Slashdot Mirror
Ask Slashdot: Keeping My Data Mine? (2015 Edition)
New submitter schklerg writes: Like many, I am tired of being the product of the corporate "cloud" overlords. To that end, I've got my own Linux server running Tiny Tiny RSS (RSS — Feedly replacement), OwnCloud (Storage / phone backup / Keepass sync / notes — Google Drive replacement), Coppermine Gallery (picture library), Dokuwiki (quick reference), and Shaarli (bookmarks manager — Foxmarks / Sync replacement). Crashplan lets me pick the keys for my backups, and the only thing Google Drive ever sees is a pgp encrypted file of various items. Next up is moving from gmail with iRedMail. Yes, the NSA may have it all anyway, but being under less corporate control is a nice feeling. What have you done to maintain control of your own data?
Good luck on finding anyone who can read a 9 track tape...that's where I keep my data.
That's pretty optimistic. I'm sure we'll have a duplicate discussion about this before the end of the year.
I put the stuff on my hard drive.
and with my GPIB card, I can control my lab instruments too, and keep the data in GeoCalc spreadsheets.
"Cloud" that, bitches. I guess I could connect the RR-Net to the web somehow.
What have you done to maintain control of your own data?
I did nothing and it worked. It's still all on my harddrives today. Cool, huh?
And they do the same to my NAS
Crashplan doesn't support reading for network locations unless you set it up as a VHD. How did you accomplish this? The VHD was an overhead I didn't want to deal with.
I bought a Synology NAS. I've got full control of my data, and sharing it in every possible way is extremely easy. They've got a ton of good packages you can use it with, so it's just installing the NAS, configuring your router, choosing which packages you want (ranging from just file browser in your browser, to a mediaplayer in your browser, to cloud like syncs, to every possible server you can imagine (vpn, web, svn, database, email, ....)) and all fully under your control :). :). so even if they don't give a package, you can get it on there yourself :). :). I was also considering rolling my own, but it's just not worth it imo.
It may not be open source, but it does run linux
I'm very happy i made the decision to buy it, they're not that cheap, but they work very well
I no longer consider things like my name, address, social security number, ip address, bank acct number, etc to be "my data." The only things I still consider to be mine are my pictures, films, and music which I back to to external USB drives that I store in a fireproof safe. I leave the bulk of the security of my personal information up to my providers and try to use hard to crack passwords. If there is a leak (I'm sure there will be, if not already) and it affects my livelyhood, I will hold the company that compromised my data responsible. I don't believe that I have any assets that could be attacked that aren't covered by FDIC or identity theft protection, and none (other than title for my house/cars and my 401k/IRA) are worth more than what I can get back in small claims court, so I just don't worry about it.
You can backup to other Crashplan clients.
"Old man yells at systemd"
I've moved from Python/C++ development on Linux to iOS development on a MacBook, but I've got the same setup as the Submitter.
However one thing I haven't found a replacement for, is online backup. I currently use BackBlaze, and it's soooooo damned stable, light-weight and easy to use... I wonder if there's self hosted alternative?
8 of 13 people found this answer helpful. Did you?
Gogs a self-hosted GitHub alternative written in Go
---------- ovidius naso
I just don't ever do anything on the internet. Ever. Crazy bad people live there.
I can "maintain control of my own data" while still using external services. All my data sits locally, and is backed up to multiple locations, but I also put plenty of it out there in the world. But Flickr or Tumblr or Facebook or whatever could go away tomorrow without me losing anything material.
I'm not sure what the whole "corporate overlord" thing is all about...either use the services or don't. I don't see either as a significant victory for good or evil.
---- Den ene knappen er powerknapp, den andre er Bender voice knapp "Bite My Shiny Metal Ass"
I had my own server, now a VM. $45 bucks a year. Does everything I want, and if I'm not happy with the provider I move it.
Backing up my data on a USB harddrive.
Seriously.. I don't put data on the web, in the cloud or anyplace I don't completely control and monitor unless it is absolutely necessary. IF it's necessary, it only goes encrypted. So here are my rules...
1. Don't put data on the net if you can help it. Avoid it at nearly costs.
2. When you *do* need/want to put data on the net, ENCRYPT it first, even if it's not sensitive.
3. NEVER put sensitive data on the net unless you have no other choices, then encrypted it using the best encryption possible.
