I assume that my data stored online is ...
Displaying poll results.20560 total votes.
Most Votes
- What's the highest dollar price will Bitcoin reach in 2024? Posted on February 28th, 2024 | 8470 votes
- Will ByteDance be forced to divest TikTok Posted on March 20th, 2024 | 6403 votes
Most Comments
- What's the highest dollar price will Bitcoin reach in 2024? Posted on March 20th, 2024 | 68 comments
- Will ByteDance be forced to divest TikTok Posted on March 20th, 2024 | 20 comments
Missing option (Score:5, Funny)
Re:Missing option (Score:5, Insightful)
Re:Missing option (Score:5, Insightful)
Or perhaps "Already public"
Re:Missing option (Score:3)
Re:Missing option (Score:2)
the Googlement?
Re:Missing option (Score:2)
the Googlement?
I'll go for that, It's probably somewhat less evil than regular government.
Re:Missing option (Score:2)
Or: Being analyzed by the _______ government.
Your spell checker seems to have a cupertino effect, replacing "United States" with "_______".
Re:Missing option (Score:5, Insightful)
Re:Missing option (Score:3)
Re:Missing option (Score:2)
I want to mod your post and all the replies to it up.
Missing info (Score:5, Insightful)
Define "Safe".
Re:Missing info (Score:5, Insightful)
That, and Sir Lawrence Olivier's character from Marathon Man .
But, safe from others is not the same as intact, or usable. Data is not safe if it's lost due to hardware failure, user error, or failing to maintain conversion filters or to perform conversions to keep old data readable by new software.
Thing is, I can work to mitigate hardware failure, user error, and even conversion filters or actively converting. I can even keep data on a box that doesn't route to the Internet or in removable or write-once-read-many media, so that it can't be corrupted by outsiders and if offline, can't even be accessed by others.
Obviously data online can be converted, generally, by the cloud provider, and depending on how the cloud is set up, can mitigate user error. But, I don't control how well they do a job of protecting it from outsiders nor do I control when they might decide to orphan that data by dropping that cloud service, which is almost akin to hardware failure.
I do not trust "The Cloud". Not that I trust a lot anywhere anyway, but I do not trust data in the hands of others, and while I know that TONS of my data or data on me is out of my control, I will do what I can to not introduce even more of it.
Re:Missing info (Score:3)
Safe - the definition depends on your needs, wants, the type of data.
Re:Missing info (Score:2)
But, safe from others is not the same as intact, or usable. Data is not safe if it's lost due to hardware failure, user error, or failing to maintain conversion filters or to perform conversions to keep old data readable by new software.
What is actually safe if debug features in CPUs provide back doors, or code can install a VM that nothing else sees, or the flash holding firmware for your motherboard, disc, video card, net interface etc is writable because there's no physical switch to disable write access? Malware could kill drives at will.
(Switches polled by software don't count. Wave to your cam now...)
Sci-Fi - cheaper than R&D?
Stop having nightmares at once. Your wireless electric meter uploads them to be built.
G 41D89A CK512AX4CX250B1N347290314159265358927357954515734
Re:Missing info (Score:3)
Re:Missing info (Score:2)
Re:Missing info (Score:2)
if it is encrypted and you have it cryptographically signed you can be fairly sure that it is not being tampered with unless you are someone interesting enough that a major power government or megacorperation wants spend 10 of millions to decrypt and or find a pgp key collision.
Re:Missing info (Score:2)
Great news! My ROT13 encryption saves the day again!
Re:Missing info (Score:2)
Re:Missing info (Score:2)
Agreed. Much less safe from being viewed by an unwanted 3rd party. Much more safe from being destroyed through fire, tornado, or equipment failure.
Re:Missing info (Score:2)
Define "Safe".
if you live in a safe house then you are probably in danger
In which sense? (Score:5, Insightful)
Re:In which sense? (Score:5, Insightful)
Exactly. I'm almost certain that data stored with a service like Amazon S3 is far more "safe" from deletion or corruption than data stored on my local storage at home.
