Jump to content

interesting cloud solution form viviana.


daniel

Recommended Posts

2 hours ago, DanieldH said:

Upload delicate audio to a 3rd party cloud solution!

What could possibly go wrong?

 

*there is no cloud, just other ppls computers*

 

Thanks a lot for your feedback. 
Platform like Dropbox or Google Drive use two-factor authentication  and SSL encryption for data transferring to and from a device and at rest using AES-256 bit encryption

Link to comment
Share on other sites

48 minutes ago, Turi soundfish said:

at rest using AES-256 bit encryption

So, data is encrypted on file level before sending/storing it remotely and there is a PSK in the box and @ post production?

 

Does the box speak WiFi/Ethernet so it could send the data to some SFTP/Nextcloud/Webdav at DIT closeby without internet connectivity?

Link to comment
Share on other sites

1 hour ago, DanieldH said:

So, data is encrypted on file level before sending/storing it remotely and there is a PSK in the box and @ post production?

 

Does the box speak WiFi/Ethernet so it could send the data to some SFTP/Nextcloud/Webdav at DIT closeby without internet connectivity?

This is the link about cloud storage service security https://help.dropbox.com/accounts-billing/security/how-security-works

thanks a lot

 

Link to comment
Share on other sites

2 minutes ago, DanieldH said:

Thnx.

I guess that means no and no.

What kind of security are you "demanding"? This dropbox/google drive/etc portal to portal transfer is offering the same kinda security as your bank is using to let you send and receive money. Nothing is 100% hack proof though, not even your homebrewed Nextcloud setup on your NAS.

Link to comment
Share on other sites

2 minutes ago, Turi soundfish said:

No, everything is possible 😉

Cool!

So if not yet implemented, consider these a feature request:

Webdav, ftp, sftp client with all reasonable configurable options. Optionally A Next-/Owncloud client.

If processing power allows, a file/container based encryption on the fly like ecryptfs LUKS/cryptsetup.

If WiFi/LAN is on board, operation without internet connectivity.

Link to comment
Share on other sites

18 minutes ago, DanieldH said:

Cool!

So if not yet implemented, consider these a feature request:

Webdav, ftp, sftp client with all reasonable configurable options. Optionally A Next-/Owncloud client.

If processing power allows, a file/container based encryption on the fly like ecryptfs LUKS/cryptsetup.

If WiFi/LAN is on board, operation without internet connectivity.

Thanks a lot 

Link to comment
Share on other sites

7 minutes ago, Vincent R. said:

What kind of security are you "demanding"? This dropbox/google drive/etc portal to portal transfer is offering the same kinda security as your bank is using to let you send and receive money. Nothing is 100% hack proof though, not even your homebrewed Nextcloud setup on your NAS.

The transmission is what less concerns me, as you pointed out. But large tech companies (and parliaments, hospitals, etc) have data breaches here and there, be through a renegade employee or some "russian business network". Dropbox for instance had a large one in 2012 IIRC. 2 factor authentication does not protect you from such things. It leaks even more userdata. (overall 2FA is a good thing though).

My homebrewed (or off the shelf) NAS or a server run by my client is a lot smaller target or is just not on the internet at all.

If there is a leak or loss of the data, my client and me can at least be angry with ourselfs and evaluate what went wrong. A 3rd party storage provider will just shrug.

I do not trust or do not want to have to trust any 3rd party storage provider who can read the data. It is just one more unnecessary entity in the chain of trust. Therefore I think if you want to put anything on some "cloud" it is best practice to encrypt it (with your key(s) obviously) before transfer. Be it your family photos or sound files. A 3rd party may be a convenient option, but should not be mandatory to operate such a device.

When I read this Dropbox marketing speak Turi linked further up, I really scratch my head:

Quote

"Dropbox files at rest are encrypted using 256-bit Advanced Encryption Standard (AES)"

Ok, so, if a thief or police raids their datacenter, rips out the harddrive my data is on, at least it can't be read. Highly unlikely, but ok. I can't think of any other thread, this might address, though that may be due to my limited fantasy. What I can think of is: "Look Boss, lets put our data there, it must be save, they have AES!!!"

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...