Google Plans Service to Store Users' Data Online

achillean wrote this morning with a link to the Wall Street Journal, announcing plans we've all seen coming for a while: an online data storage service from Google. Though the article doesn't come out and call the project 'gDrive' or anything like that, it does indicate the service could be available within the next few months. "Google's push underlines a shift in how businesses and consumers approach computing. They are increasingly using the Web to access applications and files stored in massive computer data centers operated by tech companies such as Salesforce.com Inc., Microsoft Corp. and Google. Such arrangements, made possible by high-speed Internet connections between homes, offices and data centers, aim to ease users' technology headaches and, in some cases, cut their costs."

Recomendation to dissidents

Don't store your personal stuff up there. Just don't do it.

Re:Recomendation to dissidents

Oh noes, I can't sleep, Googlebot will get me.

Re:Recomendation to dissidents

[TobyRush]

If Google is intending this service for online storage of personal information, I don't think it's going to succeed... people use Facebook for that sort of thing.

Re:Recomendation to dissidents

[pipatron]

On the contrary.

I've long been planning to put my most personal and important data on Google's servers, using the already existing gmailfs. Using good encryption, of course, which you really should use on local storage as well, if there's even a slight chance that it might get physically stolen.

Using this would give me a very cheap (actually free) off-site backup, so I know I can still retrieve my stuff even if my house burns down, or if RIAA sends the police to get my computers...

Re:Recomendation to dissidents

[StankDawg]

The RIAA wouldn't need to send the police for your computers since they can subpoena Google to get the evidence that they need. They do that for search queries now. Uploading your personal data gives law enforcement one stop shopping to your information. A "portal" to all of your personal information. How convenient...

Re:Recomendation to dissidents

[utopianfiat]

second dupe.
and it's already been done- 1GB of storage on Gmail? This is why Zonk is unchecked in my "show stories from" dialog.

Re:Recomendation to dissidents

[TheRaven64]

Which is why the grandparent mentioned strong encryption. How they get the data is irrelevant; they still need to get the keys from you, either via installing spyware or using something like RIPA to make you tell them.

Re:Recomendation to dissidents

[TooMuchToDo]

If Google has your data, they have enough horsepower to break everything but the toughest ciphers. Aren't distributed systems what they do best?

Re:Recomendation to dissidents

[pipatron]

Actually, by personal data I don't mean the heaps of movies and music that I've been downloading from the internet... ahum.. I mean linux distributions. More like pictures I've taken, source code I've written, and in general, things I can't download again from the internet.

RIAA would of course want to believe that it contains their precious Imaginary Property, but since it's encrypted, they could only guess.

Re:Recomendation to dissidents

[TheRaven64]

Do you really think Google has enough computing power to crack 128-bit AES? To crack a symmetric cypher, on average, you need to search half of the key space. That means you'd need to search 2^127 keys. My 2GHz Core 2 Duo can (according to openssl speed aes) do about 40,000 1024 byte blocks per second. In one year, it could do 1.3x10^12. If you had a compute cluster composed entirely of machines of this speed, it would need a shade under 1.3×10^26 machines to be able to crack a single AES-encrypted message in a year (on average).

To put this in perspective, Apple sold 1.6x10^6 computers in the first quarter of this year[1]. You would need to buy every single computer Apple made for 4x10^19 years. If we assume Apple sells approximately 5% of all computers, you would need to buy every computer made (assuming constant production) for 10^18 years.

To put that even more in perspective (10^18 is still a bit big for my brain), the age of the universe is estimated to be just under 1.4x10^10 years. If, for every year that the universe has been around so far, you bought as many computers as could have been made if production had begun at the current rate at the start of the universe and continued until now, then you would have slightly more CPU power than you need to crack 128-bit AES. Oh, and trying all of the possible keys is only half the problem; you also need to recognise when you've decrypted it.

Of course, if you're really paranoid, you can use 256-bit AES (the time to crack it doubles for every extra bit of key length).

[1] I tried to find numbers for Intel and Dell, but could only find revenue and profit numbers, not sales.

Re:Recomendation to dissidents

[simcop2387]

if you're not seeing his stories, how'd you know to come here to comment?

Re:Recomendation to dissidents

[Glonoinha]

"256-bit encryption ought to be strong enough for anybody." - Glonoinha '07

Some of you laugh because you think it is true.
Some of you laugh because you think it is false.
Some laugh because you remember BillG saying the same thing about 640k.
And very few of you laugh because you know what I know, but none of us will actually admit it.

Re:Recomendation to dissidents

[caluml]

Assuming that brute force is the way to go. Which I think you've explained quite well that it isn't.
Maybe the key in AES256 is divulged a bit at time, in the 95101924th bit, the 814255525181th bit, etc.

Re:Recomendation to dissidents

[trianglman]

A back door in AES would have been found by now. There are enough brilliant security experts hacking on the big public schemes, with full access to the algorithm (it is open source after all), that something would have been found by now. The only weakness known in AES is weak passkeys.

Locking your files with the password "12345" is about as brilliant as it has been for the past 20+ years.

Everything old is new again

[pryoplasm]

a strategy that could accelerate a shift to Web-based computing doesn't this sound just a little bit like a dumb terminal in terms of computing?

Re:Everything old is new again

[ByOhTek]

if by "a little bit" you mean "a whole lot", yeah, it does.

There's nothing wrong with a computer as a graphical dumb terminal - if it does what the user needs it to do. There are plenty of users who would be fine with this, and for whom it would work quite well. Cheaper computers with the desired functionality? Nothing wrong with that.

Re:Everything old is new again

[smittyoneeach]

The substantial difference between what Google is up to and previous dumb terminal applications is one of scope.
If the possible participants/locations for working on stuff is wherever there is reasonable internet bandwidth, then some interesting use-cases crop up:

• Keeping a TODO list as a google document that you can see both at home and at work, blowing by the limitations of Exchange server configurations and mixing personal/work stuff
• Collaborating on a school project. Tried this actually, and the limitation proved more to be the inability of the classmates to think outside of .ppt boxes than what could be done with Google docs. This was before Google's presentation tool, but, again, the constraints are as frequently the people as the tools.

Sure, the usual cautions about sensitive information apply. But then, aren't we placing a lot of silent trust in Mr. Softy? One wonders if some hidden assertions might not be poorly founded here...

Re:Everything old is new again

[ByOhTek]

Quite true, but a lot of people don't have things they consider critical on their computers.

Personally, I wouldn't use it (or would at least keep a backup of anything I don't want to loose), but there are a lot of people who wouldn't care if someone else looked at their data. Data corruption/loss would be a problem though.

Re:Everything old is new again

[ChrisA90278]

"...doesn't this sound just a little bit like a dumb terminal in terms of computing?"

No. I'd call it "Smart Termional". A dumb terminal is simply a display device, smart terminal can run programs and interact with the user. It makes great sense to keep a word processing document on a server. It is small and only takes a few seconds to move the document to whatever "smart terminal" the user is logged into. If you have ever used one of those systems where your desktop follows your log in it is great. Log into in computer in the building and my desktop and all my data is right there where I left it. Wouldn't it be great if I could do that on any computer world wide? I can't do that with large data sets like the video I'm editing or even my iTunes library but smaller documents and email yes.

Upload

[niceone]

Once installed, you upload your files by right clicking on them and selecting "I'm feeling lucky".

This sounds fun

[DeeQ]

first thing I'm going to put up there is personal information to others. Any bets for how long till they are compromised?

Re:This sounds fun

I won't bet until you tell me your password. Once you do that, I will give you my bet (which will probably be on the order of how fast I can type).

Seriously, how long before compromise?

It is going to depend on the strength of your password and the strength of Google's security and policies and procedures. Can some admin at Google expose your data? You bet. Is their security now a concern for you? Yep. If your password is your parents' address and your wife's name is your data safe? Nope.

Re:This sounds fun

[Averyge+Joe]

Don't you mean, "the personal information 'of' others"? It'd be more fun...

Call Me Paranoid

[cybermage]

In an age of sealed warrants, if the government even bothers with that, why would anyone put their data out of their sight? When it comes to privacy, I cannot see how the benefits outweigh the risks.