While I doubt that anyone's really mining my particular data, it seems like it'd be more likely to happen on a hosted service than at home.
Of course, I have no problem using the best of both worlds: my backups are encrypted and then stored with an online backup service. I gain protection from snooping and protection from deletion/corruption/destruction of the data in case my house burns down.
Zero control... (Score:5, Insightful)
In 'The Cloud', you have little or no control over where your data is physically stored. Theoretically, your data could end up somewhere where you can legally be forced to provide keys/passwords. Things that seem harmless at home may carry severe penalties elsewhere. It all seems sane & reasonable so far, but there's no guarantee in the future.
Re:Zero control... (Score:3)
Re:Zero control... (Score:2)
But if you're not physically there, how will those countries force you to decrypt the data?
They'll grab you out of your plane while you're thinking you're in for a beautiful vacation given the weather and sea temperature..
Re:Zero control... (Score:2)
Re:Zero control... (Score:2)
They'll tell your government that they want you extradited. Your government will then arrest you and ship you there.
And just to be sure they'll hire a couple of girls (or boys?) to say you raped them, just in case your government actually has the balls to refuse to extradite you purely for a thought crime.
Re:In which sense? (Score:2)
I consider that aspect a fact just due to the "so many eggs in one basket" scenario. Hacking a cloud provider and getting access to user directories could be extremely lucrative for a criminal organization. Just a couple Quicken files with stored access to bank servers would go a long way into financing the venture, and there is always data that can be used for blackmail or extortion.
Even if a cloud provider is hacked, it will be highly unlikely for people to hear about the breach unless an employee decides to burn any chance of a meaningful IT career and blow the whistle. Regulations are one thing, actually having them enforced is another. (Heard of anyone going to prison for Sarbanes-Oxley violations recently? Doesn't happen.)
Because of the fact cloud storage is a big fat target, and even if they do detect the breach, the likelihood of being notified that data was compromised is pretty much zero, I prefer packing my own parachute, keeping the cloud software on a VM so it can't access anything other than the TC file.
Even cloud backups which use a keyfile I'm leery of. Virtually all of those autoupdate, and in theory, a provider can push out a version that grabs the local key to upload it and there would be zero chance of someone knowing they were compromised in that fashion.
Re:In which sense? (Score:2)
Yup--depending on the answer to this question, my answer to the original is either "much more" or "much less".
Of course, I only store stuff online that I'm not particularly concerned about prying eyes (like source code), so in that sense, my data stored online is much safer.
Re:In which sense? (Score:3)
I picked "slightly safer". It's much safer from accidental deletion or corruption, much less safe from hacking. It's probably slightly safer if anyone really wants to target me specifically (most of my data has no protection if you have physical access to my hardware). But for me, the biggest risk is accidental loss.
Re:In which sense? (Score:2)
This is mostly a back door test to determine what you're afraid if. If you said more safe, you're afraid to lose your data, if you said less, you're afraid people will get your information and use it against you in some way. Appearantly, most slashdotters arent afraid of losing their files for some reason.
Re:In which sense? (Score:2)
Truecrypt to the rescue.
Keeps the data from dropbox Eyes, and dropbox keeps it synced on 5 computers for data safety :-)
If the NSA has a copy, good luck cracking it boys, The keycode to the Directors; bathroom is in that file.
Re:In which sense? (Score:2)
Truecrypt to the rescue.
Keeps the data from dropbox Eyes, and dropbox keeps it synced on 5 computers for data safety :-)
If the NSA has a copy, good luck cracking it boys, The keycode to the Directors; bathroom is in that file.
That's exactly what I do. What's nice is it only uploads part of the encrypted file container that changes from the last checkin. Just got to be sure to uncheck "preserve timestamp" in the Truecrypt settings.
