Followinf on Zooko's comment on client-side javascript, unhosted is an open source project that provides security for web apps by doing all the processing on the client-side:
https://unhosted.org/ On 04/24/2014 01:08 PM, Zooko Wilcox-OHearn wrote: > Hi folks! > > I'm one of the architects of Tahoe-LAFS, and the founder and CEO of > LeastAuthority.com, which sells Tahoe-LAFS products and services. > >> On 22/04/14 14:05, Tom Ritter wrote: >> >> I'm pretty sure that TAHOE does provide confidentiality - the keys >> don't leave your device (more correctly, the gateway running on your >> device) unless you distribute them. Which you can, you can send the >> decryption key granting read-capability to anyone, but you don't have >> to. > This is correct. > > On Tue, Apr 22, 2014 at 12:17 PM, Caspar Bowden (lists) > <li...@casparbowden.net> wrote: >> It's a storage solution, and therefore not what actually Cloud is about in a >> business/industry sense, who want Cloud compute power to crunch usefully on >> encrypted data. > I think you're on the right track here, Caspar. People need a lot more > than just "self-storage in the cloud". There are two dimensions that > they need more: > > 1. sharing; Sharing is a lot different from self-storage. Most cloud > storage crypto *cements* the self-storage nature into place, by adding > an encryption key, held by the user, that cannot be safely divulged to > any other user. Tahoe-LAFS is very different in this way, it doesn't > impede sharing. (As Tom Ritter alluded above, sharing is easy in > LAFS.) > > 2. computation; People do need storage, but they get a lot more value > from apps. Most cloud storage crypto cements into place the "no apps > allowed, just data storage" nature, but LAFS is at least potentially > better: > > a. You can share your data with a remote server. Suppose you have a > collection of data stored in LAFS. It could potentially be a large > dataset, it could be heterogeneous in its schemas and storage formats > (i.e., it isn't all in one tidy SQL db, but spread out in multiple > formats and files). You started storing it in LAFS years ago, and have > been incrementally adding to it and maintaining it ever since (i.e., > you didn't plan ahead for what's about to happen). Now you decide that > one particular subset of it, e.g. one particular SQL db, or one > particular folder full of docs, or something, needs to be shared with > a remote server so that the server can do something fancy with it. It > is easy for you to send that particular server access to that > particular folder full of docs, without divulging any of your other > data to that server and without divulging *anything* to anyone else > other than that server. > > b. LAFS can be integrated with client-side Javascript, so that all > of the storage is encrypted and in-the-cloud, and all of computation > is performed in Javascript on the end-point device (i.e. in the > browser). I think things like this are the future. > > Regards, > > Zooko Wilcox-O'Hearn > > Founder, CEO, and Customer Support Rep > https://LeastAuthority.com > Freedom matters. -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