4. REMOVE any and all data on the net you have no more need for right away.
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
If you really want to keep your data yours, you better be on top of all software updates. i.e. ownCloud has had 24 CVEs this year alone.
Thank you for this post schklerg, I was looking at replacing my Synology NAS with something that can do more and your post gave me lots of information in that direction.
FYI, the reason I am replacing the Synology is that it doesn't have enough processor power to run Plex, and keeps crashing under load. It isn't a bad product, just not enough horsepower for my needs.
APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
- Piwigo for photos, because Digikam supports direct uploads to Piwigo.
- Kolab for Email/Calendar/Contacts, because it support ActiveSync and thus iOS and Android support syncing out of the box. Also Kolab is pretty awsome.
- Seafile for cloud file syncing, because it is a lot faster than Owncloud
Please keep in mind that I recommend Owncloud as well, because it is a lot easier to install and maintain. You only need webspace. No one in their right mind should really be operating a personal email server in 2015. This is what Google Apps is for. If you earn minimum wage or above, anything you pay for Google Apps will be a lot less than the time you spent on maintaining an email server. I also use Keepass and sync the file.
- Firefox Sync is open source and uses client side encryption. So why bother with Shaarli? Maybe because Firefox only just now came back to the iOS platform? Note: Chrome/Chromium is nice, but not really for me. For several reasons. This is a thread about keeping your data to yourself, so Chrome goes out the window anyways. Then we have the repeating issue with the extensions
http://labs.detectify.com/post...
which applies to Chromium as well. And then there was the quality/packaging issue on Debian. Among other stuff. So why bother? I use Chromium frequently. Just not as my primary browser.
I currently use BackBlaze, and it's soooooo damned stable, light-weight and easy to use... I wonder if there's self hosted alternative?
BackBlaze stores your private key on their servers:
https://www.backblaze.com/back...
That doesn't seem very private to me. In fact, when you want to restore your data, the data is decrypted on the BackBlaze server, then zipped and the zip file is sent with the unencrypted files. You can add a passphrase to the private key, but again this passphrase needs to be entered into the BackBlaze website so that the files can be decrypted on the server. They promise not to store the passphrase. I love promises.
It is dangerous to be right when the government is wrong.
Only works if everyone else plays along. The problem with securing email has never been a lack of means but a lack of popularity.
Many, many years ago my boss was in Washington DC doing some intensive marketing and I was in San Diego trying to keep his operation on track. Since the stuff he needed was proprietary, we tried encrypting our messages (on DARPANET as I recall) for a while. That lasted about three days. Technically, it worked fine. Pragmatically, it was a monumental PITA.
You can't see ANYTHING from a car, You've got to get out of the goddamned contraption and walk...Edward Abbey
4 hard drives. Two operating in RAID1 in a Linux file server (CIFS.) 1 external hard drive which weekly automated backups are sent to. 1 external hard drive which is manually mirrored from the other external once every few months and stored in a safe place.
RAID1 lost a drive a couple months ago, no biggy, just replaced it, didn't lose a thing. The super sensitive irreplaceables (my source code primarily) are kept in a TrueCrypt volume on my AWS server. Just extra insurance against house burning to the ground or something.
I don't really care for all the fancy junk. I just use CIFS behind firewalls/over VPN's to shuffle files around as needed. Keep it simple, stupid!
Just wait for the NSA to stand up their own Cloud services (probably in their Utah data center) and let them host/store everything for you. Then you can kick back and stop worrying if they've got copies of all your data. As a bonus they handle all your backup needs too.
(I mean, if you've got nothing to hide ... and all that.)
It must have been something you assimilated. . . .
Crashplan allows you to host on your own environments, or peer with a friend and exchange diskspace for encrypted backups. You can even seed backups via removable disks to get a large backup hosted quickly.
I run an instance of Sandstorm, which is software you can install on a Linux server that lets you run other apps. Some features:
* One-click installs of any of 47 apps, like WeKan (similar to Trello) and Davros (similar to Dropbox) and Etherpad (which you probably already know about) and Piwik (similar to Google Analytics).
* Total self-hostability, with auto-configured free HTTPS certificates and dynamic DNS if you want.
* Security sandboxing of the apps against each other and away from the Internet, so malicious apps can't leak your data back to the app's author.