Re:In which sense? (Score:5, Insightful)
Obligatory: http://xkcd.com/538/ [xkcd.com]
Re:In which sense? (Score:2)
Backups, maybe.
But then, encryption would make their data in the cloud safer again. I choosed much less safe because I simply do not belive cloud service providers have good enough backups*, thus I think the risk of losing my data on the cloud is bigger.
* Cloud service providers have completely new failure modes that they can't protect against. Just keeping an external copy of your data is not enough.
Re:In which sense? (Score:3)
I trust Dropbox with my school-work because I am vastly more concerned about it not being lost or deleted that someone from my class somehow magically finding my specific account and gaining access to it while I'm in the same class as them (no one else would care about it, and if you went through that level of effort you probably deserve an A in a computer science class anyway).
I trust a TrueCrypt volume on my local computer for Taxes/Financial/Official government paperwork/Anything with my SSN on it because I am vastly more concerned about not letting prying eyes see it ever than the digital loss of something that I have paper printouts of anyway.
Re:In which sense? (Score:2)
Truecrypt is the option. (Score:4, Insightful)
If storing data off site I think that Truecrypt [truecrypt.org] is the way to go.
That way I can be reasonably sure that my data isn't read by anyone else.
Re:Truecrypt is the option. (Score:3, Informative)
Interesting. The biggest problem with TrueCrypt is that you have to upload a single file, and then re-upload that file in its entirety every time you change something. I quickly found that isn't such a nice thing.
Other options include Deja Dup (not that I've experimented with it so much) which uses Duplicity and EncFS (with Cryptkeeper). Wait, that assumes you are using Ubuntu or another Debian derivative, though they'll probably also work on every other Linux system.
Finally, the poll itself. If I backup to the Internet, it's encrypted. But that doesn't count data that doesn't originate from my machine (such as email). My old Yahoo email addresses could be data-mined because all the old emails are sitting in plain text. Similarly, other communications stored by third-parties (private messages on forums for example) are probably also vulnerable.
But when it comes to stuff that originates from me, and is only for me, it doesn't leave my computer for the Internet without being encrypted first. (And 'the same way' is probably not correct. I use the built in Ubuntu home dir encryption, but I have to use additional encryption (such as EncFS again) for backup because my home dir is always plain text when viewed by the backup programs. Because I'm logged in to run them.)
Re:Truecrypt is the option. (Score:2)
The biggest problem with TrueCrypt is that you have to upload a single file, and then re-upload that file in its entirety every time you change something.
That depends on how smart your synchronization software is. Encrypted containers only change marginally more on disk than the actual changes. (That is, disk encryption techniques encrypt relatively small blocks so that changes in the middle of the disk do not require re-encrypting subsequent blocks.) Synchronization software that watches what blocks were changed as they're changed (using, say, some kind of driver) can transmit minimal change sets to the server.
A more common approach is to logically divide the file into larger blocks and to compute, store, and compare the hashes of these larger blocks to determine the changeset. This is what is done by Dropbox, for example (4 MB block size). This still requires an operation every time you synchronize (computing hashes for the whole file), but if your disk and processor are much faster than your upload bandwidth, it's a good enough system.
Re:Truecrypt is the option. (Score:5, Interesting)
Not that I'd expect the cloud provider to actively try and break your encryption, I'm talking more about the principle.
Re:Truecrypt is the option. (Score:3)
I doubt seeing deltas substantially reduces the cryptographic strength of XTS (which TrueCrypt uses).
What it does do is give an attacker some potentially-useful information about change patterns. (That is, seeing when, which, and how many blocks change at once.) This isn't anything painfully obvious like "if you store a TrueCrypt container on a Dropbox volume, someone will be able to decrypt it". It's a more subtle problem: don't assume that the attacker won't be able to find out what they want just because the data is encrypted. Maybe all they want to know is whether you changed data on the encrypted disk on a particular day. If you sync it via a cloud service, you'll expose that information. It's all of the changeset metadata that creates the risk when you store an encrypted container on a cloud service.