Re:Call Me Paranoid

[TimeTraveler1884]

In an age of sealed warrants, if the government even bothers with that, why would anyone put their data out of their sight? When it comes to privacy, I cannot see how the benefits outweigh the risks.

Well see, there is thing called "encryption". If used properly, it can be quite effective in maintaining one's privacy. With Google's track record of protecting user's privacy, I would not be surprised if the service automatically encrypts the data during transit on the desktop and Google does not transmit the keys to their server.

I did not RTFA, so I think it will depend on if they plan to give this service away for free and data mine what you are storing. In any case, if they don't encrypt it, then you are free to encrypt the data yourself beforehand as a user.

Re:Call Me Paranoid

[cybermage]

Well see, there is thing called "encryption".

Okay, some wing-nutty paranoia now. Is there any form of encryption that you believe people like the NSA cannot crack? I suspect stories like "Skype encryption too tough for German police" are a ruse to encourage criminals to use the Skype which is likely easier to track, and certainly less portable, than prepaid cell phones.

Besides, if Google doesn't do the encryption, 99.99% of the data will not be encrypted. That should make the people with something to hide pretty easy to pick out.

Re:Call Me Paranoid

[Stooshie]

... I would not be surprised if the service automatically encrypts the data during transit on the desktop ...

That technique is already used on a site called www.passpack.com. You log in using your account and the site downloads a password protected zip file to your browser. You then type in a second password to unzip the file you can then edit the data/files. when you are finished the file is zipped (password protected) and re-uploaded to the server.

This means the file on the server is protected (128 bit I think) and even if someone hacked the server and found your account on the database they would find it extremely difficult, if not impossible, to access your file. Even an insider to the site would have the same problem.

Re:Call Me Paranoid

[Anonymous+Brave+Guy]

With Google's track record of protecting user's privacy, I would not be surprised if the service automatically encrypts the data during transit on the desktop and Google does not transmit the keys to their server.

I'm sorry, what track record would that be?

Google are quite possibly the world's leading authority on automated information gathering. After all, their ad-based business model fundamentally relies on being able to target those ads, and the continued success of their primary service, the search engine, depends on how effectively and comprehensively they can process the entire WWW.

As we have seen in the past, with everything from Google Street View to the leaks from a certain other popular search engine to Google Groups archives, vast databases like this will inevitably include information that people might have expected to remain private, and these services can make it accessible (deliberately or otherwise) to the entire world.

Google are a business like any other and, despite all the "do no evil" rhetoric, they will still do whatever they can get away with to make a profit for their shareholders, and they can still be compelled to disclose any information required by law (and laws can change).

Right now, it probably is no exaggeration to say that Google is the single greatest threat to privacy the world has ever seen.

Re:Call Me Paranoid

[mwilliamson]

>Is there any form of encryption that you believe people like the NSA cannot crack? Yes, the NSA cannot crack one time pad encryption (OTP), nor will the every be able to. Provided you generate your OTP keys using a pure random number generator (not pseudo-random...so software-based is out of the question), this system is uncrackable. An associate of mine created such a pure random number generator based on radioactive decay. Provided you don't loose (or ever loose) your keys and have a secure way to exchange your keys beforehand, OTP works.

Re:Call Me Paranoid

[pyite]

Is there any form of encryption that you believe people like the NSA cannot crack?

Yes. I find it highly unlikely that the NSA can crack AES-128 and beyond. The algorithm has been extensively critiqued and found to be strong. And 128 bits and above is beyond the ability of a brute force attack.

Re:Call Me Paranoid

[TimeTraveler1884]

I'm sorry, what track record would that be?

For one, there is refusing demands for search data.

As we have seen in the past, with everything from Google Street View...

I don't agree with this, but the Google Street View is in general a continuing debate. I am speaking specifically of data that you submit to Google willingly. Not data captured by Google through your public exposure. Google does not break in to your home and take "Google Cribs View" panoramas of your home interior and publish them online.

...this will inevitably include information that people might have expected to remain private...

In the information age, perhaps people's expectations need to change? It needs to be realised what you really do in public is not local but global.

Google are a business like any other and, despite all the "do no evil" rhetoric, they will still do whatever they can get away with to make a profit for their shareholders, and they can still be compelled to disclose any information required by law (and laws can change).

While I don't think it is quite as cuthroat as you make it out to be, I generally agree. The only person that has your best interests in mind is you. So you should take precautions: don't allow truly private data online and if you do, encrypt it or accept the risk. When people start stealing that data, which Google does not do, then I'll break out the pitchforks and torches.

Re:Call Me Paranoid

[fyngyrz]

The algorithm has been extensively critiqued and found to be strong.

...and if the NSA could crack AES-128, what would you expect to hear from them and any security-cleared academics involved? Let me lay it out for you bluntly. They'd say something along the lines of "The algorithm has been extensively critiqued and found to be strong."

Also, there's quite a difference between what Dr. Joe Honest, working on his stipend until 4pm each day with what he, his TA, and his mighty 3 GHz windows or linux machine can do, and an organization that has billions in budget normally, can get more anytime they ask, no difficult goals but breaking encryption and signal intercept, and which has made it a point to hire as many of the best minds in encryption as possible for, oh, say the last fifty years or so. And this in a world where quantum attacks are thought to be only a matter of sufficiently developed technology.

Personally, I think if you depend upon encryption, someone, somewhere, is quite likely to be archiving your data in the clear. Even if the decrypt mechanism "trick" involved was no more complicated than scooping your OTP off your computer without your knowledge. Which we all know cannot happen. (cough.)

If you want security from generic canvasing of your data, put it on a machine that has no network connection, and ensure that said machine has considerable physical security, right up to and including a Faraday cage. It won't stop anyone who physically comes after you, but your data will remain unscanned as long as you remain of no interest to the authorities. Past that point, you could wake up and find your Faraday cage missing, computer and all. :-)

And of course, nothing so quaint as that old-world concept of a "warrant" will impede them.

Re:Call Me Paranoid

[TheRaven64]

To be secure, a one time pad needs to be bigger than the data it is encrypting (you need one page per symbol, and the size of each page needs to be big enough to represent each symbol). This makes it pretty useless for storing data on someone else's server, since you need to securely and safely store more data locally and so could just store your data, rather than your key.

Re:Call Me Paranoid

[mwilliamson]

Why does it need to be bigger than the data? I always thought it only had to be the same exact size of the data. (or are you talking about being able to actually make it useful and add data) -Michael

Re:Call Me Paranoid

[fialar]

An interesting study here done by Privacy International:

http://www.privacyinternational.org/article.shtml?cmd%5B347%5D=x-347-553961

Google were rated "Hostile to Privacy". Read their interim rankings PDF.

Re:Call Me Paranoid

[TheRaven64]

You have a source stream. For simplicity, let's say it's plain text, so you have 26 possible symbols in the input stream. A one time pad is a mapping from each symbol in the input stream to a different symbol, so you need 26 mappings. For it to be secure, you can't use the same mapping twice in a row (you can use two identical mappings in a row, but only as a result of your noise source giving the same thing twice). For your 26-character input stream, then, you need 26 mappings in your one time pad per symbol in the input stream.

In practice, however, you would typically use binary for the input stream. This gives you two symbols, 0 and 1. There are only two possible mappings here: 0 to 1, 1 to 0, and 0 to 0, 1 to 1. Since there are only two mappings, you only need a single bit to encode them since the final one is implicit (you just need to store what the 0 or the 1 maps to). You can do this trivially with a nondestructive mapping such as XOR. The size of your data is the lower bound for the size of the one time pad.

Re:Call Me Paranoid

Okay, some wing-nutty paranoia now. Is there any form of encryption that you believe people like the NSA cannot crack?

Not to one-up you or anything, but is there any form of encryption that the future can't crack? Today's Twofish is tomorrow's ROT13.

AC because my time => the post is short.

Re:Call Me Paranoid

[Sancho]

...and if the NSA could crack AES-128, what would you expect to hear from them and any security-cleared academics involved? Let me lay it out for you bluntly. They'd say something along the lines of "The algorithm has been extensively critiqued and found to be strong." Though since the algorithm is public anyone can examine it, including people who are NOT under NDA.

