Online Storage With a Twist 268
mssmss writes "For a long time, I have been looking for a way to securely store my files online without being tied to a single vendor — whose survival my storage depends on. It looks like Wuala has a way to do this, according to this story in the Economist. They use donated disk space of users to scatter your encrypted files over multiple computers."
Nice idea (Score:5, Interesting)
Sounds great, but what happens when a massive worm outbreak occurs?
Online Storage scares me (Score:4, Interesting)
A well-meaning idea, but perhaps flawed (Score:4, Interesting)
Single point of failure (Score:5, Interesting)
And when the master server that knows where all those little pieces are goes down, you are still without your data.
Hmmm.... (Score:5, Interesting)
Hmm... sounds good. I'll donate 2TB of space each from multiple computers at different locations and between all of them i'm bound to have two critical pieces of your files, then all i have to do is shut them all down! Muah haha haaaa!
And actually, what would happen if a major disaster shut down all the PC's in a major metropolitan area? Does the service provide enough redundancy that even if everyone in silicon valley went offline, my files would still be safe? I'd rather know where my data is.
Also, slashverteisment? The concept is interesting but the story doesn't bring up the more interesting issue of privacy, it seems like just an ad.
-Taylor
Do the math.... (Score:2, Interesting)
If my system is part of this network, then...
I have a 1KB file that I want to store. So I send it up to the cloud. It gets stored as chunks that take up 6KB...
Now if I participate in the cloud, I need to offer up 6KB of storage.
Hmmm..
RAID6 needs less than 50% redundant drives. This stuff needs 600% redundant storage.
The storage needs don't add up, except in specialzed situations. Let's say I have information I don't want anyone to find if they steal my computer. I put it up there. But if it's so sensitive, do I really want it up on the web?
I see this as being useful for information smuggling. Hide the file in plain sight in little bits. Reassemble when you cross the border (or after the DHS goons leave...)
The lack of access control (Score:5, Interesting)
> I don't think I want to be liable for the data that someone puts on my PC
I don't want random people's data on my disk. Period.
I was a beta tester for Wuala and the lack of access control to my donated disk space was the biggest issue. I talked to their CTO and suggested to have an option of donating the space to specific peers only, which should've not been hard to do given they have the social grouping support in place already. He didn't see an issue with wildcarded access though, so they were not planning (nor in fact did) anything about it.
Re:Online Storage scares me (Score:3, Interesting)
I have a agreement with a family member. I provide them a ssh account on one of my machines with 2TB of storage, they do the same for me. Then I use rysnc to backup my data into an encrypted volume.
Re:Online Storage scares me (Score:1, Interesting)
I keep my personal USB drives at work, and my work ones at home. (Small company.) Easy & pretty secure. Anything sensitive can be encrypted.
Oh joy. (Score:4, Interesting)
Step 1: Joe pervert is busted (legitimately) for kiddie porn. It is determined he stored some of it with this service.
Step 2: Service is subpoenaed, and they give out all the user info for all the places where the bits of the files are stored.
Step 3: Arrest hundreds of people, declare a major kiddie porn ring busted, receive promotion.
Step 4: GOTO Step 1
15,363,490 files stored in Wuala (Score:3, Interesting)
I have more than twice that number of files on my 8 external hard drives.
Re:No thanks... (Score:2, Interesting)
Yeah, I can see the government not being particularly forgiving if that chunk of data on your harddrive happens to have childporn or something on it. "No, really your honor, it wasn't my data. I was just sharing storage space with people online." Is not going to fly in court.
Or, perhaps having this particular software on your computer could actually create the reasonable doubt you require to protect you? Think about it.
Churn is your enemy (Score:4, Interesting)
On paper it is mostly a great idea.
We had a paper on some tricks to play in file systems to make it perform better:
http://prisms.cs.umass.edu/mcorner/papers/fast_2007_tfs.pdf
But when you get down to it, churn is your biggest enemy. If you look at the rate at which people join and leave p2p networks, the amount of replication you need to do can use a lot of bandwidth. Every time a user quits (or drive crashes etc.) all of the data they were storing for others must be replicated again. If they aren't available online for a while you have to assume they have left the network and replicate proactively. See the paper for a few sample calculations based on the churn found in systems like kazaa and skype.
-M
Re:Not me... (Score:2, Interesting)
Tahoe - an open source alternative (Score:4, Interesting)
I would recommend taking a good look at Tahoe [allmydata.org], from allmydata.org. This is an open source project that uses a conceptually similar file dispersal system for backup, but it has been designed and reviewed by expert cryptographers. There is also a commercial version available at allmydata.com [allmydata.com] which has generously sponsored the open source project. Tahoe is working on Windows, Mac, Linux and other Unix style systems.
Tahoe does have a minimal dependency on a central server to first learn about the peer nodes that hold data, but only for the initial callup - once the client is running, it remembers all the peers it is using. And they are working towards eliminating even this dependency with "gossip" introductions, so if you can connect to any peer you can learn of all the others. Everything is cryptographically protected with encryption and signatures to make it effectively impossible for anyone to see the contents of your files without your permission.
Re:No thanks... (Score:2, Interesting)
There is no way they can prosecute you for having an encrypted pic of illegal on your PC unless it was yours.
Besides, just drive to a rest stop, spoof your MAC, build an account with fake info and get 1gb free, then upload any illegal stuff you want and they cant trace it back to your PC because you used a rest stop. That's the best way to download music and movies, rest stop torrents, I live close to one and can download movies from the trunk of the better car I leave there. They can trace it as far as a spoofed MAC at the rest stop on a computer dedicated to the downloads with no identifiable information on it.
Re:Online Storage scares me (Score:2, Interesting)
Unless of course the same contractor wired them all poorly, or there's a real good arsonist around.
Re:It may not fit... (Score:3, Interesting)
Don't forget to make Debian packages as well, since a lot of people who would use Ubuntu for distributed storage may prefer the stability of Debian.
Re:15,363,490 files stored in Wuala (Score:3, Interesting)