It is, however, an important thing to keep in mind.
Re:Truecrypt is the option. (Score:2)
Sounds like the next project for the truecrypt guys...if you have some multiple of the actual storage you need in the cloud you should be able to obfuscate the delta's in such a way that it's not deducible as to what part of the original image your upload is changing, eg if you have storage in the cloud that is 3x as big as your truecrypt volume you have plenty of room to write the changed data somewhere else instead of over the original data, and also upload random data to the unused space etc.
Obviously there are storage and bandwidth overheads but it's the price you pay when you have data you don't want the authorities to find.
Re:Truecrypt is the option. (Score:2)
That it very true, but it would take a large amount of data to do so. This is why all TC algorithms use 128 bit blocksizes or more, so guessing the traffic and the contents is somewhat mitigated.
One practice that might help with this, although it is a bit clunky is to have a TC volume within the TC volume that is moved out, opened, mounted, used, then after it is unmounted, it is moved back to the TC volume that is synced to the cloud provider. That way, the cloud providers sees a large blob being written and can't tell much about any contents.
Re:Truecrypt is the option. (Score:2)
Large containers are basically untenable, but the unencrypted contents of the container will be almost as bad, unless you're making a large container for a small amount of data.
Re:Truecrypt is the option. (Score:2)
Other options include Deja Dup (not that I've experimented with it so much) which uses Duplicity and EncFS (with Cryptkeeper). Wait, that assumes you are using Ubuntu or another Debian derivative, though they'll probably also work on every other Linux system.
Actually it's not Ubuntu-only. I used Deja Dup successfully in Fedora 16 and, it actually worked quite smoothly. What I found worrisome though was the custom file format it uses (to make incremental backups and encryption possible, fair enough). If I need to do a restore, I don't want to fight with some exotic formats in the process...
Re:Truecrypt is the option. (Score:2)
Interesting. The biggest problem with TrueCrypt is that you have to upload a single file, and then re-upload that file in its entirety every time you change something.
Not true, if you are using Dropbox. Dropbox only checksin parts of the file container that changed. At least, that is my assumption because each update takes only seconds while the initial checkin took a few minutes for a 256MB encrypted file container.
Re:Truecrypt is the option. (Score:5, Interesting)
I use TrueCrypt for offsite data as well, with a couple recommendations:
First, one of the core rules of offsite storage is that one needs to assume that if it is stored offsite, it can be read by anyone, be it someone in a foreign country, an ex who is looking to dig up some dirt, a rival in the chainsaw fencing league looking for a way to get others disqualified, or a law firm looking to start suing people en masse.
By storing something where one has no control over the physical media, one should consider that their TC container, regardless of where it is stored, has people quietly trying to brute force the passphrase 24/7/365. This is definitely an assumption, and it might be on the border of being a tinfoil hat case. However, it can't hurt.
To mitigate this, I recommend two things:
First, use an encryption cascade. No, two 256 algorithms are not going to give a virtual 512 bits. Instead, it will be more like 257 bits of security. However, if one algorithm gets weakened by an attack, the other likely will still have its full 256 bits of strength.
Second, use keyfiles. Just using a keyfile means that an attacker will be unable to brute force a passphrase, period. They will need to figure out what keyfile or keyfiles are in use, then try that in combination with a passphrase.
If someone is concerned more about security of data than recoverability, the keyfile can reside on a USB flash drive. If recoverability is a factor, the keyfile can be stored someplace else, perhaps in a little used E-mail account on an obscure site as a uuencoded message.
Don't just stash data in a TC container and forget about it. Security take some thought even with a top notch program like TC.
