[Sussex] Dropbox like system

[Steve Dobson]

Hi John

On 04/12/12 22:38, John Crowhurst wrote:
> Hello,
> 
> I'm thinking of setting up a Dropbox like system for my backups. I have
> some software that can do synchronisation on Windows and Mac computers
> but have a couple of stumbling blocks that will need to be addressed.

What software is that?  I ask because it might be useful to me as a
cloud storage system for my Android devices.

> How do I organise the storage? Is there a file system that does account
> based encryption/decryption on the fly? Does it have a facility to show
> how much a user has used or is that managed through quota?

I don't think that account based encryption/decryption is the right
solution here.  If the server is doing encryption/decryption then that
suggests that the data is being transmitted over the ether in plain text
- a security hole.

> I looked at ecryptfs but that is an encryption layer that encrypts the
> partition by encrypting file contents but that doesn't stop someone who
> has root access from seeing their files.

File system encryption is a good fit if the storage device is not
secure, and where the key can be kept safe when the data is not being
used.  Laptops are a good example here.

> I hope someone has ideas to point me in the right direction.

The first question is: Whom do you trust?

If the server is located in a safe place (your home) and you trust
everyone that has access to that location (your family) then there is no
need to encrypt on the server.  Just set up a secure connection between
the server and the client to secure the data during transmission.  VPN
software is the way to go here.

If the server is not trustworthy then you will need do
encryption/decryption client side only.  The server just stores the
encrypted data it is sent.

Security is all about key management.  You need to keep the key safe and
only on systems that are trustworthy.

Hope this helps

Steve

-- 
Steve "Dobbo" Dobson