Online Storage With a Twist 268
mssmss writes "For a long time, I have been looking for a way to securely store my files online without being tied to a single vendor — whose survival my storage depends on. It looks like Wuala has a way to do this, according to this story in the Economist. They use donated disk space of users to scatter your encrypted files over multiple computers."
Nice idea (Score:5, Interesting)
Sounds great, but what happens when a massive worm outbreak occurs?
Re:Nice idea (Score:5, Funny)
Sounds great, but what happens when a massive worm outbreak occurs?
That's not a problem! [getridofthings.com]
...
Oh, those worms
Re: (Score:2, Insightful)
You don't want that link (Score:3, Funny)
You know how one way to stop feeling the hurt of a stubbed toe is to get a bigger hurt?
Google for goatse.cx ....
Re: (Score:3)
Maybe. I haven't looked at it since that first time lo so many years ago, and I wasn't interested in verifying it.
Heck, you and everybody else understood me anyway, so the rest of your complaint is just sour grapes, methinks.
Nyaah nyaah!
Re: (Score:3, Funny)
Re: (Score:3, Funny)
Re:Nice idea (Score:4, Funny)
from the link:
Tapeworms can be found in both humans and people as well; though they are rarely found in humans
Re: (Score:3, Informative)
multiple copies just like any other good storage solution.
Re:Nice idea (Score:5, Funny)
Re: (Score:2, Informative)
Sounds great, but what happens when a massive worm outbreak occurs?
Same problem as with regular storage. Have backups.
Re:Nice idea (Score:5, Insightful)
I concur, and I further assert that backup storage may be one of those things that just doesn't fit into a distributed model nicely. Having several physical copies of the data is 1000 times safer than several online copies, or parts of copies, any or all of which could be wiped out by the same affliction even if in different physical locations by virtue of the network that connects them.
It may not fit... (Score:5, Informative)
...but it certainly is done. The projects I've found that do much the same thing are NOT being run by kids in their basement, but serious, large-scale research centers that need to do wide-area RAID.
dCache [freshmeat.net]
iRods
OPeNDAP [freshmeat.net]
PVFS [freshmeat.net]
TPIE [freshmeat.net]
Re: (Score:3, Interesting)
Don't forget to make Debian packages as well, since a lot of people who would use Ubuntu for distributed storage may prefer the stability of Debian.
Re: (Score:2)
Re:Nice idea (Score:4, Informative)
No thanks... (Score:5, Insightful)
I don't think I want to be liable for the data that someone puts on my PC should the encryption ever be broken.
Re: (Score:3, Insightful)
"No, really your honor, it wasn't my data. I was just sharing storage space with people online." Is not going to fly in court.
Re: (Score:2, Interesting)
Yeah, I can see the government not being particularly forgiving if that chunk of data on your harddrive happens to have childporn or something on it. "No, really your honor, it wasn't my data. I was just sharing storage space with people online." Is not going to fly in court.
Or, perhaps having this particular software on your computer could actually create the reasonable doubt you require to protect you? Think about it.
Re: (Score:3, Funny)
Or, perhaps having this particular software on your computer could actually create the reasonable doubt you require to protect you?
Exactly. That's why I make it a policy to run an open wireless access point.
Re: (Score:2)
Considering the fact that their server is based in Germany, and one of the "features" listed is
You can also easily share part of your files with friends, family, and co-workers.
I'm sure the government, police and the German version of the RIAA/MPAA could quickly make this site/server both less secure and less permanent.
My general advice would be not to store any important files online because being online is inherently insecure. Important files can be stored in a safety deposit box at a bank (a more traditional and secure approach). For temporary and remote access of files that one may n
Re:No thanks... (Score:4, Insightful)
Yeah, I can see the government not being particularly forgiving if that chunk of data on your harddrive happens to have childporn or something on it. "No, really your honor, it wasn't my data. I was just sharing storage space with people online." Is not going to fly in court.
Even if you can point to the company's website "see, I was using this, ask them if I had any way to know what they put on my computer"? Especially since they must have some sort of index saying what they stored where, so you could ask for the relevant part of that.
The real issue isn't what would work in court, but what the media or HR people would do even without a conviction.
Re: (Score:3, Informative)
The real issue isn't what would work in court, but what the media or HR people would do even without a conviction.
Don't think for a second that this is up for debate. You'll be publicly shunned and humiliated for a long time to come even if the charges are dropped or your found innocent.
