's past and present activities, tinfoil hats are pretty redundant nowadays.Originally Posted by herulach
With the NSA's past and present activities, tinfoil hats are pretty redundant nowadays.
Give all my data to the cloud? Nooo!
Give all my data to the copyright-phobic Chinese cloud?? Over my dead body!!!!
Butuz
Well, for a start, because I have spent quite a lot of time doing family genealogy, and copies of a whole load of documents, including birth certificates from many of the family, are stored, and linked to the database. Most documents are historical, like parish records, BMD (birth, marriage and death) certificates, census extracts, army, bavy and air force service records, and so on .... but included in that are current documents.
It's not the only reason for considerable caution, but it's sufficient.
It's not tinfoil hat, either, but given how damaging it would be if the wrong people (like identity thieves) got hold of that, it's common sense to be careful. As you say, and as I've said, it all comes down to what you use a PC for, and what's on it.
Aren't most of the documents you mentioned a matter of public record anyway? If it's material you've collected through your genealogy research, couldn't anyone else do much the same thing?
Some are, but you asked why someone had scans of ID documents. So I told you why.
But if you look at what I said earlier, I also said I had copies of bank statements, medical records and communications, and lots more, that certainly aren't public records.
I have copies of my ID documents for VISA applications, the original document needs to be available for verification but having the copies quickly available helps the process. Not being a native of the UK makes this something I have gone through 3 times so far and will have to do it at least once again before getting my passport. It would also be helpful when travelling to a country that requires a VISA to enter for holidays, travel agents tend to accept a digital copy initially with the view to verifying it later. My university accepted the documents when I received my place as well which was helpful. Before I got the documents done I needed to have scans done for previous jobs, the government requires them to keep record of non-uk nationals, so if I had them then they would of proved useful again.
The digital copies of my ID documents have been useful for me although I admit that my situation is far from typical.
Encryption. Pop everything inside a container and then upload that to the cloud service. I wouldn't trust them not to have a fail and take my data down with it, that's one reason I like Dropbox - always at least 2 copies, mine and mine on their servers... whichever end has a disaster there is always a copy.
I totally see the argument about the ISP reliability and bandwidth though, mass cloud storage still isn't suitable to Joe Public with average internet if the data needs to be readily and always available.
More laughably though even if you have a stonking 16Mb upload at the top end of BT Infinity then you might get at absolute most 2MB/s, so to fill up 10TiB (I'm using binary bytes here, i.e. 1024) will require 5242880s, approximately 2 months 24/7 uploading... So for Joe average on his 1Mb upload that's going to take 32 months, or 2.5 years to fill... good luck with that Joe!
Last edited by kingpotnoodle; 21-11-2013 at 05:43 PM.
Well, my stuff is encrypted, locally. So I take your point. But I'm someone that's been using encryption for, well, put it this way, my first encryption package was bought in the US, in person, then carried out in my luggage because it was still subject, at that time, to very strict export limitations. And I've been using, when appropriate, email encryption since then. That must be 20+ years.
And yes, data locally is encrypted, too, including (especially) the off-site backups and archives.
BUT ..... see the points I made earlier about the possibility for either backdoors in your encryption software if it isn't open source, or of someone, be it an intelligence service or someobe else, finally cracking encryption. We hear rumours of some NSA successes in that area, though for all I know, rumour is all it is.
As I pointed out before, you are not at risk of your encrypted data being decrypted by anyone that doesn't have your encrypted data.
Do I think encryption's been cracked? No, probably not.
Do I think it's likely in the near future? Again, probably not.
But I don't know that it hasn't been. Do you know, for sure, what the NSA, or Chinese army intelligence, or Israeli spooks, or even Russian mob, are capable of?
The risk of encrypted data being vulnerable is extremely small if our assumptions about cracking are correct. What I feel absolutely sure of is that if anyone has cracked various forms of encryption, they're going to do their best to prevent anyone knowing they've cracked it.
Agree with this - especially the last bit. There was some comment recently that it was definitely in the interests of anti-terrorism groups to "leak" that certain encryption methods that they'd NOT broken were, in fact, open to their inspection.
I'm a believer in the "grain of sand" theory - namely that I'm too unimportant to warrant any kind of serious attack. So as long as whatever I use is proof against "drive by" attacks - so that's use of WPA2. If I was more important and the Mafia - Italian/Russian/whatever - needed what I'd got them I'm sure that the application of baseball bat to legs would be more effective and immediate than trying to intercept my comms.
Only thing that I feel I need to address is that my email storage locally isn't encrypted in any way. Then again, I work for a big cloud services vendor, so you'd expect me to be cloud-positive to trot out the "company line".
Last edited by crossy; 25-11-2013 at 09:57 AM. Reason: Forgot the crucial word "not".
Career status: still enjoying my new career in DevOps, but it's keeping me busy...
Aha, an infiltrator.Agree with this - especially the last bit. There was some comment recently that it was definitely in the interests of anti-terrorism groups to "leak" that certain encryption methods that they'd broken were, in fact, open to their inspection.
I'm a believer in the "grain of sand" theory - namely that I'm too unimportant to warrant any kind of serious attack. So as long as whatever I use is proof against "drive by" attacks - so that's use of WPA2. If I was more important and the Mafia - Italian/Russian/whatever - needed what I'd got them I'm sure that the application of baseball bat to legs would be more effective and immediate than trying to intercept my comms.
Only thing that I feel I need to address is that my email storage locally isn't encrypted in any way. Then again, I work for a big cloud services vendor, so you'd expect me to be cloud-positive to trot out the "company line".