Also, there's quite a difference between what Dr. Joe Honest, working on his stipend until 4pm each day with what he, his TA, and his mighty 3 GHz windows or linux machine can do, and an organization that has billions in budget normally, can get more anytime they ask, no difficult goals but breaking encryption and signal intercept, and which has made it a point to hire as many of the best minds in encryption as possible for, oh, say the last fifty years or so. And this in a world where quantum attacks are thought to be only a matter of sufficiently developed technology. If we're talking about a brute-force, the math is pretty easy to figure out. You decide that you protect your data from X computing power, and you realize that if someone has X^2 computing power, they're going to get your data. Generally speaking, that's the best that you can do.

If we're talking about flaws in the algorithm that allow someone with a "secret key" to decrypt the data, then we're talking about a whole level of conspiracy and obfuscation. I don't put it past the government to do this, but at the same time, this is a harder thing to do when the algorithms are publicly available. You can bet that other governments with big budgets want to break AES, too. So if the NSA approved it for US government use, they probably believe it to be secure.

Others have pointed out non-computational attacks on cryptography, such as keyloggers or interrogation. I don't think that these are good arguments against the use of cryptography in general--realistically, they're good arguments against ever making hard copies of extremely sensitive data in the first place.

I don't particularly want my government to have a profile on me. It's not that I have anything to hide, it's just that I value privacy. If I store data online, and the government makes a deal with Google to let them profile everyone's data, encryption will allow me to limit the profile a bit. If they can break the encryption, then I'm still not in a terrible situation. But if they really wanted my data, they'd get it, through subpoena or interrogation or some other method, so realistically, I'm just protecting against sweeps and the corporation itself reading my data. As long as a person understands all of this, it's really no big deal.

Re:Call Me Paranoid

[pembo13]

From what I hear, encryption may be effective at getting you tortured.

Re:Call Me Paranoid

[TheVelvetFlamebait]

Yeah, you're paranoid. No-one's out to get you. Even if you decide to entrust your information to Google, there's by far no guarantee the government will read it or store it, and even if they do, use it in a way that detriments you. They really don't gave a motive.

Re:Call Me Paranoid

[phantomcircuit]

Frankly if the NSA is coming after you I would forget about the data and run like hell.

Disappear... seriously

Re:Call Me Paranoid

[rtb61]

Juts one point to highlight about google so called protecting people's privacy. Google fought to prevent giving the information away for 'free' not selling that information. Your privacy is google's profit centre of course it will fight any government gaining access to what it sells for with out paying for it.

It might be unfair to say google is the single greatest threat to privacy, but certainly the googlites preaching that no one should expect privacy on the internet, that private emails are postcards, the children's game playing should by analysed for marketing purposes, are a real threat to privacy. Their willingness to sell out the future generations right to retain some measure of digital privacy is just pathetic.

Reading emails, reading data storage, reading medical records, analysing MMOG, desktop search and they are looking into gaining full access to networks, via gphone etc. It is about time that some real legal restraint was applied on personally targeted marketing. Advertising was and should only be accepted as a means by which companies can inform the 'general' (emphasis on general) public of products, not an individual tailored psychological marketing assault.

Re:Call Me Paranoid

[Anonymous+Brave+Guy]

Juts one point to highlight about google so called protecting people's privacy. Google fought to prevent giving the information away for 'free' not selling that information.

Ironically, as I write this, the top story on the Slashdot homepage suggests that Google aren't always so good at protecting people's privacy.

That case is doubly ironic, because it sounds as if there really was a decent case there and so a court probably would have issued the proper order, justifying Google releasing the relevant data. Doing so before that order was issued doesn't sound much like fighting not to give the information away to me, though.

Re:Call Me Paranoid

[MikeFM]

I have an online storage system already in development that is somewhat similar to this. The client is a Java applet that is loaded when the user visits our website. Each file is encrypted by it's own unique key in the client before being stored and keys can either be recorded locally, such as to a thumb drive, or stored on our secure server. The secure server uses an encrypted file system and once turned off can only be restored with it's own key disk and a password. The key disk is kept in a safe location and only I have the password. The secure system also doesn't use any swap space and is set up to unmount the secure file system and shutdown if it feels itself threatened. Some other security features, that I won't disclose, also make it unlikely that the key server would be subject to seizure or hacking.

So in the end it all comes down to how much pressure the government, or someone else, would be willing to put on me to get access. I've given this a lot of thought and to me the government is only a minor risk - the big risk would be from some sort of criminal organization. I've added some features to make it harder for such an attacker to gain access even if they kidnapped and tortured me or some similar horrible method.

The biggest risk, IMO, is that in a large company such as Google that an employee might have access. How trustworthy are random employees? Seems like it might be appropiate to do full checks like the government might do for employees needing security clearance. Even then, access to all the world's private data could be a big temptation.

Underground storage

[InvisblePinkUnicorn]

Methinks this trend will create a network of vast underground datacenters so large that archaeologists of the distant future will be left wondering whether we were created by metallic silicon creatures.

Re:Underground storage

[Khuffie]

And when they discover how to extract that information from the datacenters...will be distracted by the vast amounts of pr0n.

Re:Underground storage

[hansraj]

And they will conclude that at least the females were made up of non-metallic silicone.

Forever in Beta

Though the article doesn't come out and call the project 'gDrive' or anything like that...

Ofcourse, it'll be gDrive Beta.

Filesystem over IMAP.

[dannycim]

Fudge, I had just started to write a virtual filesystem driver using IMAP as a back-end. (Not fast, but gmail's 5.2G is free.)

Oh well, I'll put it on the back-burner until I hear more.

Re:Filesystem over IMAP.

[i.r.id10t]

Already done - http://richard.jones.name/google-hacks/gmail-filesystem/gmail-filesystem.html

Re:Filesystem over IMAP.

[azrider]

gNFS, anyone?

Re:Filesystem over IMAP.

[LuckyStarr]

Twice: http://imapfs.sourceforge.net/

Re:Filesystem over IMAP.

[Atti+K.]

That's not IMAP-based, but Gmail-API based. (i.e. works only on GMail, it's from the early days of Gmail, when obviously there was no IMAP on Gmail)

Useless to me w/Rogers

[brunes69]

Unless Google can lobby Rogers to get rid of its arcane practice of capping usage at 60GB / month for it's standard high speed, me, and around 50% of people in Canada with high speed internet, can not make any real use of this service.

It is pretty sad that a company will give you a nice 6 Mbps link only to cap you at 60 GB, which you could exceed in only 1 day of saturating your link.

Re:Useless to me w/Rogers

[chrish]

Not to mention the standard North American practise of providing terrible up-stream speeds on cable and DSL lines. It'd take ages to upload 5GB (or whatever GMail's current limit is) of data.

I'm too impatient to back up 5GB of data over my 100Mbit LAN, I'm not doing it at "up to" 800kbits/sec.

Re:Useless to me w/Rogers

[empaler]

I love my capless 10/10 pipe. M4 ph4t p1p3, as I call it. I could have a 20/20, but that'd just seem so wasteful.

Re:Useless to me w/Rogers

[Kalriath]

Stop whining. For $70 I get a 2Mb link with only 15GB a month. Well, the theoretical maximum speed of the link is 7.6Mb, but the exchanges can't really hack that.

Re:Useless to me w/Rogers

[krayfx]

i still find that reasonable than the joke of a broadband offered by BSNL/ India. We have a 2 Mbps link with a cap of 400MB datacap, and if you exceed the base limit - you are charged 25 cents an MB! and rack up 15-20 dollars suppose you download the ubuntu ISO. Of course, the package is very cheap at 6 dollars.

512 kbps unlimited bandwidth goes for 50 dollars and 256 kbps for abt $25. i know, kinda sucks, but its getting better all the time. a few years back, many villages that did not see any kind of connectivity are now plugged, 256/ 512 kbps - which is good. Metropolitans have Wimax with similar schemes (256/ 512, and similar pricing).

