On 2 April 2013 20:23, mick mbm@rlogin.net wrote:
Actually, none of the so-called "cloud" backup-up/sharing/syncing products, and for a bunch of reasons. Firstly, the architectural/usability issue of having to have a fast internet connection always available. 50Gig of store is no damned good to me at the end of an ADSL line which has an upload speed of around 0.4 Mbps (and of course is completely useless in the absence of a connection). Pity people like Tony who have to rely on 3G connectivity.
That's definitely an argument against cloud *storage*, but not really against cloud *sync*. Since you only access your files locally most of the time the speed of the connection isn't so important, unless you want to store large files there. My use case is normally playing with scripts (eg my ongoing efforts to pick up some Python skills); storing the .py scripts in my Dropbox folder means I can edit them and play with them there directly on my PC, but when I get home they're in my Dropbox folder at home to continue playing with if I choose. The scripts are only small text files so the sync wouldn't be a problem on a slow ADSL line. (As for pitying people relying on 3G: I usually find 3G to be faster than my office ADSL connection, although we do now have two lines that between them on a good day with a following wind will get us up into the giddy heights of about 4Mbps.)
An obvious alternative is to dump the files on a USB stick, but I'd rate the chances of my losing the USB stick higher than Dropbox losing my data.
Secondly, I /really/ dislike the idea of giving my data (and metadata about my connections) to some unknown (and decidedly untrusted) third party.
Which is why I treat the likes of Dropbox the way I treat email - if I wouldn't be prepared to send it via email it doesn't go into Dropbox. Which means anything vaguely sensitive only goes that way after encryption.
[...] Here Dropbox are one of the worst offenders. They lied about applying AES 256 bit encyption of the data at rest (they later admitted that they would pass the data /unencrypted/ to a federal agency on receipt of a court summons.
- How does that work then?).
I don't know the details, but if they encrypt but also hold the keys then surely it's quite possible to do this? The point of-course being that this is why encrypting your own data is so important.
I confess to an "old skool" prejudice to wanting to be able to "touch" my data (or at least to know where the hell it is).
With Dropbox I can touch my data: it's always on my PC, network or no network. I can't be 100% sure where *else* it is, but since it's either noddy Python scripts that are no use to anyone or its encrypted I don't really care too much about that.
The thing is, nothing is ever completely "secure". You can touch your NAS, until someone breaks in and takes it. If you encrypt it so that doesn't matter, then you still have to worry about not having another copy (or having the other copy taken at the same time). If you back it up, encrypted, somewhere away from home, and then you automate that process, you're not that far from a cloud service anyway. The only way to protect your data properly from prying eyes is to encrypt it in a way that you're confident of. Once you've done that, if you really are confident, it shouldn't matter if you give copies of it to anyone passing.
I am keen to look at OwnCloud because I would feel more comfortable having complete control of my data. But I am also aware that unless I properly secure my server, and keep up to date with any security flaws in OwnCloud etc, then my data is at as much risk - if not more risk - on a self-hosted server than it would be at Dropbox. (I'm using Dropbox in the generic sense - there are lots of other Dropbox-like services and some are better than others.)
Mark