Ask Slashdot: With Whom Do You Entrust Your Long Term Data?

jppiiroinen writes: F-Secure, a company based in Finland, has sold its cloud storage business to a U.S. company (Synchronoss Technologies, Inc) speculated to have ties to the NSA. In previous, public announcements, they used arguments equivalent to, "trust us, your data will be safe." Now, it's likely F-Secure simply realized that competing against the big players, such as Google and Dropbox, didn't make much sense.

But it makes me wonder: Whom do you trust with your data? And who really owns it? What about in 3-6 years from now? How should I make sure that I retain access to today's data 20 years from now? Is storing things locally even a reasonable option for most people? I have a lot of floppies and old IDE disks from the 90s around here, but no means to access them, and some of the CDs and DVDs has gone bad as well.

Argh pick one:

To whom do you entrust your data?

With whom do you trust your data?

Illiterate moron.

How

[rgmoore]

How should I make sure that I retain access to today's data 20 years from now?

If you really want to be able to keep your data that long, you need a serious plan. You need to back up everything to at least two separate devices other than your main storage, and you need to keep at least one of those devices off-site so your data can't be destroyed in a local disaster. You need to test your backups regularly to know if/when your medium is failing.

When a medium fails- or if you think it might be about to fail- get a replacement that uses more modern technology, and make a fresh copy. If you are ever about to replace your computer with a new one that can't read your old backup medium, buy newer media that does work with the new computer and make copies while you can still read the old ones. If you keep doing that regularly, you can always have a good copy that will work with your computer. It's more effort than copying to the cloud and trusting, but it means you're in control of your own data.

The real key is to keep making regular backups and regular tests. If you expect to be able to put something into a box and still use it 20 years later, you're in for an unpleasant surprise. You have to keep copying, testing, and updating your technology in order to have a serious hope of keeping up. If you do that, though, you have a very good chance of keeping access to your data at least as long as you have software that will still read it. I have 20+ year old data at work that I can still access because we've been careful about moving it to new media, and because the company that wrote the software is good about backward compatibility.

Re:Same answer every time.

[StormReaver]

Once you give your data to "the cloud" it ceases to be YOUR data.

It boggles my mind that people still haven't caught on to this. I'm going to expand on your message just a little bit:

Once you give your data to "the cloud", it becomes the property of government snooping agencies. It doesn't even matter if you're in a country that doesn't actively snoop (if you believe that such a thing exists anymore). Companies change hands, and they do so across political boundaries. Companies cannot be trusted with your data. Period.

Hopefully, this little incident opens some eyes.

Re:Same answer every time.

[lgw]

Once you give your data to "the cloud" it ceases to be YOUR data.

Now it belongs to whomever owns those servers.

You want to keep it? Then keep it on your own hardware.

"The cloud" is just too fuzzy a term. I have no problem with cloud-based file storage services, but I'd never put, say, my personal photos on an online photo-sharing service, or any other content-aware cloudy-thing.

My own hardware? That's silly. From Snowden we know the NSA can access files on my home server just as easily as they can on a cloud-based file server. If they take an interest in you, pretty much the only defense is a latop that you built before they took an interest in you and that you keep locked in a safe at all times when not using (I believe Bruce Schneier does this). But anything less than that, if they like you then you have a keylogger already, sorry.

All we can realistically hope to put our trust in is encryption. Even that's not easy (but if TrueCrypt passes it's audit, it's good enough for me). An encrypted archive is just as safe "in the cloud" as it is on a home file server.

Want to backup your data long-term and can't afford LTO tapes in a box out of state? Make one (encrypted) copy locally, but not in your house and not powered. Store another (encrypted) copy in the free files hosts if its small, or Amazon Glacier if you can't fit in the various free options.