Hi, Quoting Alex Pankratov <a...@swapped.cc>:
[...] > Here's where you are starting to detach from the reality :) > > For an average sysadmin employed by a small business the promise > of a "secure backup" from a larger company like CrashPlan is all > that's needed. For those rare gems that are indeed worried about > confidentiality of the data, the "your data is triple encrypted > with not one, not two, but three DES keys" will do it. > > Even if there will be a sysadmin wise enough to consider only > open source solutions with published (and peer reviewed) protocol > specs, they will be at best ignored by the management as complete > nerds. Yes, incompetence and ignorance are unfortunately prevalent. But the inability of management to recognize the good solution shouldn't cause us to drop the idea of creating one already in anticipation. > And that's not even considering finer aspects of the open source > in its application to establishing a trust in the software. > > In short, open source != trustworthy. Today, there is wide-spread use of open-source software in businesses. So I don't think it's still as bad as you describe it. There's no common perception that open-source software is less trustworthy than proprietary software. > Consider this, if a software developer is malicious in nature, > he could still release the software in an open source form. > All he needs to do next is to initialize app's internal random > number generator in a predictable way, and then make prebuilt > binaries available for download. You can rest assured that these > is what will be used by 99.9% of his users. The 0.1% that would > opt for building the binaries from scratch - oh, well, not a big > deal. This scenario is not realistic. Most people (especially in business) obtain binaries of the open-source programs they're using from a linux distribution vendor or other service provider. So there's yet another party involved that builds the binaries from source. Of course you'll need to trust this party then if you want to use pre-built binaries... > Open source does not imply trustworthiness. Extensively peer- > reviewed, built from scratch open source does, but that is not > the reality of open source. So in the end one will effectively > need to rely on developer's word that it's all kosher. And now > the question is how's that different from relying on a word of > a larger company offering closed source solution? Well, with a closed source solution you can only choose between blindly trusting the vendor or not using the software at all. With open-source there's more choice: You can just as well simply trust your binary provider - but if you don't you could build the binary yourself from the peer-reviewed source. And if you are really paranoid and don't even trust the source and independent reviews you'll be free to check for yourself. But of course you know this. I agree with you that many decision makers however may not understand or care about these subtle differences. [...] >> If a central storage provider knows which media you store in >> his system he will be able to deduce your interests (and use >> for advertising, for instance). Further, the storage provider >> could be forced or feel compelled to delete some of your data >> - for example because of alleged copyright infringement. > > A simple solution is to generate an RSA keypair (and, say, first > seed the PRNG with a long passphrase to be able to re-generate > the keys if lost) and then just encrypt all that goes into the > cloud. See http://www.tarsnap.com for a working example. > > It does not eliminate the issue of such storage costing money, > but that would be a different problem to solve. This prevents deduplication of data, so may increase storage costs. Also, it doesn't protect you from any of the other cloud computing risks. A P2P solution has the potential to provide same or even better security at a lower cost. > Just don't get me wrong. I've been through this before with my > own projects. I would run into a technicaly exciting idea and > then I would jump in and start prototyping it. And in a bit I > would realize that noone needs what I am building because they > don't see the problem I am seeing. So I would need to *educate* > them first and that's a completely different ball game, not my > thing at all. In other words - just make sure you know what you > are getting yourself into :) I appreciate you playing devil's advocate. Indeed, one needs to watch out not to be carried away too much by excitement about what is all technically possible. In the end, most managers (and consumers even more) will be unable to understand why storage system A is technically better than storage system B. So in reality, the decision for one will be highly influenced by which has the better marketing. Also, we all know that the majority of people obviously doesn't care at all about privacy (yet). So the better privacy guarantees provided by such new P2P storage system will likely not excite the masses (but instead just some nerds). So I take the point that therefore a P2P storage system also must have other advantages (like lower cost and ease of use) and it should be carefully weighed whether the fraction of users who truly care about privacy is large enough to justify the higher effort involved. Best regards, Michael _______________________________________________ p2p-hackers mailing list p2p-hackers@lists.zooko.com http://lists.zooko.com/mailman/listinfo/p2p-hackers
