[liberationtech] Secure alternatives to Dropbox?

Fri Aug 16 11:25:35 PDT 2013

In those situations, your likely adversary is not your "average
hacker" (assuming you mean here "hacker" in the sense of "people doing
bad things using the Internet" and not "people doing cool things, good
or bad" :P ).

Instead, you need to model your adversaries according to their
capabilities and intentions, and in a situation where the adversary is
*targeting* someone, that changes very quickly: penetrating home
networks, watching discussions, other OSINT leaks (e.g. forking a
project on Github, etc.).

On Fri, Aug 16, 2013 at 1:21 PM, Web Admin <webadmin at cpj.org> wrote:
> Thank you all for your responses on this. Especially the response with
> general thoughts about hosting your own cloud not necessarily being the
> best choice in all situations. It sounds like this option isn't
> necessarily something you'd recommend to all journalists/activists, since
> many just won't have any understanding of network security beyond putting
> a password on their router at home.
>
> One other question: If you're hosting your own cloud on your external hard
> drive at home, how would your average hacker figure out you even do that?
>
>
>
>
> On 8/15/13 3:37 PM, "Hans-Christoph Steiner" <hans at guardianproject.info>
> wrote:
>
>>
>>
>>On 08/14/2013 05:56 PM, Bernard Tyers - ei8fdb wrote:
>>>
>>> On 14 Aug 2013, at 22:09, Nathan of Guardian
>>><nathan at guardianproject.info> wrote:
>>>
>>>> On 08/14/2013 05:01 PM, Web Admin wrote:
>>>>> Are there oher services to consider?
>>>>
>>>> We (the Guardian Project) are happily using SparkleShare. Credit to the
>>>> Commotion/OTI team for introducing us to it, and for Hans-Christoph on
>>>> our team for getting it running.
>>>
>>> Damn, another thing to look at.. :)
>>
>>In case you tried SparkleShare before the latest v1.1.0 release, my tor
>>fix
>>was only added in v1.1.0.  In order to use a Tor Hidden Service as your
>>SparkleShare server, you have to setup your ~/.ssh/config to work with
>>.onion
>>addresses, then SparkleShare will use that config.
>>
>>Mine looks something like this:
>>
>>Host fakename.onion
>>     User hans
>>     Hostname fakeonionaddress.onion
>>     HostKeyAlias fakeonionaddress.onion
>>     Compression yes
>>     PasswordAuthentication no
>>     ProxyCommand connect -R remote -5 -S 127.0.0.1:9050 %h %p
>>
>>
>>
>>>> We still have some internal culture and workflow issues to solve (i.e.
>>>> Dropbox is still ingrained in the brain), but technically and
>>>> product-wise it is all there.
>>>
>>>
>>> This is the issue. Dropboxs work really well. And now that *everyone*
>>>knows how it works, people have an expectation that all services should
>>>work in the same way.
>>>
>>> I have tried to use Spideroak, but it doesn't work in the same way as
>>>Dropbox.
>>
>>SparkleShare works very similarly to Dropbox, but its a program developed
>>by
>>one person in his spare time, so its not as smooth as Dropbox.  If you
>>give it
>>breathing room and be a little patient with SparkleShare, its the same as
>>Dropbox.
>>
>>.hc
>>
>>--
>>PGP fingerprint: 5E61 C878 0F86 295C E17D  8677 9F0F E587 374B BE81
>>
>
> --
> Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu.

-- 
@kylemaxwell