[liberationtech] Secure Cloud Computing: Virtualizing the FreedomBox
Caspar Bowden (lists)
lists at casparbowden.net
Tue Apr 22 05:17:28 PDT 2014
On 22/04/14 14:05, Tom Ritter wrote:
> On 22 April 2014 07:47, Caspar Bowden (lists) <lists at casparbowden.net> wrote:
>> TAHOE is also cool, but doesn't claim to provide confidentiality. A TAHOE
>> service provider would have no choice but to round-up/backdoor the necessary
>> keys under existing US (FISA/PATRIOT) or UK (RIPA Pt.3) legislation [or
>> Indian IT Acts etc. etc.]
> I'm pretty sure that TAHOE does provide confidentiality - the keys
> don't leave your device (more correctly, the gateway running on your
> device) unless you distribute them. Which you can, you can send the
> decryption key granting read-capability to anyone, but you don't have
> to.
Yes, the fragments of data are brought together on your device (or a
"gateway" someplace), in that sense it is no different from a "pure
storage" Cloud (do it yourself crypto) but with better availability
* Users do not rely on storage servers to provide */confidentiality/*
nor */integrity/* for their data -- instead all of the data is
encrypted and integrity-checked by the gateway, so that the servers
can neither read nor modify the contents of the files.
(https://tahoe-lafs.org/trac/tahoe-lafs/browser/trunk/docs/about.rst)
It's a storage solution, and therefore not what actually Cloud is about
in a business/industry sense, who want Cloud compute power to crunch
usefully on encrypted data.
CB
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20140422/f328698f/attachment.html>
More information about the liberationtech
mailing list