Every time you upload a file, you generate a random symmetric key. You encrypt the file with this key and the key with your public key. If you want to download the file, you get the file and the encrypted key and then you decrypt the key with your private key and then decrypt the file. When you create the account, you upload your public key.

When you want to share a file with everyone, with no access control, you download the encrypted key, decrypt it, and provide it to the server. The server can then decrypt the file.

When you want to share a file with a limited set of users, you download each of their public keys (which you can cache in the client) and the encrypted symmetric key, decrypt the key, and then encrypt it once for each user. They will then only be able to access it with their client.

I'm not sure who you're 'we' as in 'internet community' is. We do have standards and off-the-shelf libraries for everything required to implement this and others have done so in the past (one of my colleagues during her PhD did back around 2006, to give one example, others have implemented more complex and flexible schemes more recently). Note that this is the simple textbook scheme for doing this kind of system. It's been implemented before and doubtless will be again. If you check the research literature then you'll find more interesting schemes.

The only problem is if you want to be able to access it from the browser, without some kind of plugin (Google actually does compile OpenSSL with Emscripten to do ASN.1 parsing, but I wouldn't recommend using it for encryption).

Gas lines need nonconductive sections to protect from becoming long ground loops.

It sounds like this transformer had its center tap grounded and was the path to ground on one side of a ground loop as the geomagnetic field moved under pressure from a CME, inducing a common-mode current in the long-distance power line. A gas pipeline in an area of poor ground conductivity in Russia was also destroyed, it is said, resulting in 500 deaths.

One can protect against this phenomenon by use of common-mode breakers and perhaps even overheat breakers. The system will not stay up but nor will it be destroyed. This is a high-current rather than high-voltage phenomenon and thus the various methods used to dissipate lightning currents might not be effective.

No, you'd have the key. If you wanted to share the file publicly, then there's no point in keeping it encrypted, so you'd provide the server with the key and it would decrypt, saving you the cost of downloading and reencrypting.

The client just needs one key, the RSA (or equivalent) public key. You'd need to copy this between devices, but it's relatively small (under 1KB). It's small enough to fit in a version 40 QR code quite easily, so you could set up mobile devices by displaying the QR code on your laptop screen and point the mobile device's camera at it, if you don't have any sensible way of transferring files between devices. The client then has to download the file and the associated key, decrypt the key with the locally-stored key, and then decrypt the file, but that's not something that's exposed to the user.

... the induced DC from a solar storm isn't as instantaneous as a lightning strike. It takes minutes to develop, which leaves time to disconnect the lines and affected transformers if they are properly monitored.

But ARE they monitored for DC? It's not a usual problem.

Warnings on the order of minutes might be useful if the transmission line were the only one invoved. Unfortunately, the power grid is a GRID. Lots of multiple, parallel, transmission lines, and many, many, more going elsewhere and often creating loops.

Redundancy is a good thing in most situations. But when you have to drop a high line, and don't drop all the others simultaneously, you shift the load onto those that are still connected. When you're cutting off because you're near the limit - either due to heavy load at the time or because of the DC issue - you can drive the others beyond their limits (or throw things out of sync and add a bunch of "reactive current" to the load) and create a cascading failure. (Indeed, this is how the first Great Northeast Blackout occurred: Three of a set of four high-lines crossing the St. Lawrence Seaway near Niagra tripped out, and the redistributed load put one after another generator above its limits, blowing its protective breakers and making it progressively harder on those remaining.)

Gracefully shutting down the grid is not something you do on a couple minutes' notice, even if you have a plan in place.

As I understand, the induced DC is something on the order of hundreds of volts, which is much less than the tens of thousands of volts transmitted across ordinary high voltage transmission lines; disconnecting them should not result in arcing problems across the switches.

First, the problem with the induced near-DC is not the voltage, but the current. Transformers and transmission lines have as little resistance as possible, because it's pure loss of valuable energy. The magnetizing alternating current (i.e. the part of the AC that's there all the time, not just when there's a load) is also limited by the inductance of the transformers, but that doesn't impede the direct current at all. A couple hundred "DC" (very low frequency - fractional cycle per minute) volts, induced for minutes around the loop, can drive a hysterical amount of current.

Once the transformer is saturated, most of the damage comes, not from the direct current, but from the line power, which ends up dissipating lots of energy in the transformer. Meanwhile, at these voltages and currents, the switches that interrupt the AC are largely dependent on the momentary off time as the cycle reverses to quench the arc. If, say, the event happened when the line was running at about half its rated load, the direct current will be higher than the alternating current, so there will be no off time. This can keep the current flowing even through an open breaker (while dissipating megawats IN the breaker). Interrupting DC is MUCH harder than interrupting AC.

Heck, at these voltages even interrupting AC is hard. (The video is of an interrupter where the jet of arc-suppressing gas failed for one leg.)

High induced votlages in open wires are a problem, but they're not the big one.

The biggie is common-mode currents in long high-voltage transmission lines adding a strong DC component to the current in the substation transformer windings - high enough that when the same-direction peak of the AC's cycle adds to it, the core saturates. Then the inductance of the transformer drops to the air-core value and no longer substantially impeeds the current.