Re: (Score:2)
Re: (Score:3, Funny)
My bad =) Sorry. I've been up 36 hours so far.
Wow, you really do have to much to do!
(quit reading slashdot and get a nap)
Re: (Score:2)
The sad thing is we all know CP freaks would totally (ab)use this service, tainting it for everyone else.
Me, I'd actually like an unencrypted alternative. As a sysadmin, I want to know what's being stored on my disks, and if I disapprove I should have veto powers over who stores what. If I find questionable material, I delete it and ban it from my system. Given the (presumably) large number of hosts, the sender will be able to find a more friendly home for their files, and I don't get my hands dirty.
Re: (Score:3, Insightful)
Somehow I think anyone with such strong motives for privacy/stealth would set up their own darknet with something like WASTE, or combining features of both WASTE and this P2P-storage thing... that would be near-impossible to detect and expose.
The problem with thumb drives is you still need to store temporary files somewhere, in order to open them e.g. pictures/videos. There are few if any apps that download and process media in-memory.
Donate data space on a Truecrypted drive. (Score:5, Insightful)
The only disk space I would be comfortable donating to this would be on a Truecrypted drive, so even if someone cracks their protection, it's secondarily protected by mine. If the cops seize my drive, they find nothing.
Re: (Score:2)
I don't think I want to be liable for the data that someone puts on my PC should the encryption ever be broken.
Yeah, but I assume that you would be anonymous to others who are storing their data on your disk. Unless of course the DOJ sends them summons.
Anyway, from my understanding not all the information gets stored in one disk. You'll at max get a sixth.
Re: (Score:3, Insightful)
I don't think I want to be liable for the data that someone puts on my PC should the encryption ever be broken.
Yeah, but I assume that you would be anonymous to others who are storing their data on your disk. Unless of course the DOJ sends them summons.
Anyway, from my understanding not all the information gets stored in one disk. You'll at max get a sixth.
And you think that'll help? No way. If they catch you with even a suspicion of child porn on your pc, you are absolutely screwed.
Re: (Score:2)
1/6 of a collection of photographs would be more than enough I suspect. The risks don't, in my mind, cover the potential benefits. I use a tertiary backup method with one of the backups being off-site. It is not perfect but it ensures minimal risk of data loss. If I were less lazy about it I'd be even more happy but losing a couple of gigs of trivial data because of a hardware failure and my laziness is an acceptable risk to me.
Re:No thanks... (Score:5, Insightful)
The lack of access control (Score:5, Interesting)
> I don't think I want to be liable for the data that someone puts on my PC
I don't want random people's data on my disk. Period.
I was a beta tester for Wuala and the lack of access control to my donated disk space was the biggest issue. I talked to their CTO and suggested to have an option of donating the space to specific peers only, which should've not been hard to do given they have the social grouping support in place already. He didn't see an issue with wildcarded access though, so they were not planning (nor in fact did) anything about it.
Re:The lack of access control (Score:4, Insightful)
that sorta defeats the purpose of having a shared online storage network. if everyone wanted to have total control over the space they donate, then instead of having one large public pool of online storage to be shared by everyone, you'd just have a bunch of small fragmented storage spaces or a bunch of disconnected groups of 5-6 people sharing a few gigabytes of storage. if that's the case then you might as well just call up a few of your friends and ask each other to hold onto your files for you.
the point of Wuala is so that they let you store whatever you want on the space they donate, and you let others do the same. it seems like a fair trade to me. obviously, if you don't want to share your disk space with strangers, then this service isn't for you. just build a RAID array.
Re: (Score:3, Insightful)
That's the thing with social/cpu/storage collective software...
You have to PARTICIPATE in order to get the benefits.
If you don't want to share, then nobody wants to share with you!
Re:No thanks... (Score:5, Insightful)
Police: "We want your encryption keys"
Joe: "I don't have them, they're not my files!"
Police: "Think it over in solitary confinement."
Re: (Score:2)
I wouldn't be at all surprised if various governments actually tried prohibiting some (lawfully prohibited) uses of encryption for private citizens. I even worry that today's mindset of the average person I come in contact with that they'd succeed at such.
Re: (Score:2)
Re: (Score:2, Insightful)
1/100th of a mpeg or a jpg file depending on the file size is more than enough to show some underage girl getting nailed by a horse. Such formats can also be read without a file header by most software they can be viewed with.