Re:Useless to me w/Rogers

[acidrain]

Telus (also Canadian) doesn't actually enforce their bandwidth caps. They do have a nice page where you can confirm that you are 378% over, but in the end I imagine they realize that the cost of tech support calls from capping cost more than the bandwidth saved. I honestly believe this is the future. Sure ISPs can/do pick on the "power users" but when you average user is using gdrive and utube bandwith caps will directly hit the ISPs bottom line. And the customers $30/month actually buys an ISP an absurd amount of bandwidth at the backbone level.

possibilities

[rgiskard01]

As a recent convert to google apps, this is very interesting. I have/still have all the concerns about my privacy, but the offering was too tempting to pass up. Of course I use the Firefox Customize Google add on, but also don't really put anything sensitive up there. If they build it right, it could be very nice. I've tried all the online backup apps, and outside of Mozy, don't really like any that much. But I'm now all Linux, so Mozy is no longer an option. Anything that competes with Microsoft is a good thing!

Re:possibilities

[gbjbaanb]

FTA:

The Mountain View, Calif., company plans to provide some free storage, with additional storage allotments available for a fee Sounds exactly like Mozy, but with mozy you can excrypt everything with your own key, makes uploading no different but you have to decrypt any restored files yourself. Somehow I cannot see Google doing this as they'll want to use their technology to keep a single copy of a file on their servers if several people upload the same one.

I'm not sure how they'll manage to slip adverts in either, maybe you'll only be able to access file restores with a web UI?

So, all in all, Mozy is better. Now we all need to go tell them we want a Linux client to go with the Windows and Mac ones and not to take the piss with the alternative they light-heartedly suggest: "Run a cron job of rsync, gzip and mcrypt piped over ssh to your friend's server over his DSL line."

BS Post

[smittyoneeach]

Storin' those data
To network platta
Drive image good
As face image could
Burma Shave

Thin client

[mrbill1234]

Thin client computing is on its way back - like it or not.

Though nothing new, this is a great idea who's time has finally come - particularly for people with mobile devices connected to wifi hotspots - both of which Google has been investing in.

Re:Thin client

[Anonymous+Brave+Guy]

Thin client computing is on its way back - like it or not.

Why? What advantage does using all these on-line services actually offer me as the end user? How is this service better than my own hard drive (or having a remotely accessible server set up at home that I control)? How are Internet-based applications from the likes of Google or Salesforce.com better than installing software locally in any technical way?

All these services are basically just playing on the convenience of using a remote service, and that in turn is only relevant because of the absurdly awkward installation and maintenance processes people expect for desktop software. There is absolutely no technical reason these things have to happen, it's merely momentum in the marketplace.

Meanwhile, there are fundamental security, reliability and performance dangers associated with using any off-site service with an external provider. It all seems cute until your (or their) network connection drops out, or the service provider finds they're not making enough money and shuts the service down (which you can't do anything about with free services, since the provider is under no obligation to you), or the database leaks and compromises your personal information, or your costs for bandwidth and access to the services start to rise.

After the first few nasty accidents, I think people will have a very different view of these "convenient" external service providers, and I for one wouldn't bet on a thin client future just yet.

Re:Thin client

[mrbill1234]

1) Most people don't have the technical savvy or the desire to setup a remotely accessible server, let alone have the headache of backing it up and keeping it operating.

2) This is not a technical issue, but rather one of convenience. You can iron your own shirts too - and loads of people do, but loads of people pay someone else to do their ironing too. I'm not saying that Thin Clients will take over, but they will have a fair share of the market.

3) Yes there are risks with an online provider, but hey, there are risks with running your own setup too. Each individual or business will have to weigh those risks and the costs of running and maintaining each one and decide which to use.

To be honest for the majority of people, most of what they do on a PC _could_ be done via a browser interface. I'm not talking about power users or gamers - I mean most regular people. E-mail, web, standard office apps, and the odd specialist application.

Re:Thin client

[igb]

What advantage does using all these on-line services actually offer me as the end user?

If you do all your computing in your proverbial mother's proverbial basement, and that basement happens to be a disused Minuteman silo, then what you say is true. But just as I want to be able to access my home directory whichever of my employer's offices I'm in, and I've been in them on three continents, I'd quite like to be able to have my private (home home?) directory available wherever I am. And my email. And my contacts. And my calendar. And (personally) I'll trade access to it on the rare occasions the big data centre goes out for not having to do backups and figure out the replication strategy. Do I care if I can't access photographs of my holiday last year for twelve hours? No. Their loss, though, as my home disk crashes is king of bad.

Now I can lash some of that together with Google Apps and/or .Mac and/or Amazon S3, and indeed I have done that. I have a private WebDAV server in a data centre which I back up to S3, and I mount that WebDav'd directory on each of the machines I use (your company security policy may, and probably does,. vary). I run an IMAP server on it, a Squirelmail interface for when I need it, and I outsource the calendaring to Google. But it's a bunch of hacks. Back to Mac or whatever it's called is sort of tempting, but is a bit Mac-specific and will probably struggle over ADSL upstream bandwidth from home.

If there were a service which provided a desktop, accessible from a web page in the manner of Citrix Remote Access Gateway, from a thin client which contained no state, a large market of people who need computing but don't need games would be prime targets.

Re:Thin client

[TooMuchToDo]

You're solution sounds excellent. Can you provide any details on the WebDav part of it?

Re:Thin client

[igb]

I've just got a lump of space on a whitebox PC (mirrored disks with ZFS on Solaris 10, but others will prefer Linux) served up with the Apache WebDAV module (which ships with Solaris). Were I really paranoid I'd create a zone to run the web server in, but as things stand it's not running as root and I'm reasonably comfortable with the security as it stands. The authentication is standard Apache, but I've forced all access to the directory to be via https to avoid sniffing (the data centre is actually a University CS department machine room). Access from Mac is standard OSX stuff (just sue the Finder to map https://.../ from Windows is Web Folders (again, https works) and from LInux is davfs2. Solaris is a little trickier...

Amazon S3

[NickCatal]

I already do this a bit with Amazon's S3 storage system. It is really nice being able to store files anywhere and paying all of $0.03/month for it.

But hey, I'll take free any day.

On a somewhat related note: It would be great if Google bought the LexisNexus people. Having public access to their database would be a great public service.

Re:Amazon S3

[Jon_S]

But will gFiles (or whatever) work with rsync. No rsync with S3 is what is holding me back from that.

Re:Amazon S3

[caluml]

I wrote a little version of something like this. Java + Fuse = mountable filesystem that is accessed via a process. Copying files to it encrypted, uploaded it, and made a note of it in a SQL table. Listing was SELECT filename FROM files;, and you could copy the files back from it. Worked fine.

Re:Amazon S3

[NickCatal]

rsync doesn't work with S3, but s3sync does

Re:Amazon S3

[aengblom]

Google buying LexisNexis wouldn't really do you much good. If Google bought -- and opened up to the public -- LexisNexis, most of the content providers would quickly drop out of the service (or significantly hike their rates) since Google would essentially be selling their content to their audience.

In other words, Google now has to come up with and payo ut the revenues of LexisNexis' 32,000 sources to keep the service together.

If you're not aware, that's a lot.

Re:Amazon S3

[CdBee]

if you use Jungledisk to create a r/w (via webdav) filesystem on S3 you can rsync against that trivially

Re:Amazon S3

The problem with S3 is that it doesn't support any standard network file systems. If it supported NFS via SSH, I know dozens of customers that would use it. As it stands now, I only have one customer that is using it while they're building a new data center.

Re:Amazon S3

[Jon_S]

If you check the linux forums for Jungle Disk, there are lots of people having problems with the rsync over an S3 bucket mounted through WebDAV. The problem seems to be in the webdav implementation, but its a problem nonetheless.

But I hadn't found that s3sync before. That sounds like it would do the trick. Thanks Nick for the tip.

Now my only problem would be the lousy 256 kbps or whatever uplink I get with my Verizon DSL. I wouldn't mind the slow uplink but saturating the uplink also saturates the downlink (1.5 Mbps). I could never figure that out. Sure, go ahead and discourage P2P with slow uplinks, but why does that have to make the connection almost unusable to the rest of the family surfing the net or me listening to streaming radio? I actually don't do P2P, but do a lot of cartography and am always uploading large image and/or PDF files to webservers.