Re:Truecrypt is the option. (Score:2)
By storing something where one has no control over the physical media, one should consider that their TC container, regardless of where it is stored, has people quietly trying to brute force the passphrase 24/7/365. This is definitely an assumption, and it might be on the border of being a tinfoil hat case.
I'm making the assumption that you are trying to brute force my data right now... and I'm not very happy about it.
However, it can't hurt.
Don't be so sure 1038732, i'm coming to find you and when I find you there's going to be hurting.
Re:Truecrypt is the option. (Score:2)
Re:Truecrypt is the option. (Score:3)
http://www.privacylover.com/encryption/analysis-is-there-a-backdoor-in-truecrypt-is-truecrypt-a-cia-honeypot/ [privacylover.com]
Re:Truecrypt is the option. (Score:2)
Some of that is true.
However, for a lot of people's needs there is an argument that is game theory based that can be used:
1: TC has no backdoors or oddball things in the code. Life goes on.
2: TC has some backdoor (and this is pure conjecture at this point.)
Lets follow the latter idea. TC has a backdoor somewhere by some government group.
1: Someone studying the source code finds it. Game over. TC loses trust, people move to a different program, and the jig is up.
2: Someone is using TC to stash their MP3s. If the backdoor owner tips their hand in order for someone to get in the stash, there is a good chance that others might see this, get wary, and move to another platform.
The end result is that if (and again, I say this is pure theory) there were a backdoor, it would be only used for big game. Then, there is the fact that if there is a backdoor, someone else from another country to discover it.
If TC had a backdoor, it definitely would be used for targets much larger than random junk stored on a cloud storage provider.
Re:Truecrypt is the option. (Score:2)
1) nobody studying the source will find it, when they provide binaries built from other source than the released source.
2) while searching for the terrorists, they scan the containers of all people. You do not want to encrypt your stuff, because you're criminal, but because you do not want random people to look at it. Now they are searching through your files, and they look at it, even when they avoid to do something with the information in there to avoid that you notice the monitoring. So you do not win anything by this argument.
Re:Truecrypt is the option. (Score:2)
yeah, and to point 1: It is not easily possible to build the binaries the same way. RTFA:
> Very few people compile the Windows binaries from source; it is exceedingly difficult to generate binaries from source that match the binaries provided by Truecrypt (due to compiler options, etc.)
Re:Truecrypt is the option. (Score:2)
yeah, and better TC than nothing at all. But the other way round, i prefer to use dm-crypt.
TrueCrypt cannot save you from the real danger (Score:2)
I was a cloud believer.
And then I saw this video.
http://www.youtube.com/watch?v=Xjo7Gh_a07E [youtube.com]
And it opened my eyes. Seriously. The cloud computing risks are too great to comprehend. This guy knows what he is talking about. He is an Ex-IT commissionar in India and a very wise and intelligent man. His in depth knowledge about cloud computing should be dispensed to all of slashdot
Do I care? (Score:3)
I have a list of my DVD collection stored on dropbox, that way if I see something I want on sale I can check and make sure I don't buy the fifth season of Hogan's heroes for a third time.
I doubt that piece of highly personal and revealing information would be useful to anyone if they managed to find it.
Re:Do I care? (Score:3)
I have a list of my DVD collection stored on dropbox, that way if I see something I want on sale I can check and make sure I don't buy the fifth season of Hogan's heroes for a third time.
Uh, it was the third time last year. Next will be the fourth time.
- Friendly Dropbox+Amazon Snoop.
Re:Do I care? (Score:2)
With something that trivial, a very simple home server setup would more than suffice. Very little beyond a default Ubuntu Apache install is required.
Re:Do I care? (Score:4, Informative)
With something that trivial, a very simple home server setup would more than suffice. Very little beyond a default Ubuntu Apache install is required.
And some (at least) quasi-static IP address. And at least some rudimentary web coding ability. And a hole in your firewall and/or router's routing rules. And I'm concerned that I probably omitted or misstated something . . .