Re: (Score:3, Funny)
underage girl getting nailed by a horse
When someone mentions CP to me, it does not conjure up the same images in my mind as it appears to do in yours.... I'm not sure what that says about either of us but I wouldn't like to visit the sort of websites that you seem to frequent, or at least you appear to have 'heard' about.
Re: (Score:3, Informative)
I think you are doing it wrong.
You don't have 1/100th of the bytes in a file, you have 1/100th of the information needed to reconstruct it.
Unless law enforcement can find enough of the other parts, then what you've got it just garbage random data.
Online Storage scares me (Score:4, Interesting)
Re: (Score:3, Informative)
The idea of having an intermediary overseeing any of my data just encourages me to go out and by an external drive or two.
Where do you store your external drives? If it's your personal items you're referring to, you probably keep them in the same house as your computer. Not much of a backup in the event of a fire/tornado/flood/etc. If it's for a business, unless you have offices in multiple locations, you probably keep them in the same office. So now if someone breaks your office's physical security, they have access to your backups as well.
I understand where you're coming from; it's difficult trusting someone to not abuse
Re: (Score:3, Interesting)
I have a agreement with a family member. I provide them a ssh account on one of my machines with 2TB of storage, they do the same for me. Then I use rysnc to backup my data into an encrypted volume.
Re:Online Storage scares me (Score:5, Insightful)
Must be nice to have family members for whom "ssh account" isn't a foreign language.
Re: (Score:2)
I hear these arguments all the time... how everyone should have offsite backup.
What I want to know is: How often does your house burn down ?
There is a very small quantity of data that I consider priceless, and even then I could survive without it. It would suck ass, but my heart isn't going to stop. I certainly won't jump off a bridge if I were to lose my MP3s or a bunch of movies. Pictures can be archived to disc, as well as my own works like audio masters and code. If I ever come across something that
Re: (Score:3)
Re:Online Storage scares me (Score:5, Funny)
I'm not sure how well a RAIH5 solution would work though but I'm sure there are plenty of people working on that though.
Re: (Score:3, Funny)
Redundant Array of Inexpensive Houses
Re: (Score:2)
That's why you use encryption. Just about any online backup host that doesn't care which files you send them will work with encrypted files. Encrypt before you send it over. It's really quite simple.
You lose some degree of delta-syncing, if you're doing something like that. You obviously can't send only the changes to a file unless you're doing the encryption remotely (which has some security implications.)
My backup scheme makes use of remote and local storage: encrypted backups to a remote host, and lo
A well-meaning idea, but perhaps flawed (Score:4, Interesting)
Re: (Score:3, Funny)
(go read the damn article for the full explanation of why 6 is plenty)
I've always wondered what RTFA stood for. F is for damn. Thanks.
=P
Single point of failure (Score:5, Interesting)
And when the master server that knows where all those little pieces are goes down, you are still without your data.
Re:Single point of failure (Score:5, Insightful)
Re: (Score:2)
There is. It's called "Freenet".
Re:Single point of failure (Score:5, Insightful)
And when the master server that knows where all those little pieces are goes down, you are still without your data.
Thank you! What do we have for our winner?
When I started reading TFS I assumed it was going to be some kind of distributed free storage service, that simply stores a copy of each file on multiple free online storage sites. As far as I'm concerned, this instead rates last after single service with a good backup plan and backing it up yourself. /vertisement much?
Re: (Score:2)
Without a master server, you're basically looking at freenet. And uh, we know how well freenet works.
Re: (Score:2)
You don't need a "master server". There are lots of ways to get around this. One is to simply ask where your data is. Ask 10 other machines "Have you seen data item 45635? they in turn ask 10 other machines in about ten cycles every machine in the system has been quarried. This could work but would be a massive waste. But what if each machine cached it's queries? Then most could be answered without sending a message.
This is how DNS works. I ask my local DNS server "What is the IP address accociated
Re: (Score:2)
Well, of course you could do stuff like that.
In fact, you could use Kdemlia or some other distributed hash system.
The point is that these people want a hierarchical system..
Hmmm.... (Score:5, Interesting)
Hmm... sounds good. I'll donate 2TB of space each from multiple computers at different locations and between all of them i'm bound to have two critical pieces of your files, then all i have to do is shut them all down! Muah haha haaaa!