* A way to "share" an instance of any app, like on Google Docs.
* Total open source-ness.
Admittedly, I'm one of its authors too. So feel free to take this with a grain of salt. But I do use it every single day.
Also if your friends don't want to self-host, but want to use the same apps as you, the Sandstorm.io company runs a hosting service.
|/usr/games/fortune
I self-host and encrypt where possible. For other things, I use providers as trustworthy as I can find.
Email privacy is a tough problem, but a solvable one. I'm working on a project that will give me gmail-like convenience without entrusting my data to Google, and might eventually grow automated/transparent encryption capabilities. It's going to be a while before it's usable, though; nobody is paying me to work on it, so it doesn't get enough of my time. (The mailpile project overlaps some of my goals in this area, and might be worth a look to anyone interested in the topic.)
A Facebook replacement is another tough one, perhaps even tougher than email, but I believe it's also solvable.
Please keep asking questions like this, and sharing what you discover. The more of us we have thinking about these problems, the more likely we are to work out their solutions.
I think that was his point - that he hadn't found an easy self-hosted alternative. Do you have one?
I don't have a Data Mine to keep.
Isn't this more of an issue for entities like Google? They're the ones whose Data Mine is jeopardized by the kinds of rules adopted in the EU.
Only big companies and organizations have Data Mines.
Running all of that stuff is fun when you have the time, but frankly is a huge pain in the ass in the long run. Eventually you will shave that neckbeard right off and start using Gmail again, probably without any Slashdot article...
They have these things called "Hard Drives" and they can "Store Data" and even made into a "Raid" that can help "Preserve Data".
I have to go look up how much I owe Dr. Evil for the use of the quotes but expecting the online storage to be private is like wishing that an ice cube will protect you from a nuke.
_ _ _ Go for the eyes Boo! GO FOR THE EYES!
Christ, it's "back up", not "backup". You back up your data to create a backup.
The ironic thing is that encrypted messaging isn't hard. I always use a S/MIME certificate (even if I have to renew it myself), because my outgoing E-mail stands out because it is always signed, and if someone else has a S/MIME cert, email gets automatically encrypted between the two parties.
S/MIME isn't as secure as PGP because of the weakness with a CA, but it provides both data-in-flight protection as well as data-at-rest... "good enough" protection for a lot of tasks.
Of course, the problem is getting people to take the (relatively easy) steps to get a key, get the certificate, store the private key in a safe/secure place for a backup, add the key to their E-mail program and device, then turn it on.
The other problem is that people see the red ribbon in Outlook and then call the SOC that a user has infected them via Exchange, just because they think the ribbon is a warning, not a signature.
Stop using cloud services?
https://aws.amazon.com/glacier...
Let me quote something from that page:
$0.007 per GB
And of course I encrypt the files locally before uploading them. My private key remains private, and I have it backed up as well on physical media in disparate locations, not online.
It is dangerous to be right when the government is wrong.
rsync over ssh. The backup server initiate the connection. Use the backup dir option in rsync for incremental backups and a script to gzip the incremental backups.
Everything I write is lies, read between the lines.
I don't really like Crashplan. It's this humongous Java app which sucks CPU. But I agree it's probably the only practical and easy way to go about it.
8 of 13 people found this answer helpful. Did you?
So, when are you from? 1346?
Moderating "-1, Disagree" is simple censorship. Have the guts to post your opinion. -- Spazmania (174582)
This. I do this too using S3CMD. You can upload to S3 more easily than Glacier... so far a command-line based Glacier client is sorely lacking. Still, I upload to S3 and then have my S3 data set to archive to Glacier after 24 hours which it does automatically. That means the only files that are in S3 are the most recently changed or new.
Like you I have a script that locally encrypts with my own private key before upload. That private key I keep in my Owncloud.
Like you I have a script that locally encrypts with my own private key before upload. That private key I keep in my Owncloud.
I would love to see your script, if you don't mind sharing. Mine is "in development" i.e. I still prefer to do it all manually which means that backups do not happen as often as they should.
It is dangerous to be right when the government is wrong.
You're not getting my question. I've used Crashplan. You can't specify a network location as a location to backup. It's an administrative rights issue.
Drop me an email. This user name at nodecaf dot net. I'll be more than happy to share the script with you :)