Re:Do I care? (Score:2)
Spend my time and effort setting up a server, configuring my firewall, and configuring dyndns, and paying for the electricity to run the server.
OR
Install dropbox, which avoids all of the configuration, integrates perfectly with all my machines and my phone, and doesn't cost me anything.
Re:Do I care? (Score:2)
Re:Do I care? (Score:5, Funny)
Re:Do I care? (Score:2)
SCHULTZ!!
Define "safe" (Score:5, Interesting)
There are aspects to "safety."
Redundancy is one aspect. I trust my data online to be adequately backed up and protected from loss in a single accident. Local data, not so much. So online data is safer from *me*.
Privacy is another aspect. With local data, I control who sees it, end of story. Storing it with some third party -- have you actually read the "privacy" policies for Google and iCloud? I'd call them a joke, but "outrage" is a better word. So local data is safer from *them*.
Continuity is another aspect. I'll be able to access my local data unless something happens to destroy it. With online data, I could be locked out tomorrow on whim (or by accident). It's already happened to me with Steam games. Yes, Steam did fix the problem they caused, two days later and with a lot of time on my part. I suppose they consider that "great customer service." So again, local data is safer from *them*.
All in all, I would rather accept the risks I can control than trust a company whom I can't control.
Re:Define "safe" (Score:2)
Agreed, but I'm not confident about even the one thing in the Cloud's "favour".
Data may be backed up, but if it's corrupted (eg: malware on the cloud) then all that's being backed up is garbage. Doesn't matter how many co-location sites it is copied to, it's still dead data. You don't know, cannot know and cannot control what procedures they have in place to guarantee data integrity. You should know, can certainly know and definitely control what procedures YOU put in place.
Agreed, they have the capacity to handle redundancy, but take a look at Amazon's cloud. Single virtual machines in a single site. They may have co-location but it's a bugger to actually make use of it yourself. If - as does happen from time to time - the trans-continental links get busy (you seen the Internet Weather Maps? The links are almost permanently red from being overloaded!) then even if you do run your own mirroring, the odds of congestion causing the systems to diverge are high.
In terms of guaranteed data robustness, a fireproof lockbox crammed with DVDs or mag tapes in a remote house (circa 1984 BBC Micro Live guidelines on data protection against loss) seems every bit as good as the cloud. If you're paranoid about moisture, heat or UV damage despite the lockbox, put it in a concealed alcove in a wine cellar. (Waddayamean you don't have a wine cellar? How else are you supposed to get drunk running Windows software under Linux?)
Re:Define "safe" (Score:2)
take a look at Amazon's cloud. Single virtual machines in a single site.
If you're storing backups on EC2, you're doing it wrong. Data is saved on S3, which is in fact replicated to more than one machine before it even returns a response to the upload. According the them, it's designed to withstand the simultaneous loss of two copies without affecting the data.
Personally, I use Tarsnap [tarsnap.com], which is based on S3 and offers a nice, tar-like CLI program, full client-side encryption and paying only what you use, down the single byte.
Safe from disappearing? (Score:4, Insightful)
Missing Option: Completely Unsafe (Score:3)
If it's uploaded somewhere, it is publicly available on a single Western Digital MyBook. That is the stance I assume. I assume that whoever is storing that data has no interest in its security, nor any true desire to ensure that it is backed up.
If I am wrong, it is only in my favor.
Encrypted the same way - a nice thing about encfs (Score:2)
One nice thing about encfs (and ecryptfs) --- I only tell the cloud-backup guys to backup the encrypted versions of the files.
Since the encryption is per-file based, incremental backups (rsync) are still largely useful; and I don't have to worry about the backup service safely managing the data.
Different safes (Score:4)
I voted "about the same", because it's a different kind of safe...
My own local data, I know where it is and can get to it rapidly. I know exactly how and IF it is backed up.
But it is imperiled from things like fire, flood or theft.