And actually, what would happen if a major disaster shut down all the PC's in a major metropolitan area? Does the service provide enough redundancy that even if everyone in silicon valley went offline, my files would still be safe? I'd rather know where my data is.
Also, slashverteisment? The concept is interesting but the story doesn't bring up the more interesting issue of privacy, it seems like just an ad.
-Taylor
Re: (Score:3, Insightful)
Re: (Score:3, Insightful)
He didn't ask if there was redundancy. He asked if there was "enough" redundancy. How many nodes going down does it take before the system/data is crippled?
Re: (Score:2)
Re: (Score:2)
Therefore, someone else would have to donate six times as much data as I need stored. For this to break even I would have to donate 86% of my hard disk to backup 14% (including system files that probably don't need to be backed up). I don't think people will go
Re: (Score:2)
I'll donate 2TB of space each from multiple computers at different locations and between all of them i'm bound to have two critical pieces of your files, then all i have to do is shut them all down! Muah haha haaaa!
Your argument is that if the system were poorly designed then it might fail. Well "duh"
What if the files was distributed such that each block is stored in three places over a diverse set if IP addresses and then on top of that we compute a checksum block by taking the exclusive or (XOR) of each
Interesting idea that I'd never use (Score:2)
I like the idea in theory. P2P storage, very nice.
Except that it relies on sucking up somebody else's bandwidth, which may or may not be saturated as they are torrenting pr0n and/or playing WoW.
And it relies on hard drives that will sometimes unexpectedly get wiped from time to time, completely without notice and beyond my control or knowledge.
And except that someday, inevitably, somebody will break the encryption and will have access to pieces of my stuff.
And except that isn't this pretty much what Freene
Bittorrent (Score:3, Funny)
So they use Bittorrent?
Still a single vendor (Score:2, Redundant)
Even though you don't want to tie yourself to a single vendor, that's still exactly what you're doing.
Just ask yourself: If Wuala goes under, how will you get your data back?
It doesn't sound like their client application does all the distribution itself, but rather everything is funneled to and from a central server that tracks the scattered data and makes sure enough mirrors are maintained for reliability.
=Smidge=
Do the math.... (Score:2, Interesting)
If my system is part of this network, then...
I have a 1KB file that I want to store. So I send it up to the cloud. It gets stored as chunks that take up 6KB...
Now if I participate in the cloud, I need to offer up 6KB of storage.
Hmmm..
RAID6 needs less than 50% redundant drives. This stuff needs 600% redundant storage.
The storage needs don't add up, except in specialzed situations. Let's say I have information I don't want anyone to find if they steal my computer. I put it up there. But if it's so sensi
Re: (Score:2)
Except that RAID only gives you redundancy at a single geographic location.
Freenet (Score:4, Insightful)
Re:Freenet (Score:4, Informative)
Only that hardly used data can disappear off the network. I assume in the case of this other offering, it never goes away.
Re: (Score:2)
I was wondering if anyone else would remember this.
Of course, Freenet had other goals. You were donating to a pool in which people (yourself included) could share files. This seems to be more for a private pool.
Oh joy. (Score:4, Interesting)
Step 1: Joe pervert is busted (legitimately) for kiddie porn. It is determined he stored some of it with this service.
Step 2: Service is subpoenaed, and they give out all the user info for all the places where the bits of the files are stored.
Step 3: Arrest hundreds of people, declare a major kiddie porn ring busted, receive promotion.
Step 4: GOTO Step 1
15,363,490 files stored in Wuala (Score:3, Interesting)
I have more than twice that number of files on my 8 external hard drives.
Re: (Score:3, Interesting)
Donated Bandwidth (Score:2)
Nice idea, but no thanks now that my use is capped thanks to comcast.
Always make two backups (Score:5, Funny)
I have a home business. So, for safety, I always keep one copy of my data at work and one at the office.
Oh wait.
FreeNet? (Score:2)
From a couple percent of any file? (Score:2)
while someone else is trying to crack the encryption protecting your bank records.
What, with a couple of percent of each file? And not "bytes 300 to 1900", but a couple of percent of a polynomial function describing all the bytes in the file.
Churn is your enemy (Score:4, Interesting)
On paper it is mostly a great idea.
