Slashdot Mirror

← Back to Stories (view on slashdot.org)

Web-Based Private File Storage?

Posted by kdawson on from the dead-servers-tell-no-tales dept.

steve802 writes "Recently, someone died in our company, and word is getting around that the admins who were given access to his Outlook account have found personal things that are embarrassing at best (the rumor mill differs on what was found). No matter, it raises a question. I have personal stuff in Outlook folders that I would not want someone in IT to see if I suddenly dropped dead: emails to the wife, photos of the kids, that kind of thing. I also keep a journal at home that I save to a server; personal reflections that I never want anyone else to see, especially if I die. So I was thinking that some sort of web-based storage for files, individual emails, and perhaps even Outlook folders would be perfect. All my most private personal stuff in one place. I found CryptoHeaven, which seems to offer some of what I'm looking for — but it is pricey. I'm willing to pay, but something less than $400/year would be nice. Best would be a service with a dead-man's switch, so that if I don't access it in, say, three months, it auto-purges. Any thoughts?"

34 of 467 comments (clear)

  1. Separate them by Anonymous Coward · · Score: 5, Insightful

    Dont use personal info on work systems. Often time anything in there is usually subject to scrutiny.

    1. Re:Separate them by shentino · · Score: 5, Informative

      Indeed.

      Best solution to keeping your boss out of your personal stuff? Don't do personal stuff on company time.

    2. Re:Separate them by Profane+MuthaFucka · · Score: 3, Funny

      The restrooms are your own time. Do your wanking in there.

      --
      Fascism trolls keeping me up every night. When I starts a preachin', he HITS ME WITH HIS REICH!
    3. Re:Separate them by Anonymous Coward · · Score: 3, Insightful

      Absolutely. Never, never, never, never use your employer's computers for personal stuff. At all. Period. That computer is your employer's, and anything you put on it is also his. Whether that is strictly, legally true is immaterial. In practical terms, it is.

      You keep personal reflections in a journal that you never want anyone else to read, ever? Then, don't write it down. Duh. Anything you really don't want your survivors to ever under any circumstances see--physically destroy it. Don't have physical access? Oh, well.

      Assume that anything you write down, especially if you store it on someone else's computer, will be read by someone, probably the owner of the computer. If it's on your own computer, it becomes your wife or childs computer when you die. Anything you left there is theirs.

      Don't want to take this advice? Don't come crying to me if, after you die, somebody sees something you didn't want them to.

    4. Re:Separate them by spazdor · · Score: 4, Funny

      glory, glory-hole allujiah!

      --
      DRM: Terminator crops for your mind!
  2. Web-Based Private Is An Oxymoron by Maarx · · Score: 4, Informative

    Web-Based Private is an oxymoron. Why does this have to be web-based?

    It would be pretty trivial to set up a Linux distro with two hard drives, one with the simple operating system and the other an encrypted drive with a passphrase, and set up the OS to nuke the second drive if the current time is ever greater than three months from the last time the passphrase was successfully supplied.

    1. Re:Web-Based Private Is An Oxymoron by spazdor · · Score: 4, Insightful

      Web-Based Private is an oxymoron

      Actually, they have this thing, "cryptography" now.

      --
      DRM: Terminator crops for your mind!
  3. Work account? by The+MAZZTer · · Score: 5, Insightful

    Solution: Don't do personal stuff on your work account...

    1. Re:Work account? by grasshoppa · · Score: 4, Interesting

      No shit. OP: Bad news, if it's on company equipment, IT has already looked at it. Your fetish for donkeys is now well known.

      As far as the personal stuff at home; who cares? Family means never having to explain the albino midget you keep in the closet.

      --
      Mod me down with all of your hatred and your journey towards the dark side will be complete!
    2. Re:Work account? by TooMuchToDo · · Score: 3, Insightful

      Pay for a virtual private server somewhere. Tie it to a credit card or some payment method that you need to keep paying. You die? Payments don't get made, hosting provider nukes the virtual machine after X days for non-payment.

    3. Re:Work account? by Coren22 · · Score: 4, Funny

      Family means never having to explain the albino midget you keep in the closet.

      Dad?

      --
      APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
    4. Re:Work account? by roman_mir · · Score: 4, Insightful

      I have a better, more perfect solution.

      Don't die.

      (in the unlikely event that you do die, ask yourself a question: "why do you give a fuck what anybody finds out about you? Really?")

      --
      You can't handle the truth.
  4. Whats the surprise? by mschoolbus · · Score: 5, Insightful

    They can already read your emails..

  5. Why? by quarkoid · · Score: 4, Insightful

    I've got to ask the question, but... why?

    I mean, if you don't want anybody to find this stuff when you're dead, why bother collecting it when you're alive?

    And for the 'pictures' of the wife, what's wrong with a Truecrypt store?

    1. Re:Why? by stdarg · · Score: 3, Insightful

      After he's dead, he still doesn't want people to know because it'll reflect badly on him and make people he's close to feel bad or uncomfortable?