Re:Amazon S3

[leoxx]

There is also duplicity.

Re:Amazon S3

[tehcyder]

On a somewhat related note: It would be great if Google bought the LexisNexus people. Having public access to their database would be a great public service.

Why, are Google a charity now?

Re:Amazon S3

[filmotheklown]

When you saturate your uplink, you are preventing ACK packets from efficiently responding during downlink. When you receive a downlink packet, your computer sends back and acknowledgment packet. If your saturating your uplink with an upload, then your ACK has to get in line to be sent out, thus slowing the response time by the sending server to send you more packets for your download.

On Mac OX we use "Throttled" which allows you to limit your upload speed in exchange for allowing you to saturate both upload and download at the same time.

For example, our service is 768 up / 3mbit down. At our location this translates to raw speeds of 85KB up and 327KB down. With Throttled, we limit our up to 75KB, thus providing 10KB of overhead to allow ACK packets to be feed during downloads. Works great and you tweak it until you get the maximum UPlink speed versus DOWNlink performance. We consistently now saturate both our uplink and downlink at the same time at 75KB/327KB

Careful - Amazon has a patent.

They developed that just after one-click.

User-centric Encryption needed

[mwilliamson]

Google needs to incorporate encryption with keys totally held and managed by the end user in such a way that even if Google is subpoenaed or shown national security papers, Google would be technically unable to access end-user's data. Another words, at no time should Google have access to any of the user's cleartext nor the user's secret key. Decryption would all be client-side. A subpoena or national security letter would have to go directly to the end user who would then at least know they are being served.

Re:User-centric Encryption needed

[BlueParrot]

Technically they don't actually need to implement any form of encryption other than SSL for the transfer. There's already plenty of tools arround for users to encrypt their files, and truecrypt can even create an entire filesystem inside a single encrypted file. Thus all google really needs to do is to not prevent users from uploading files they have encrypted themselves. The client-side tools already exist, no need to reinvent the wheel.

Re:User-centric Encryption needed

[Zarhan]

Not gonna happen.

Their business is advertising.

So, they will be reading through your documents so they can put up some ads when you are browsing your files online. Putting your home finance excel sheet to gDrive? Be prepared to see TaxPlanner ads on the sidebar. Putting your holiday photos to gDrive for backup purposes? They'll probably go through the EXIF data and send you ads about latest Canon products (or whatever your camera model is).

Re:User-centric Encryption needed

Could Truecrypt's security become compromised if file access patterns could be observed at the filesystem level?

Re:User-centric Encryption needed

[Fleet+Admiral]

They might be able to detect where the normal and hidden partitions are located on the disk by looking at read/write patterns, but I don't believe this would enable them to break the cypher

Re:User-centric Encryption needed

[mwilliamson]

good point...this would be useful in finding the "container within the container" technique used in truecrypt. The national security letter would be written in such a way that the drives themselves would be monitored at a low enough level to confirm the probable hidden container. Of course, with GFS spread across multiple drive arrays connected to multiple servers connected to multiple data centers residing in multiple countries, it would be a real bitch to implement.

Re:User-centric Encryption needed

[Anonymous+Brave+Guy]

Not gonna happen. Their business is advertising.

Sorry, I've posted in this thread already so I can't mod you up. But your post is right on the money. All these people talking about encryption are forgetting that storing the data in an independently encrypted way simply isn't in Google's interests. And if people start encrypting everything themselves, as any smart user of the service clearly would if they used it at all, then Google will either find ways to link those users to other services so they can guess which profitable ads to include, or they will simply cancel the service if it isn't making money and isn't leading to something else they do making money.

Re:User-centric Encryption needed

Hate to throw cold water on this, I think you have the right idea. But I once worked for a project that tried to implement just such a scheme and it had serious problems. The number of customers who didn't understand the system was large, even though it's remarkably simple. You end up with a great number of support calls saying "I lost my keys, please can YOU unencrypt the data". Further, in many juristictions, if you become involved with encrypting/decrypting users data then you become a target for legal actions to force you to break your contract with the user. To that extent, the laws of many countries are now inconsistent with themselves.

The most workable system is simply one that transparrently stores data, while a third party upload application does the transcryption. The owners of the storage system gain a great deal by encouraging their users to encrypt. If all data stored on the system is encrypted from its source then the storage system owners *cannot* comply (technically or legally) with any attempt to search, mine or divulge their users property.

Re:User-centric Encryption needed

[crt]

That's what makes a solution like Amazon S3 with Jungle Disk appealing - your data is encrypted transparently before it leaves your machine with a personal, private key, and no one (Amazon included) can access it.

It's doubtful that Google or most other online storage provides will offer that however - they want to tie your data to their applications (e.g. edit your documents online, share your files through their web site) - and that just doesn't work if they can't read your encryption.

Re:User-centric Encryption needed

[jfuredy]

Sorry, I've posted in this thread already so I can't mod you up. But your post is right on the money. All these people talking about encryption are forgetting that storing the data in an independently encrypted way simply isn't in Google's interests. And if people start encrypting everything themselves, as any smart user of the service clearly would if they used it at all, then Google will either find ways to link those users to other services so they can guess which profitable ads to include, or they will simply cancel the service if it isn't making money and isn't leading to something else they do making money.

It may be true that Google wants to be able to read your data to serve ads, but the real question is, how many people would actually use it on all of their data? And will Google go out of their way to prevent encrypted data uploads for the small percentage of intelligent and vocal users who want encryption? My bet is that they don't provide encryption, but that they don't prevent it either.

Re:User-centric Encryption needed

[DrCode]

Very true. So if they see that you're carrying on an affair, they not only can send you advertising for "discrete" hotels, but they can give your spouse ads for private investigators.

Re:User-centric Encryption needed

[The+Famous+Brett+Wat]

Contrary opinion here.

• Most people won't encrypt when given the option to do so, because encryption requires keys and keys are inconvenient. Laziness wins, so Google won't lose significant ad revenue through offering the possibility.
• They already offer things like POP service on Gmail which performs an end run around ads. They are introducing IMAP as well, which is worse from a simplistic ad revenue perspective. Google are not as blinkered by revenue prospects as you suppose.
• Having refined the service on a voluntary army of beta testers, they can sell a "pro" version (probably bundled into Google Apps), as they do with Gmail.
• They can still target ads on the basis of file names and types, even if the content is inscrutable.

I'm more interested to know what file access protocol they'll offer. Yes, they'll have a web interface, of course, but I suspect they'll also offer CIFS access (using Samba derivatives at their end). If they did that, then encryption would be possible at the client end, which is where it ought to be (for various reasons) in any case.

Encryption method?

[BlueParrot]

What kind of encryption would you use for this?

The most secure would be to store a single large archive of all your files encrypted with a strong cipher, but that has the disadvantage that you have to download it all to decipher it.

Alternatively you could encrypt each file separately, which would speed up access considerably, but also leak more information about what you are storing (i.e many small files vs one big one ).

I guess if the data is sensitive enough to require the former type of encryption you shouldn't transmit it over insecure connections to begin with...

Re:Encryption method?

[mwilliamson]

There is no need to decrypt the entire file to be able to use it. You can design a file system so that only the blocks needed are decrypted and you can basically use the file system just like a live file system with the crypto layer keeping it all very much transparent. Using Google's online file storage in such a way that you could mount it like a drive, then sticking a truecrypt container in it would give the desired effect of my previous post.

Re:Encryption method?

[roggg]

If data is sensitive enough, people won't outsource the storage to large, publicly accessible data centers. But for the mass market, I don't see a big problem. I already have my resume, household bills spreadsheet, and Christmas shopping list (not to mention all my mail for the past year) stored with google. I don't care about privacy for this data. I'm not up enough on home network security to do a better job protecting it than google, and quite frankly, the convenience of "access from anywhere", and publish/collaborate features outweigh any concerns I might have. In short, I am an average low-end user. I could see a market for isolated and encrypted corporate data stores, but that would be a different beast.

Re:Encryption method?