We had a paper on some tricks to play in file systems to make it perform better:
http://prisms.cs.umass.edu/mcorner/papers/fast_2007_tfs.pdf
But when you get down to it, churn is your biggest enemy. If you look at the rate at which people join and leave p2p networks, the amount of replication you need to do can use a lot of bandwidth. Every time a user quits (or drive crashes etc.) all of the data they were storing for others must be replicated again. If they aren't available online for a while you have to assume they have left the network and replicate proactively. See the paper for a few sample calculations based on the churn found in systems like kazaa and skype.
-M
Freenet (Score:2)
Freenet has been doing this for years. Basically all it is is a distributed, encrypted filesystem with some HTTP front end.
That's a ridiculous oversimplification, but that's how it works to the user.
Scenarios and Question (Score:2)
Bit Torrent Scenario -> 1. File 86 % complete and no other seeders. Stuck for 5 days ! Dang !
Wuala Scenario -> 1. Stored Large File.
2. Want to download file.
3. File 86 % complete and no other seeders. Stuck for 5 days ! Dang !
Possible ?
Stupid department... (Score:2)
If the data is scattered among many computers, it won't do you any good (or get you any excitement) to store a few blocks of porn. At best you get a few pixels, and you probably won't even know WHICH pixels they are supposed to be, seeing that they are supposed to be encrypted.
Next time, pick something like "Will-trade-blocks-for-food" or something like that.
meh.. (Score:2)
Tahoe - an open source alternative (Score:4, Interesting)
I would recommend taking a good look at Tahoe [allmydata.org], from allmydata.org. This is an open source project that uses a conceptually similar file dispersal system for backup, but it has been designed and reviewed by expert cryptographers. There is also a commercial version available at allmydata.com [allmydata.com] which has generously sponsored the open source project. Tahoe is working on Windows, Mac, Linux and other Unix style systems.
Tahoe does have a minimal dependency on a central server to first learn about the peer nodes that hold data, but only for the initial callup - once the client is running, it remembers all the peers it is using. And they are working towards eliminating even this dependency with "gossip" introductions, so if you can connect to any peer you can learn of all the others. Everything is cryptographically protected with encryption and signatures to make it effectively impossible for anyone to see the contents of your files without your permission.
What a twist! (Score:2)
Re: (Score:2)
Re: (Score:3)
What if the FBI/NSA sets up a few computers on this network and just idly waits until something that interests them shows up on their storage space...
How would they know if it's something that interests them? Is there any evidence that even the NSA can crack, say, AES in a reasonable amount of time?
Re: (Score:2)
Why wouldn't you just encrypt your files before you send them up to the storage cloud?
Re: (Score:2)
is who is going to just donate their hard drive space for no reason?
And their bandwidth [wikipedia.org]?
Re: (Score:2)
I'm using my own hard drive space to backup my own files. That way if my house burns down ... oh wait.
Re:Not me... (Score:5, Insightful)
And wouldn't kiddie pron collectors love this technology?
You could say the same about almost every technology. Full disk encryption, digital cameras, the entire internet itself, all this makes the life of a child pornographer that much easier. Focus on the good uses of a technology, and let law enforcement do its job if someone misuses it.
The toaster (Score:5, Funny)
You people do realize we need to start with the toaster if we really want to do something about the kiddy porn problem. After all, studies have shown that many child pornographers start their day with a piece of toast for breakfast. Why should corporations be providing child pornographers with equipment that helps them exploit children in this manner?!
Re: (Score:3, Insightful)
Oh man, I wish the world had more people with your mentality. (IE: Don't pretend to be the highway patrol and pull in front of that speeder, get out of the way and let the patrol make their own money.) I'm being serious here. People don't know enough about how other people live in order to make life decisions for them. The same goes for government oversight of my life (you know... things like health care)
Re: (Score:2)
So we have to protect the children and outlaw this service? Is that what you're trying to say?
Re: (Score:2)
Restricting the groups doesn't do much, because they will continue to spam other groups. There's just no stopping Usenet, and frankly no reason to do so in the first place. It is one of the last vestiges of the early internet still kicking around.
Re: (Score:2, Interesting)
Re: (Score:2)
That's what The Freenet Project [freenetproject.org] was being used for when last I bothered to look. I'm told that it's changed somewhat since then, but who knows.
Re: (Score:3, Insightful)
I agree that are tools for which most if not all uses are negative (guns?). But for this particular one, the potential good uses are too broad to just deny the entire idea. And privacy wil