Remote data is in some sense more ephemeral. You can't really know how well it's backed up, or even quite where it is. The company could fold at any time or the law could seize it (megaupload).
And yet, it's a lot less prone to vanishing due to theft. Most natural disasters are probably not going to destroy it if you go with a larger storage facility that may be replicating data.
Others have commented on "safe" being others visibility into your data, but the only real concern most people should really have is, will I be able to get to my data at all. Most people simply do not have anything worth spending much effort to hide from others. I know I don't (just a handful of passwords and so on).
Comment removed (Score:2)
Re:Did I misinterpret the question? (Score:2)
How do you protect your data from banckrupcy of the cloud service provider? Or some government taking the entire thing down because somebody else put one bad document on his area? Or even, how can you be sure they actually do backups?
I keep local backups of the (important part of the) data I put on the cloud. That way I think the data I keep on the cloud is as safe as local, but that is not really the spirit of the poll...
Much less safe (Score:4)
In fact, not only is it already gone, it was never there to begin with.
Missing option: I don't store data online.
Cheers,
Dave
Missing option: (Score:2)
Either public record (i.e., birth date, etc) or non-existent.
Wft is this question? (Score:3)
It makes absolutely no sense... Safe from what standpoint? That Google/Facebook/Amazon/Apple/Dropbox/[whoever] now potentially has access to it? That advertisers can now take advantage of it? That it is more or less encrypted? That hackers now have additional ways to get their hands on it? That it now gets backed up? Safe how exactly?
Safety or Security? (Score:2)
I consider my "cloud-stored" data to be exceptionally safe, in that I will never accidentally lose the data. It's probably backed up much better than my local files, which are haphazardly duplicated across several drives. Stuff "in the cloud" is really only going to disappear if the host goes completely out-of-business, or (hopefully) if I deliberately delete it.
However, I also do not consider any cloud-stored data to be secure. Unless I encrypt it myself, and keep the keys local-only, I consider it publicly-visible, as though I'd posted it on Reddit or wherever it is all the non-antisocial people hang out. Sure, that's probably an exaggeration - I'm fairly certain nobody at Dropbox is just randomly flipping through users' files for shits and giggles, but a bit of mental hyperbole doesn't hurt.
assumptions (Score:2)
Eggs in one basket (Score:2)
Either type of storage has its own risks and benefits. If you want your data to be secure, use both. Then if your data is threatened with one type of risk, the other storage type is likely to be unaffected, making it possible to recover your data. That's what backups are all about.
Define safe? (Score:2)
What means "safe"? Safer from loss, absolutely. Something stored in Google Drive exists in multiple datacenters with redundant backups in multiple geographic locations.
Is it more secure from a privacy stand point? No, by definition more people having it makes it less private. If I really want something to be private I encrypt it before uploading it or don't upload it at all. The majority of my documents aren't worth the trouble however.
That depends on the service (Score:2)
My Gmail etc.? Probably same-same as my local data.
My external hard disk backed up nightly to my ISPs data center where they have tape backups as well? Pretty damn safe.
Of course (Score:2)
Physical control of the media matters a LOT.
About the same because... (Score:2)
That said, the combination of an encrypted home drive with backup (pretty safe from snooping, but still susceptible to fire) and the usual "cloud" backup (pretty safe from fire, but still susceptible to snooping) is a great combination for "not that important" data.
I'm Amazed How Many Orgs Are Using "The Cloud" (Score:3)
I'm amazed how many orgs are willing to go to a cloud solution and trust their private info to another group who is not invested in them at all.
Missing option! (Score:2)
I don't know about you, but my online data is source code to open source software. Google and the NSA are encouraged to read it and use it (if they find it useful).
Safer in the ways I care about (Score:2)
I am lazy, very lazy. I don't backup stuff properly, I keep my hardware longer then I actually should, I take my laptop around with me everywhere
and occasionally leave it in less then secure locations.