[Poromenos1]

Personally, I'd use the OSS gDrive file manager that will be developed, which will in all probability GPG encrypt each file before uploading and decrypt after downloading, rather transparently. It might even go one step further and assign random filenames to the files while keeping an encrypted lookup table to the original filenames so it can display them to you.

Re:Encryption method?

[MoralHazard]

Or, you could use per-block encryption to allow random seeking on file access operations, with block granularity. You might think that block granularity isn't true random access, but it's what hard drives do (you have to read/write from the drive in terms of 512-byte sectors, not individual bytes).

This method has a side effect of reducing the amount of side-channel information that a server-side spook-installed tap can gather. He'll see your access patterns, in terms of whether you're reading and writing small or large chunks, whether your access is largely contigous or not, etc. But he doesn't know which block belongs to which file, so this information is of limited usefullness to him, aggravated by the amount of fragmentation in the "partition".

Actually, you could implement a model of this right now: export an iSCSI volume on the "server" side, and mount it on a Linux client that supports some kind of block-level encryption. This doesn't guarantee the data integrity against third-party tampering, so you'd probably want to add IPSEC IKE to the connection, too, which is minimally performance-impacting.

Re:Encryption method?

[DrXym]

Potentially you could create a modest size truecrypt volume (e.g 10Mb) and store your docs in that. Download that and mount it as a drive and you can read the files direct. The disadvantage is you must upload the volumn file to google again, which is why the file size can't be too large.

A very old idea

[Rob+T+Firefly]

This shouldn't be a surprise to anyone. It's Google, and it's one of the oldest ideas on the Internet which they haven't yet done; before the dot-com bubble burst there were at least half a dozen sites that claimed to provide an online "drive" of sorts - X-drive and E-drive are ones that come to mind, I think they advertised on the radio. Going further back, I remember using an online storage service on CompuServe in 1995 or so.

Re:A very old idea

The problem with all of the ones I've seen, including the three you mentioned, is that they are proprietary. They all made it nearly impossible to get your data to and from them. It's no fun trying to upload 10k files through a web interface. If someone supported an open standard like NFS then they would take over the market.

storage g-spot

is the name of the service

Microsoft's Dream

This is essentially Microsoft's dream world.

Don't pay for a computer, let Microsoft 'give' you one. (for a low monthly fee)

Don't need a harddrive, let Microsoft store your data for you. (for a low monthly fee)

Don't buy applications, let Microsoft 'provide' them to you, on-demand. (for a low per-usage fee)

'Mainframe' computing is coming back. Be prepared to pay for cpu-cycles again. Don't worry, they will handle it just like the cell-phone model. Pay a low monthly fee, and then get nickled and dimed for all the extra 'little things' you have to add to make the service worthwhile.

Just don't expect any security, reliability, and oversight, those are just annoyances, consumers shouldn't worry about that stuff.

It's just like paypal, that wants to act like a bank, without any regulation, insurance, oversight, etc.

Don't worry your pretty little heads over this, Corporations always know what's best for us.

TrueCrypt support would be tasty!

[Jugalator]

Hmm, if Google's encryption plans are lacking, how about a mountable GDrive in TrueCrypt, popping up as a partition with the traditional encryption methods of TrueCrypt? :-D

:-------D

OK, so that was last part was really unnecessary, but still...!

So not smart.

[deepershade]

I really hope I'm not the only one that doesn't believe it's too smart a move for anyone to store all their data in a place that they can't physically access.

Re:So not smart.

[mwilliamson]

Just create a RAID set with Google's online competition who will certainly all step up to the plate.

Re: So not smart.

[th3rtythr33]

It may not be a great place for your sensitive data, or for a single copy of data - but it might be a great place for every undergraduate college student in the world to back up their homework. That way, when limewire unleashes its viruses they don't have to beg for mercy from their die hard instructors.

Isn't this taking a step back?

[whowe82]

I love Google, don't get me wrong, but isn't this a step back? Privacy would be another concern. I think I'll just keep sticking my data on my home Terabyte NAS so I can keep it semi private.

Name Suggestion

[HangingChad]

I suggest calling it gPorn, because you know that's what's going to be on there.

android

[jwegy]

I imagine this will be a big part of the android platform. Any android device can be a 'dumb' terminal for your data. Let's just hope it's encrypted for the sake of the people that will inevitably place sensitive data on their 'g-drive' via their phones.

Re:android

[4D6963]

Any android device can be a 'dumb' terminal for your data.

Excuse the necessary pedantry, but do you realise that something cannot be a "dumb terminal for data", and that it's quite an insensible way to formulate it regardless of what the term "dumb terminal" actually means? Are you aware of the fact that "dumb terminals" involve remote processing, and not mere access to remote data? I just had to clarify this, as people keep talking about dumb terminals and thin clients as it actually has little to do with the topic at hand.

Re:android

[jwegy]

Yes, I'm quite aware of what constitutes a dumb terminal, such as my VT 420 which is a dumb terminal depending on your pedantic threshold ;-).
Regardless, I did put the term in quotation marks which is common syntax to show disagreement with the way the word is being used.
I was simply eluding to the fact this may play a role in their android platform for mobile phones. In that context, thin client is a more appropriate term(hence the quotes for dumb terminal). This is especially true if you couple a web application(or web service) accessed from the phone with their online storage.

So how is mass remote sata storage

[future+assassin]

any easier and safer then buying and external HD for $120 or less and sticking it into your USB port? I'd trust a corporation with my own data as much as I'd trust a crack head to hold my ball of coke while I tie my shoes.

Some say well you can access your data anywhere! What data? Your financial data? Health Data? I sure as hell wouldn't trust anyone but the party thats needs that data with keeping it private/safe. If its online its gonna get snooped on eventually.

The new P2G2P

[Thanshin]

So anyone will be able to take the latest movie, upload it to a google account, and give the password in a forum.

It's like P2P but Google pays the uploading bandwidth!

You could even use the movie name for the account:

0000000000-MoviesAhoy-TheMatrix
0000000001-MoviesAhoy-Slashdot, the movie
0000000002-MoviesAhoy-Pr0n (1) ...
0003814661-MoviesAhoy-Pr0n (3814660)

Probabilities

[Anonymous+Brave+Guy]

I have/still have all the concerns about my privacy, but the offering was too tempting to pass up.

And that is why things in today's database-driven, surveillance-obsessed society are going to get very much worse before they get better.

It's quite sad that even after the big leak here in the UK last week, things have gone quiet on the political front and there isn't a sustained media attack on our underpowered privacy and data protection laws.

Re:Probabilities

[rgiskard01]

True.

But there are things we can do in the meantime to limit our footprint and protect ourselves while taking advantage of some of the benefits services like Google offer. Granted it is a trade-off, but one can limit their exposure if they want to.

And things will get better. History shows things move in a pendulum. Civil liberties have been under attack in the past, and when things moved to far in one direction, events happened to turn the tide in the other direction. We will see the same thing here, and I think we are already. Unfortunately, we have gotten lazy. But if you look closely, I think you'll see the pendulum is slowing and civil liberties and privacy concerns will be protected to a greater degree in the near future.

At a minimum, a new Administration will be a breath of fresh air in this regard.

I don't get it

[jav1231]

Haven't we the public shown that we don't want our data online this way? And they pursue it anyway. You hear all of these reports about Google becoming the next Microsoft. This sounds very Microsoftish.

Re:I don't get it

[LWATCDR]

Flicker, YouTube, Gmail, Hotmail, Yahoo briefcase....
The public has show that it loves putting its data on the internet.
Hack I use gmail/yahoo mail for backups. I just email files that I want to backup from my gmail account to my yahoo account. Instant redundant off site backups.

Re:I don't get it

[CdBee]

Speak for yourself

Web apps like google docs and gmail are great as now I can have all my wordprocessing and spreadsheets accessible from any compliant computer, and from my laptop and desktop without sync issues. Nothing confidential goes into it, but for everything I'm not sensitive about its fantastic

Likewise online storage. I'll use it to back up any files i wouldnt care if the word saw, like my old holiday photos, my mp3s, maybe some downloaded video if usage allowances permit. Presently my photo album and my self-made videos (phone-cam stuff) are all in S3 as I can't really replace my memories if I lose them, and onsite backup isn't reliable enough (think fire, drive lifespans, DVD-R lifespan, etc).

