[Wolves] Tinkle tinkle little disk...

Peter Evans zen8486 at zen.co.uk
Thu Jan 3 17:36:19 GMT 2008


On Thursday 03 January 2008 16:53:15 Stuart Langridge wrote:
> Actually, I've changed my mind; I'm going to lay these out anyway
> whether you all want me to or not, so if anyone's bored by technical
> stuff, turn away now. This is going to be relatively long :)
Thanks for the explanation.

1) I make the assumption that your backup files on the remote machine are 
either:

a) One huge encrypted file.

or

b) Lot's of small encrypted files - one for each source file.

As you have chosen to encrypt your saved files then any changes made within 
the source would require that the entire file be re-encrypted.

We could argue that this work could be done on the remote machine. Only the 
changes are transmitted, the original file is decrypted, changes are applied, 
the resulting file is then encrypted again.

But, in order to do this Adams machine will need access to the decryption key 
thus defeating the principle of Adam not being able to see what's in the 
backups. This also supposes that Adam is happy for his machine to commit CPU 
and/or memory to this process.

It also means that at some point a 'sniffer' could intercept the contents of 
your entire backup.

If however your backup/restore mechanism was able to track base and 
differential file backups separately then you could keep encryption on the 
source machine.  The remote machine would then have one set of base files 
followed by lot's of smaller differential files.

2)  If I may could I introduce one additional potential problem?  (disclaimer- 
I'm not a lawyer, but I do have some knowledge on the subject).

Regarding the encryption key - under the new RIPA amendments, it could prove 
problematic for Adam if his machine is siezed by the Police and they find 
encrypted material on his drive. His inability to produce the key may be 
interpreted as refusal with all the consequences thereof.

In today's world anyone that allows encrypted information to be stored on 
their machines that is not in some way under their own control could be 
asking for trouble.
-- 
Regards,

Pete Evans



More information about the Wolves mailing list