So data on my laptop is not very safe.
Privacy, well I have very little data I consider private.
So having my mail, and photos and the code I write all stored in the cloud
makes me safer in the ways I care about. Even if anyone with enough of an interest could get at it.
Uifsf!bsf!cfuufs!uijoht!up!ep!jo!mjgf-!zpv!lopx/// (Score:2)
That was my Facebook status today. Guess which option I voted for.
As Arthur would say... (Score:2)
Not safe at all. One word: (Score:2)
MegaUpload?
hardware safety (Score:2)
i put "much safer".
the computer i generate the most personal data on is an old netbook. it's already lost one drive, has a dodgy power supply and a crack spreading along it's case.
an online service that has the most uptime has a commercial advantage, so these services are rock solid as far as preventing data loss.
company lifetimes are longer than hard disk lifetimes.
of course, i should encrypt everything sensitive before uploading, but i haven't stored anything sensitive yet - mainly recipes and processes for various computer/food/brewing/distilling stuff. nothing i could go to jail for, nothing i could lose out financially from the theft of.
my photos, however, are too big for my bandwidth. they get backed up to external drive + blu-ray before i think about wiping the SD cards. i wouldn't put them online except in graded jpg form for bragging about how awesome my life is on facebook and showing off my mad photography skills.
Re:Safe is relative (Score:3)
I can break into your house and access all your data...
Ha! Even I can't do that. I don't even remember where I put some of my hard drives, especially since I moved.
Re:Safe is relative (Score:2)
I can break into your house and access all your data or delete it.
LMAO...no, no you can't. Only someone with a bare bones sense of computer literacy (and not much thought of security) would have their machines, even at home, with sensitive data on them that auto log on. So, there's the first obstacle to that theory. Then there's the fully encrypted volumes that the data resides on. Good luck with that. There's the on-site and off-site backups (yes, at home too). My dad and I ship drives back and forth from our separate locations monthly and keep those drives in safes for our mutual off-site backups. Then there's the ADT system on the house, the 85 lb Rotweiler that doesn't like strangers, the Glock in the drawer, the neighborhood watch and the ex-cop, ex-special forces guy that lives next door. Basically, I double-dog dare you to try to steal or delete data in my home, invited or uninvited. Sure, you could hit the drives with a massive magnetic pulse or something, but that doesn't get the off-site backup and certainly doesn't compromise the security of the data as you didn't obtain anything you just deleted a small amount of what I might have. Waaa.
You'd have better luck trying to break into a data center than my, or my parents' house to access data. But, again, you're welcome to try. I think you'd be better think that through a little more...
Re:My data is all encrypted in ASCII (Score:2)
I re-encrypt all of my ASCII data with ROT13. Twice.
Re:My data is all encrypted in ASCII (Score:5, Funny)
ROT13 isn't secure. That's why I only use a one-time pad for encrypting all my files. In order to reveal as little information about my files as possible, I choose the pad carefully so that it only stores zeroes on the server, and then I keep the pad safe locally.
This also has the advantage that it works without network access; if I need my encrypted files while I'm on the move, I can simply decrypt /dev/null with the appropriate key in order to retrieve my data. Additionally, I require very little space, as I compress all my cloud data down to a single disk block, plus some metadata. I also encrypt this compressed data, just to be safe, by the same method.
Re:what kind of (Score:2)
The kind who knows how to use strong encryption, and how to store backup copies locally (or vice versa).
Re:My local data storage is (Score:2)
Re:My local data storage is (Score:2)
That probably wouldn't be good. With ZFS RAIDZ3, he can have 3 drives fail. He has 6 SSDs, which if they are the same brand/model and purchased at the same time, will probably all fail at once.
Re:Data Is Safe? (Score:2)
Things in my head had the habit of disapearing when I most need them. They are not safe at all.
Re:The Missing Option (Score:3)
Who cares? I don't have secrets...
Anonymous who?