The current skyrockets. The resistive heating of the windings (and the force on the wires from the magnetic fields) goes up with the SQUARE of the current. The windings quickly soften, distort, form shorted turns, melt, open, short out to the frame, etc. The transformer is destroyed, or committed to a self-destructive progressive failure, in just a handful of such cycles - too fast for the circuit breakers to save them (even if they DO manage to extinguish the arcs with the substantial DC component to the current.) Even if the transformer doesn't explode and throw molten metal, gigawatt sustained arcs, and burning oil (or burning-hot oil replacement) all over the substation area, it's still dead.

This happens to MANY of the giant transformers in the power grid. Each set of three transformers that has one or more failed members means a high-voltage transmission line that is shut down until the transformer is replaced.

There are essentially no spares - these are built to order. Building one takes weeks, and there are few "production lines" so little parallelism is available. What is destroyed overnight will take years to replace, while each intercity power transmission line is not functioning until the transformers at its end ARE replaced.

The current occurs because the transformers are organized in a "Y" arrangement, and the center of the Y is grounded at each end (to prevent OTHER problems). The transformers have enough extra current handling capacity to avoid saturation from the DC through that center connection to/from ground from ordinary electrical and solar storms - just not a giant one like we get every couple centuries.

The solution is to put a resistor in that ground connection, to limit the DC in the lines (and dissipate the energy it represents). Indeed, a few lines have such resistors already.

But a suitable resistor is a box about the size of one of the transformers. It's very expensive. And it only makes a substantial difference to the operation of the lines in such a once-in-centuries event. So most executives don't spend the money (and get dinged for costing the company millions) to put them in, to prevent a failure mode that hasn't happened in the generations since Tesla and Westinghouse invented the three-phase long-line power grid.

Or at least they don't until the regulators or their stockholders require it. Which means said decision-makers need a little educational push to decide it's worth the cost and get it done.

Thus articles like this. B-)

In March 1989 much of Quebec lost power for the same thing.

They lost power because the common-mode breakers tripped, not because their system was actually damaged.

The anonymous poster pointed out a simpler mechanism, which is used in practice on file stores that want to be encrypted on the server. This technique also has a number of advantages. Using a symmetric cypher is generally faster than an asymmetric one and using a different key for each file is just good practice anyway as it limits the damage that certain kinds of trojan can do. If you're sharing with everyone, then you may as well just give the server the AES key and ask it to decrypt the file. If you're sharing with just a few people, then sending them a (fixed-size) key for each file is not too much overhead.

The thing that's really put me off the surgery is the improvement in contact lens technology over the last 10 years. My sight is sufficiently bad in one eye that I'd have to have an implanted contact lens, although the other could be fixed by burning the cornea. The contact lenses that I have now; however, are so thin that I don't notice that I'm wearing them most of the time and can be worn overnight. I put them in at the start of a month and then change them a month later. There's a slightly increased risk of eye infection, but they come with six monthly checkups to prevent this. I was wearing the previous generation of lenses (which were noticeably thicker) for about 10 years without serious issue, but with slight irritation around the eyelids caused by the thickness of the lens (and my eyes sometimes getting very dry, because it took a long time for the lens to dry out, so I'd forget to blink sometimes). With the newer ones, it's basically as if I had fully working eyes and if my prescription changes then I can put in different lenses next month.

I'm up around retirement age. My eyes don't chage focus much at all. So I have to swap lenses to go from distance to close-up vision. (Yes I could use some kind of bi/tri/progressive-focal lenses. But at the moment swapping is adequate for me.)

Until they find a way to correct presbyopia (and they don't see to be even researching it), I'd still have to don/remove glasses anyhow. With my extreme astigmatism, extreme nearsightedness, and substantial age, I'm not a good candidate for lasic and stand a substantial chance of visual artifacts from it. I'm also a target shooter, so my glasses double as eye protection.

Given all this, the potential benefits for me would be small and the risks and cost oughtweigh them.

But if they ever find a way to fix presbyopia the equation could change substantially.

This story was not accepted for publication by Slashdot, and I am submitting it to another venue for consideration. - Bruce

There are techniques that allow searching within encrypted files, but they rely on the client creating the index. You can then search the index for an encrypted search term and, if you know the keys, interpret the answer. Getting this right is quite tricky (there are several research papers about it), so he's right, but it's not impossible.

The main reason that I suspect DropBox discourages encryption is that they rely a lot on deduplication to reduce their costs. If everyone encrypted their files, then even two identical files would have different representations server-side if owned by different users, so their costs would go up a lot.

I, for one, am in favour of removing bread from the human gene pool.

Yes, almost certainly. The market for compiler engineers is very much a sellers' market at the moment. Universities neglected it for so long that most people graduate from undergraduate degrees with basically no knowledge of how a compiler works (if they're lucky, the know how compilers worked in the '80s), so there are 10 jobs for every person.

In The Humane Interface, written in 2000, Jef Raskin made the same complaint. The time between turning a computer on and having written a program to add two numbers together on, say, a C64 or a BBC Model B, was about 30 seconds. On a modern computer of the time, you wouldn't even have finished booting - starting the IDE would take even longer. The problem is, this misses the point. There are lots of scripting languages with REPL environments, including a POSIX shell and PowerShell on Windows, that can do this as a single command once the computer is running (on OS X, you can add numbers in Spotlight, so it's even quicker - just hit command-space and type the sum). If you want to write a more complex application, it's vastly easier today. Extend that simple calculator to show an editable history and show equations, and you'll find it a bit easier today. Now extend it to be able to print - if you've ever written applications to print in the era before operating systems provided a printer abstraction then you'll know how painful that was.