      I mean just because you'll be dead doesn't mean that you, now, alive, can't think of other people's feelings and how future revelations will affect them.

  6. Completely Disagree by TehZorroness · · Score: 4, Insightful

    When you die, your writings and works are the only thing left of you. They are the only way for someone to try to dig deeper into your mind and build up an understanding of your true character. A lot of crazy shit happens in a lifetime, someone may really appreciate you leaving a book of your reflections behind.

    1. Re:Completely Disagree by Angst+Badger · · Score: 4, Insightful

      When you die, your writings and works are the only thing left of you. They are the only way for someone to try to dig deeper into your mind and build up an understanding of your true character.

      Thanks, but I don't owe that to anyone. Period. The very thought of someone having unrestricted access to my private writings makes me feel physically ill. And it's not because I have any unusual skeletons in my closet, it's because that access would be a total violation of my personal boundaries. You're welcome to what I choose to share while I'm alive, and I share quite a bit, but I don't belong to you or anyone else. Quite frankly, I like the idea that I'll be completely erased by death. Having spent my entire life with claims placed upon me by family, employers, government agencies, creditors, and countless social organizations, it is no small comfort to know that something will escape the insatiable demands of my fellow man.

      --
      Proud member of the Weirdo-American community.
    2. Re:Completely Disagree by hairyfeet · · Score: 3, Informative

      Uhhhh...let me get this straight, maybe I'm misunderstanding you...You would WANT your family to know you were into Tranny Grannies and midget bukkake? Because lets be honest here, he is most likely asking the question because he has a fetish he has kept wifeypoo in the dark about and don't want her and the rest of the family to know about when he kicks the bucket. This isn't some deep dark poetry of his soul here, most likely one of your standard kinks you can get off any site like RedPorn.

      If I had to guess, based on what I've dealt with here at the shop, it will be either Trannies, B&D/S&M, or piss/shit related. Not exactly what you would want anyone trying to "dig deeper into your mind" to actually know you got a boner over bud. If I had to lay money I would bet on the trannies or B&D/S&M, as those two seem to be relatively popular yet people act like it was goat porn or something. I guess they figure it makes them "unmanly" or something, but as I tell my customers "As long as there is nothing illegal on the desktop I frankly don't care what you look at, because unless it is on the desktop on Windows folders or you specifically tell me to back up the folder you have it in I ain't gonna know about because I don't snoop". But folks act like they have to be some big deviant or something just because they have a porn collection. Big fricking deal.

      --
      ACs don't waste your time replying, your posts are never seen by me.
  7. Re:Freenet by Mordok-DestroyerOfWo · · Score: 4, Interesting

    Any web service, just create a TrueCrypt container. As long as you sync the container between your computers regularly it shouldn't be an issue. I've been doing it this way for about 3 years now (I keep all of my important data there for when I'm on the road). Works perfectly fine with Windows and Linux.

    --
    "Never let your sense of morals prevent you from doing what is right" - Salvor Hardin
  8. Discretion? by Xacid · · Score: 5, Insightful

    I'm kind of surprised I haven't seen any comments on the bigger issue - the IT folks entrusted with this data who let data leak (or at least rumors of the content). As a system admin - if you're at that level you're already not trustworthy enough to keep that postion and would probably be reassigned depending on the severity. Understandably if it's something illegal then it needs to be report it but even still - discretion is still required. It's no one else's damned business.

    Compare this to your HR person - would you like them to spill your SSN randomly here and there? Just because the guy is dead doesn't mean his data requires less care.

    Anywho - as far as technical solutions 1) don't put personal stuff on a work computer, 2) even some web space and an ftp account should be nearly sufficient if you just need a place to store files remotely that isn't easily accessible.

    1. Re:Discretion? by JumpDrive · · Score: 4, Interesting

      In our work area, what has happened is information has gone from the CEO to a VP and then to everyone else. Then IT gets blamed for the rumor.
      First time it happened, I was thinking "Do you think I'm a dumbshit", second time it happened I realized IT was going to be blamed for their knitting circle talk.
      After that I just started pretending I don't see it.
      But if it ever something seriously illegal, I'll tell law enforcement.
      Other than that I don't want to add to the knitting circle talk.

  9. Re:TrueCrypt? by ds_job · · Score: 4, Informative

    Which is what the two key "Plausible Deniability" feature is all about:
    http://www.truecrypt.org/docs/?s=plausible-deniability

  10. Re:GOOGLE MAIL by icebraining · · Score: 4, Insightful

    WinRAR? Turn over your geek card.

    At least, use gpg to encrypt it and Dropbox to automate uploading/downloading. Bonus points for an automated encryption system (encfs mount point, for example).

    --
    Dilbert RSS feed
  11. Re:TrueCrypt? by Andy+Dodd · · Score: 3, Informative

    Portable TrueCrypt requires admin rights.