I guess, for me, the main reason I won't use cloud storage is .... I have no need to. I have all the storage I need, and the infrastructure to support it, right here. My server has hardware RAID 5 storage, and I have spare drives, drive bays and RAID controllers, on top of the hot standby drive that's part of the 6 drive array. It has both tape and optical drives attached for backup and archive. And the data is where I need it, and as secure as is reasonable and practical, for me.
Also, for both storage and applications, I am of the view that those companies trying to drive, or entice, everyone onto the cloud are doing it for one reason, and one reason only - now or at some point in the future, they want to monetarise it. We are all potential revenue streams, which is why MS and Adobe, to name but two, want us to go to 'rental' models where we pay a monthly subscription.
To me, that flies absolurely in the face of "personal" computing. I neither need nor want constantly updated applications, for instance. You may have noticed that I intensely dislike what MS have done to Windows with MUI. As a user of standalone software, I can upgrade, or not, if and when it suits me. I can control the cost, I can control the timing, and I can control when and if the interface (MS Office "Ribbon", for instance) changes, not suddenly find that essential apps have been "upgraded" to something I don't want, because it's a subscription service, not software on a "personal" computer.
I started my computing life in a mainframe environment where we users got whatever those running the mainframe decided we got, and we got it at the hours they decided, too. Then I spent time with what we basically terminals attached to mini-computers, and the same issues applied.
Could storage, and services, might appeal to some users and make sense, especially for some businesses, but for me, both control over and responsibility for my computing capability is staying right here, under my control, and being my responsibility. I am not, now, and will not in the future, move to cloud for either storage or applications. I don't need to, in the sense that nothing, and I mean NOTHING I actually need to do even needs the internet. I could even completely give up my internet connection. Go dark, as it were. That would stop me doing things I like to do, but not anything I need to do.
If MS, for instance, push Windows into an online-only Office365 type situation, I either switch entirely to non-MS products, or stick with what I already have. If parts for conventional PCs disappear from sale entirely (and I don't expect it) I have enough hardware here, in parts or cannibalisable machines, to keep me going for probably the rest of my life.
But whatever, for me, personal computing isn't personal if you shift it out onto the net, under someone elses control, and I'm not doing that. And I'm just not going there. I don't trust either security or accessibility in the cloud, regardless of Mossad or the Russian mob, but even if I did, for me, it just ain't happening.
I read the 10Tb maximum as "Unlimited, so long as you don't take the piss".
A number of online backup companies offer unlimited storage. Most of their costumers probably only backup 100 Gb or so, which they can easily afford to store, but one in a thousand probably stores several Tb. As a business model this is probably fine, so long as the number of heavy users is reasonable, and their use is not totally insane. But if a service is only used by heavy users then it becomes uneconomic.
A bit like the situation a few years ago, where unlimited broadband became a magnet for Warez down-loaders, and the broadband companies started imposing fair usage policies and caps to limit their exposure. It looks to me like Tencent are doing the same, but publishing the cap now so that no one complains later when they get booted from the service for attempting to store thousands of Tb.
That'll be a full stop you wanted then.
Depending on the set up I'd say this could turn into a mega uploads kinda of site, obviously depends on the sharing policies I can see them getting all the pirates storing films, music etc.
Actually here I'm possibly going to say something contrary - actually I'm VERY suspicious of "free" services - equating "free to use" with "free for us to spy, sell-on your habits, data, etc as far as it's legal of us to do so". Yes, I have both Google Mail and Hotmail (sorry Outlook) accounts but those are both secondary to my main account that I pay for.
So, the point you make, if you're not paying directly for bandwidth/storage then how are the company making their money? "Look for the angle" as I keep telling the kids. Ad support will only do so much, so unless it's going to be VERY intrusive then I can't see that being the only way that's used.
No what I'm looking for is a cost-effective service that'll take my monthly/yearly fee in return for a decent amount of storage with NO OTHER REVENUE "OPPORTUNITIES". I'm using Dropbox at the moment; (a) because it was convenient; and (b) I got a 50GB slab free with my phone. That said, once the phone-subsidised time is up I'm probably going to pony up my 60, or so, quid a year and get 100GB of space. Only downside is that I'd like more of a "service level agreement" than Dropbox do at the moment. Heck, maybe if the IBM, Amazon's and HP's of the world start seriously looking at the consumer space then I'd be interested. Yes, Amazon do their "Cloud Drive", but like Google's, Microsoft's, Canonical's, etc it's really designed for low usage, (<10GB). Just checked Rackspace and their cloud storage costs are similar to Dropbox's, but without the integration that Dropbox can do.
Career status: still enjoying my new career in DevOps, but it's keeping me busy...
Very much this ^
If it is free, there is a good reason and it won't be altruism. There is an angle, a hook. Always go into these things informed, with your eyes open. Of course, just because you pay for a service, doesn't mean the provider won't look to make money off you in other ways of course.
Personally, I don't yet trust cloud providers on the data issue - its a thorny legal area (and I work for a major cloud provider). My trust issue isn't simply what a provider would do with the data, but the lack of legal clarity and the issues that could lead to. Additionally, with recent revelations about the NSA, I think it is a mistake to think that you are so small you are irrelevant. Its not about you per se, but about the aggregation of huge amounts of data for mining.
Anyway, with that said, I have both local backups, and on-line backups using a backup provider with all content and communications encrypted. I am assuming of course that the encryption is not crackable, and that the provider is operating as i says it is, so that is a matter of faith. In other words, I look at this on balance of risks and the benefit I'm getting, and for what I backup and the way I back it up, I feel the risk is justified.
Last edited by Mutley; 25-11-2013 at 05:26 PM. Reason: Spelling.
Entirely agree with that. It's just for what I backup, and the way I do it, the risks of cloud storage aren't justified. I don't like it in principle, and I don't like it in practice.
And that assessment is one for each of us, with no right or wrong result.
Noxvayl (25-11-2013)
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote
