Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Secure Cloud Computing: Virtualizing the FreedomBox

Caspar Bowden (lists) lists at casparbowden.net
Tue Apr 22 05:17:28 PDT 2014


On 22/04/14 14:05, Tom Ritter wrote:
> On 22 April 2014 07:47, Caspar Bowden (lists) <lists at casparbowden.net> wrote:
>> TAHOE is also cool, but doesn't claim to provide confidentiality. A TAHOE
>> service provider would have no choice but to round-up/backdoor the necessary
>> keys under existing US (FISA/PATRIOT) or UK (RIPA Pt.3) legislation [or
>> Indian IT Acts etc. etc.]
> I'm pretty sure that TAHOE does provide confidentiality - the keys
> don't leave your device (more correctly, the gateway running on your
> device) unless you distribute them.  Which you can, you can send the
> decryption key granting read-capability to anyone, but you don't have
> to.

Yes, the fragments of data are brought together on your device (or a 
"gateway" someplace), in that sense it is no different from a "pure 
storage" Cloud (do it yourself crypto) but with better availability

  * Users do not rely on storage servers to provide */confidentiality/*
    nor */integrity/* for their data -- instead all of the data is
    encrypted and integrity-checked by the gateway, so that the servers
    can neither read nor modify the contents of the files.
    (https://tahoe-lafs.org/trac/tahoe-lafs/browser/trunk/docs/about.rst)

It's a storage solution, and therefore not what actually Cloud is about 
in a business/industry sense, who want Cloud compute power to crunch 
usefully on encrypted data.

CB
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20140422/f328698f/attachment.html>


More information about the liberationtech mailing list