I used to run an SFTP server on my main machine so I could access my stuff while away. No need any longer.

Re:I don't get it

[pembo13]

Haven't we the public shown that we don't want our data online this way? And they pursue it anyway. You hear all of these reports about Google becoming the next Microsoft. This sounds very Microsoftish.
Not sure that it sounds Microsoftish. But while Slashdot may have shown that they don't, but the typical internet user seems to love to store every bit of their life online.

All your data are belong to us.

[CryptoEngineer]

...someone had to say it.

already working great

They are increasingly using the Web to access applications and files stored in massive computer data centers operated by tech companies such as Salesforce.com Inc., Microsoft Corp. and Google. Such arrangements, made possible by high-speed Internet connections between homes, offices and data centers, aim to ease users' technology headaches and, in some cases, cut their costs." Why yes, I personally access all my music, movies, tv shows, applications and porn from a massive computer data center called bittorent and have found it to reduce drastically my costs !

EPIC 2014

http://robinsloan.com/epic/

Already Done it;s called Amazon S3

[bangzilla]

Amazon has been doing this for ages - very well I might add. What does Google bring to the party. Advertising? Big whoop. I like the privacy of my data. I don't want Google scanning my data as it scans my email. That's taking things just too far. What next? Google coming around to my house to check my desk draws.....?

Re:Already Done it;s called Amazon S3

[yoduh]

While I love S3, its not for the common person. If Google used an S3-style system as a good backbone and added a few very usable features it would be an improvement. I like the power of writing my own scripts and controlling what I send to S3, but I'd like to have more power to see what is in my buckets. I can do list command, but I'd like to know sizes and dates and to be able to query that information easily. Even just view it in a web control panel just to grab a small file from it.

Re:Already Done it;s called Amazon S3

[TooMuchToDo]

So Google should do S3, but give you the convenience of a web interface as well as the power of an API? By god! I think it's possible! =)

Sorry, it's been a long day ;)

that is what a warrant canary is for. My storage.

[enselsharon]

... provider publishes a weekly statement indicating that no warrants (secret or otherwise) have been served on the hardware/premises, etc.

You can see it here:

http://www.rsync.net/resources/notices/canary.txt

As for offsite backups in general, I trumpet this service as loudly and as often as I can - it surprises me that the FOSS (and privacy/crypto) communities do not talk more about rsync.net - they do things the right way.

You won't ever be able to pick up the phone and talk to someone at google, and you certainly won't have a totally open, standards-based filesystem.

Re:Encryption method? - the answer is duplicity

[enselsharon]

duplicity:

http://duplicity.nongnu.org/

is a mash-up of (lib)rsync, tar, and GPG. Plaintext, normal filesystem on your end, and a big bunch of gibberish tarfiles on the remote end.

The remote end can be anything - it just needs to be accessible via plain-old scp/sftp (or ftp).

A new version of duplicity was just released and because of a bounty and ongoing funding provided by rsync.net:

http://www.rsync.net/resources/notices/2007cb.html

there is a permanent maintainer dedicated to the project now. I don't use it for all of my data, because one of the main selling points of rsync.net was the ability to just connect and browse with any old sftp/scp based client - and that won't work if the files are all gibberish tarballs, but for my "important" data, I do use duplicity and point it at a special directory.

OT: Mozy is a great choice, if it works

[IsThisNickTaken]

Just wondering if you've had success with Mozy. I have been using the OS X beta of Mozy's backup tool and have not been able to create a successful backup. I keep getting connection lost error messages when it tries to upload my 2 GB VMware virtual disks.

Re:OT: Mozy is a great choice, if it works

[TooMuchToDo]

I've tested Mozy and MozyPro. All in all, my experience has been so so. I'd definitely use it for small clients, but not in an enterprise situation.

Re:OT: Mozy is a great choice, if it works

[gbjbaanb]

I don't use a Mac, but it's always worked for my home PC. Perhaps 2Gb per file is past some limit and I'm not sure you'd want to use it for such very large files. Here, you're better off with a networked/external drive (or even a DVD-RW).

Try telling the Mozy people.

Re:OT: Mozy is a great choice, if it works

[CdBee]

Mozy's a joke - if you want online backup, JungleDisk ($20, one-off) plus Amazon S3 ($0.18/GB/month) are the way do store a 2gb file easily and safely

Well, you're not totally paranoid.

[raidfibre]

I'd be highly surprised if they could even decrypt triple-DES easily. (for very difficult values of easily).

DES is singly the most researched encryption algorithm, and as such it shouldn't be written off yet, but I'd say it could be trusted in the form of triple DES.

You make a good point that anything over 128 bits is uncrackable by brute force methods. There are other ways of reducing the effective number of bits, however; these are generally purely academic in nature (differential, linear cryptanalysis). And of course there's always the fact that at some point the data will be unencrypted in order to be useful, which brings about my favorite form of cryptanalysis: the "rubber hose" method. (credits to Bruce Schneier)

Torture is the easiest form of cryptanalysis by far. Thugs are cheaper than PhDs.

- MK

Web based applications

[wilsonthecat]

Google's push underlines a shift in how businesses and consumers approach computing. They are increasingly using the Web to access applications and files stored in massive computer data centers operated by tech companies such as Salesforce.com Inc., Microsoft Corp. and Google

We've been hearing this prediction for 5 years now and it annoys me when someone makes it. Yes for for small businesses and home users, using online word processors, spreadsheets etc. makes sense as you don't have to worry about backup and you can share them. For medium sized businesses upwards it makes no sense at all. If your internet connection is lost, your business is screwed. For law firms for example, this can cost millions per day or even hour. There's also the usual issues about privacy and storage with 3rd parties.

In the heartland?

[JaDoh]

http://www.desmoinesregister.com/apps/pbcs.dll/article?AID=2007711260321

Re:Amazon S3 - really good

[Mopatop]

I've spent the day implementing off-site backup with S3, and let me just say: It's freakin' awesome. If I had a reasonable upload, my MP3 collection would be on there. £15/month for 120G is easily worth it, and it's already on a RAID1 array.

I'd probably contemplate suicide if I lost it.

Less Risk

[EgoWumpus]

Data corruption/loss would be a problem though.

Less so, I think, than if you're asked to keep track of your own stuff. Businesses drop big bucks on making sure they have backups of all computer files because the average person simply cannot be relied upon to do it themselves, accurately and regularly.

Privacy must be defended

[Anonymous+Brave+Guy]

In the information age, perhaps people's expectations need to change? It needs to be realised what you really do in public is not local but global.

Alternatively, maybe we should introduce legal safeguards that apply to data, taking into account the much greater storage, data mining and communication facilities available today? Just because we can do something, does not mean we should, particularly where "we" means governments, businesses or other groups with disproportionate resources rather than private individuals.

In fact, I would argue that to some extent this is inevitable. Everyone does things in "public" (which apparently includes people observing things inside your home from outside, for the purposes of this debate) that might be embarrassing as a minimum, or potentially even dangerous. It needn't even be what you were actually doing or some item you actually possessed; anything you could be misconstrued as doing or appear to possess counts, too.

Have you ever left a credit card statement on a desk visible from a window? Mistyped a password in a clear text field and then immediately deleted it? Followed a link from a normally reliable web site and found the content that appeared on your screen was not what you expected? Said something in your home that might be misunderstood if taken out of context? Had a visitor who looks a bit like someone who's been in the news recently? Of course you have, many times, and so has everyone else.

If we go down the path of saying everything that ever happens that is observable even momentarily from a public location may be permanently recorded and searchable by absolutely anyone, then privacy will be dead and we will have killed it. Humanity has evolved to respect privacy for a variety of good reasons, and the consequences of breaches in privacy can be life-changing or worse. If the highly resourced Big Guy gets to do whatever he likes in terms of invading the Little Guy's life (as long as it's done from a public place, naturally) then we're basically condemning anyone to suffer arbitrary, unaccountable damage if anyone else doesn't like them, and that is not a healthy path to tread.