    --
    retrorocket.o not found, launch anyway?
  12. photos of the kids by gandhi_2 · · Score: 4, Funny

    photos of the kids

    If you are afraid IT will see pictures of your kids, either you got ugly kids or you took the wrong kinda pictures.

    --
    THL phish sticks
  13. Re:Freenet by BarryJacobsen · · Score: 4, Funny

    >>>Mac OS X

    False advertising. Ooops. It doesn't work with all of Mac OS 10.x - only the more recent versions.

    It probably says it runs Windows, but doesn't run on Windows 1.0, either...Lying bastards.

    --
    Track your TV Shows with your iPhone - FREE
  14. Re:Freenet by JumpDrive · · Score: 3, Insightful

    If he really wants to protect it, then he should also encrypt it.
    My brother passed away a couple of years ago and I was able to gain access to his web server. I knew the CC used and the email address used. There wasn't anything on there, but the expected files, but if he wants to keep it secret permanent after death, then encrypt with a long key.

  15. Re:Encryption by vux984 · · Score: 5, Insightful

    After 10 unsuccessful attempts at entering the passphrase in a row, it destroys the key, never to be recovered again.

    If I was transporting a copy of the data across national borders, and I didn't want customs to get a copy... a self-destruct sequence makes a lot of sense. But to have a permanent sword of damocles dangling over the data by a thread... If I valued the data so much that I was willing to go to extremes to protect it... and then set it up to be irrevocably trashed that easily... I might as well just delete it now to save myself the aggravation.

  16. Re:Freenet by Anonymous Coward · · Score: 4, Insightful

    All this for stuff after you're dead. Who the Hell cares? You're either in heaven, hell, limbo, reincarnated with no knowledge of previous life, or worm food, and in any of those cases you've got bigger things to worry about (or nothing at all ever depending). I can see someone else wanting life insurance on you, but not you wanting it for yourself, since when it gets used you won't care, and that's a much bigger thing than whatever sicko porn collection you happen to have for whatever reason. Your reputation with other people means nothing once you die. Either there's some omnipotent being that already knows all that crap about you, or there isn't and either way, who the hell cares?

  17. Re:Freenet by MoonBuggy · · Score: 3, Insightful

    Why use TrueCrypt with OS X when you can do the same thing with built-in Disk Utility?

    Cross platform compatibility, source code which can be inspected, and a choice of ciphers and other security options.

  18. Re:GOOGLE MAIL by rwa2 · · Score: 3, Interesting

    Yeah, really! I don't know why anyone is paranoid about Google at all when your ISP and cellphone providers have all your data activity records on hand.

    I pay a bit extra for the "business" tier of service, so I can actually run my own web and email server on my home machine. I've pretty much been hosting everything on my own server since my college days. Never used / needed a USB stick for working on school projects, just pulled it in over the internet using PuTTy/PSFTP or more likely VNC+ssh. I even presented some final projects over VNC running a little opengl thing over VNC.

    I don't have a "smartphone" (call me old skool), but if I did all I'd need is a good ssh client (such as midpssh) and a good VNC client, and I'm in business. Works fine on my Palm TX PDA tethered to my dumbphone.

    For offsite backups, I occasionally rsync my home dir over to a friend's server, which I've donated hardware for (including hard disks, among other things). The sensitive stuff like financial records and nekkid pics of the wife are encrypted with PGP. The rest of the porn we all share.

    Frankly I'm more worried about data being lost forever than data getting "out". If I get hit by a truck, my dying words scrawled in a pool of blood will be the master password for my keyring vault so my wife can pay the bills online. I'll pass away very anxious about whether she can decipher the special characters properly.

  19. Re:Freenet by cayenne8 · · Score: 3, Funny
    "You encrypt your MP3 player? What are you listening to, exactly?"

    Probably those mp3's that get you high....and he doesn't want anyone messing with his 'stash'!!

    :-D

    --
    Light travels faster than sound. This is why some people appear bright until you hear them speak.........
  20. Re:Freenet by dan828 · · Score: 4, Interesting

    It could be that you want to ensure that people you care about won't be emotionally harmed by things you did and kept secret. In the military, if one is killed, they sanitize personal effects, destroy "little black books" and the like, just so that the wife or whomever back home doesn't find out about your time with the Thai hooker in Bangkok or the mistress you had while TDY in England. Frankly, it's a policy that keeps the "loved ones" from being harmed by things that it really doesn't do anyone any good to know about. Really, who is it going to help to know what a shit you were in private after you're gone?

  21. Re:Freenet by Mr.+Freeman · · Score: 3, Insightful

    Because your secrets could possibly affect other people. For example, your wife might not be looked upon too highly if people know that she married a guy that was into some weird fetish. Also, their secrets might be stored with your stuff as well. Those things should not be released.

    --
    -1 disagree is not a modifier for a reason. -1 troll, flaimbait, redundant, overrated are NOT acceptable substitutes.