Search Mailing List Archives
[liberationtech] Secure Cloud Computing: Virtualizing the FreedomBox
drsolomonoff at gmail.com
Thu Apr 24 10:44:15 PDT 2014
open source project that provides security for web apps by doing all the
processing on the client-side:
On 04/24/2014 01:08 PM, Zooko Wilcox-OHearn wrote:
> Hi folks!
> I'm one of the architects of Tahoe-LAFS, and the founder and CEO of
> LeastAuthority.com, which sells Tahoe-LAFS products and services.
>> On 22/04/14 14:05, Tom Ritter wrote:
>> I'm pretty sure that TAHOE does provide confidentiality - the keys
>> don't leave your device (more correctly, the gateway running on your
>> device) unless you distribute them. Which you can, you can send the
>> decryption key granting read-capability to anyone, but you don't have
> This is correct.
> On Tue, Apr 22, 2014 at 12:17 PM, Caspar Bowden (lists)
> <lists at casparbowden.net> wrote:
>> It's a storage solution, and therefore not what actually Cloud is about in a
>> business/industry sense, who want Cloud compute power to crunch usefully on
>> encrypted data.
> I think you're on the right track here, Caspar. People need a lot more
> than just "self-storage in the cloud". There are two dimensions that
> they need more:
> 1. sharing; Sharing is a lot different from self-storage. Most cloud
> storage crypto *cements* the self-storage nature into place, by adding
> an encryption key, held by the user, that cannot be safely divulged to
> any other user. Tahoe-LAFS is very different in this way, it doesn't
> impede sharing. (As Tom Ritter alluded above, sharing is easy in
> 2. computation; People do need storage, but they get a lot more value
> from apps. Most cloud storage crypto cements into place the "no apps
> allowed, just data storage" nature, but LAFS is at least potentially
> a. You can share your data with a remote server. Suppose you have a
> collection of data stored in LAFS. It could potentially be a large
> dataset, it could be heterogeneous in its schemas and storage formats
> (i.e., it isn't all in one tidy SQL db, but spread out in multiple
> formats and files). You started storing it in LAFS years ago, and have
> been incrementally adding to it and maintaining it ever since (i.e.,
> you didn't plan ahead for what's about to happen). Now you decide that
> one particular subset of it, e.g. one particular SQL db, or one
> particular folder full of docs, or something, needs to be shared with
> a remote server so that the server can do something fancy with it. It
> is easy for you to send that particular server access to that
> particular folder full of docs, without divulging any of your other
> data to that server and without divulging *anything* to anyone else
> other than that server.
> of the storage is encrypted and in-the-cloud, and all of computation
> browser). I think things like this are the future.
> Zooko Wilcox-O'Hearn
> Founder, CEO, and Customer Support Rep
> Freedom matters.
More information about the liberationtech