AES security and crypto in general

[Beryllium+Sphere(tm)]

As the old saying goes, if you count on crypto to solve all your problems you don't understand crypto and you don't understand your problems.

The point that your data can and will be attacked while it's in plaintext is well taken. A networked machine running a web browser (the Sendmail of the 21st century) is a low security device, even with a good operating system. Google for "Scarfo", the mobster who was using PGP but also had an FBI keylogger on his computer.

As regards AES, though, we've got good reason to think it's resistant to cryptanalysis. The NSA is also in charge of protecting government secrets from foreign snoops and has approved AES for protecting classified data.

The low security of a workstation cuts both ways in an argument about gDrive: because your data is already at risk sitting on your hard drive, storing it encrypted on gDrive might not be any worse.

Security without threat modeling is like bricks without straw. What are we protecting data against? Loss, primarily. I trust Google's backups more than I trust mine (but I'd tell a client to look for a provider willing to sign an SLA). Unauthorized copying by crackers? AES should be an adequate control to cover that risk. Subpoenas? An attorney with two brain cells to rub together will subpoena the decryption keys, so no help from AES there. Vacuum-cleaner style mass government surveillance, looking for keywords like "Tibet" or "Falun Gong"? AES should prevent that. Government criminal investigation? You could (in the US) argue that surrendering the keys would be self-incrimination and end up paying a lawyer lots of money to argue the point for years. Expensive and undependable security, but then in a criminal investigation there's not much security difference between gDrive and your local machine anyway.

If you have security needs you should do an analysis like that last paragraph, only longer. For lots of people encrypted files on gDrive might be just fine.

Re:AES security and crypto in general

[Shakrai]

The low security of a workstation cuts both ways in an argument about gDrive: because your data is already at risk sitting on your hard drive, storing it encrypted on gDrive might not be any worse.

Well, putting aside the criminal side of the justice system (they have these things called 'warrants' and in some nations can even force you to turn over your decryption key), what about the civil side?

You have no right to refuse to turn over something requested in discovery. At least with the data stored locally you have the (somewhat risky and likely illegal) option of "losing" it. Google's own privacy policy states that even if you remove data from their servers it will likely remain in "off-line backup systems" indefinately.

No, I will not be storing my data anywhere (encrypted or otherwise) that I don't control. When I delete something I want to be 100% certain that it is in fact deleted. And all of those people saying that AES isn't breakable are missing the point: It isn't breakable today. What about tomorrow?

Re:This sounds fun - Killing Off Identity Theft !

[thosf]

Besides having google list paid advertising messages with the data, I think your suggestion (with a twist) has Excellent merit.

Here's what we should all do. Post phony-balony (fictional) data so it can be harvested and merged with the existing data that compromises the identity theft databases.

After several months, the database will be all but USELESS because they won't know what data is valid and what data is false.

No one will want to buy identity data if it contains so much false information, that it becomes useless. It actually becomes DANGEROUS to the purchaser because there's significantly reduced payoff - while it increases the perpetrator's exposure to risk of detection and prosecution.

Every place you visit on the web should be an opportunity to "salt" it with fiction. I recommend that you forward this idea to everyone you know to rapidly make this happen.

I am starting this initiative here and now by posting my (false) data:

Robert DeScully
6733 Orion Ct. Apt-B
Ann Arbor, MI 48109
Occupation: IRS Auditor
Annual Income: $187,200
Soc. Sec. No.: 853-98-1294

To paraphrase mayor Daly, "Post soon and post often" (he actually said, "Vote soon and vote often.")

I wonder if they'll blame lost data on phishing?

[Dwarfgoat]

...like they do for Gmail users losing data? Google, the first step is admitting you have a problem....

Disappearing Gmail messages baffle users

Your position on this belies your experience

[gregory311]

Ever notice how the techies almost always rail against remote storage while the normal computer users think it is a great idea ?

What is really interesting is that Google could, in theory, link duplicate files. For example if 10,000 people have the Will Farrel "SNL/Blue Oyster Cult" video in their storage area, Google could soft link to just one copy and break the link if one particular user ever edited it.

Re:Your position on this belies your experience

[gentlemen_loser]

What is really interesting is that Google could, in theory, link duplicate files. For example if 10,000 people have the Will Farrel "SNL/Blue Oyster Cult" video in their storage area, Google could soft link to just one copy and break the link if one particular user ever edited it.

Or if the RIAA or MPAA deem you to be in position of copyrighted material or ...

If you don't phyically control your data media,

then you don't control your data. Duh!

virtual HDD

[nerdyalien]

In the begining of my university degree, I was carrying bunch of Floppy Disks to carry important files back and forth from university to hostel. Later I got a Flash Drive (it was only 128MB!!).. but after getting 1 GB Gmail account, I kinda gave up on Flash drive as I can email stuff as attachments.

Recently.. I tried several online storage options such as MEDIAMAX, ESNIPS and very lately SKYDRIVE (Microsoft one). Both mediamax and esnips provide >1GB space but still their UI is heavily bloated and upload speeds are not that great. However, lately I am using skydrive, which initially offered my 512 MB.. now 1GB. So far so good, not much of drama.

I enjoy these online storage. As a researcher, I like to store my currently working documents on one of these virtual HDDs, so I can access from anywhere and edit. Anyway.. still we are far away from online editing a .doc file (yes there are sites allow you to do.. but its much more convenient to download and edit with something like openoffice).

But the critical thing is, the connectivity. If there is no internet connectivity, cannot access any of the applications or data. That's the only draw back and the possible dead end I see.

Waiting to see Google's online data offer... hope it would be interesting... '5GB and counting!'

I'm waiting...

for google to offer high speed bandwidth and rack servers for free, gDatacenter or something to that effect.

Imagine having your own personal rack of servers that grows with you, all for free. All you have to do is have google ads on all the services you offer from the rack.

Another item in the data mine

Oh well. Looks like Google is figuring out another way to get the NSA more info for their data mine. Pretty soon, the government will know every single thing about you.

"Don't Do Evil". Bwahahahaha!!! Hilarious! I'll bet the Google guys sit around for hours every day just laughing about how gullible people are!

baby photos

[MikeFM]

I have a similar service in development. I expect porn to be a pretty popular use but I think the real area money will be made is in backing up people's photos and home movies. The average parent (and grandparent) has switched to digital photos and movies but doesn't have the know-how to properly safeguard these personal treasures. With our service all the user has to do is come to our website and log in and their photos and movies are indexed and backed up for them.

The file sharing abilties will no doubt happen a lot for porn sharing but it's the people who have photos they actually care about that are most likely to pay money for extra services.

Our open API will make it easy to built third-party services on too. It'll be interesting to see if porn is the number one creative path for third-party add-ons. ;)

What's the problem

[DynaSoar]

... with them searching your files for advertising keywords? They already do it with the search engine every time you use it. At least if they looked at your stuff and saw you solved, say the Theory of Everything, they'd know when you searched for "Nobel Prize" to give you ads for airline tickets to, and hotels in, Stockholm, rather than ads for buying a Nobel Prize on eBay.

If you want to stuff your pr0n or plans for a dirty bomb on their servers, an obscure compression technique (say the old Apple II ShrinkIt NuFX) after having converted your file to a UUencoded text file, will probably foil their attempts. A couple more such twists, and you'd foil the NSA much less Google.

Not the correct question

[Roger+W+Moore]

Is there any form of encryption that you believe people like the NSA cannot crack?

That is not the correct question to ask. The one you should ask is "Is there a form of encryption that MI5/NSA/... cannot be bothered to crack given the type of info encrypted?". Encryption is like securing your house. You only have to make it secure enough that the effort to break in an steal something is greater than the value of the contents warrants.

As long as there is a means to decode the message it will almost always be possible to break the encryption scheme if by no other means that hacking your machine and taking the decryption key (the possible exception may be quantum encryption technology). However it is extremely unlikely that any government would bother to do this to discover your secret recipe for mince pies!

Re:This sounds fun - Killing Off Identity Theft !

[True+Vox]

Damn it! Stop posting my data to the intertubes!!!

;D