p3x-749 Posted June 7, 2015 Share Posted June 7, 2015 Hi, I just came across the new product....looks quite nice. Based on the feature-list, I'll have some questions, though. - what hardware is need in order to support encryption? (i.e. TPM-Module)? - is encryption implemented without relying on Windoze bitdefender? - what if I want two access the cloud-drive from more than one host and use encryption? ..sorry, if this is already somewhere but I did not find that info right away....just kindly point me to it, in that case. TIA, fred Quote Link to comment Share on other sites More sharing options...
0 Christopher (Drashna) Posted June 8, 2015 Share Posted June 8, 2015 No additional hardware is required here (eg, you don't need a TPM module). As for the encryption: StableBit CloudDrive uses low level kernel-based encryption for maximum performance and for full round trip encryption support. Industry standard AES-256 CBC is used to encrypt every bit of your data. The Operating System's core services (Cryptography API: Next Generation) are used for all hashing and encryption functions in the kernel (FIPS 140-2 compliant). This, and a number of other features are mentioned here: https://stablebit.com/CloudDrive/Features As for accessing the CloudDrive, you can only access it from one system at a time. If you try to "attach" it to another system, it will give you a warning that it's already in use. You can go ahead and forcible attach it on the new system, and it should detach it on the other system. However, it will be encrypted, and require you to put in the passphrase or hash key for the CloudDrive before you can access the data. Quote Link to comment Share on other sites More sharing options...
0 p3x-749 Posted June 10, 2015 Author Share Posted June 10, 2015 Thank you for the response and info...very helpful. Quote Link to comment Share on other sites More sharing options...
0 Christopher (Drashna) Posted June 10, 2015 Share Posted June 10, 2015 You are very welcome. Alex did a good amount of research on how to implement the encryption feature, and we hope that it is secure enough that even the most security conscious users would be fine with using it. And without impacting performance too much. If you have any more questions, don't hesitate to ask. Quote Link to comment Share on other sites More sharing options...
0 Christopher (Drashna) Posted June 11, 2015 Share Posted June 11, 2015 Thank you for the response and info...very helpful. Alex has posted a long post detailing information about the encryption. You definitely should check it out: http://community.covecube.com/index.php?/topic/1269-full-drive-encryption/&do=findComment&comment=8450 It's ... a bit of a long post, though. Quote Link to comment Share on other sites More sharing options...
0 p3x-749 Posted June 14, 2015 Author Share Posted June 14, 2015 OK, thanks again...here are two more questions though: - From what I gather, the way the encryption API is used, a CPU with AES support will improve greatly to the performance of the encrypted filesystem - what exactly are the options to combine this with DrivePool...what if I want my local multi-TB drives from DrivePool to be encrypted (but *not* sync this with a cloud drive)..can I do that? Quote Link to comment Share on other sites More sharing options...
0 Christopher (Drashna) Posted June 14, 2015 Share Posted June 14, 2015 Yes, if your CPU supports the AES-NI instructions (or the AMD equivalent), then this will definitely benefit the API that we use, and help boost performance. As for combining with StableBit DrivePool, you can use the "Local Disk" provider. Either: Create a single large CloudDrive on the pool and encrypt it (since it uses "chunks", there is no issues with size), or Create a CloudDrive on different disks and pool the CloudDrive's together. Quote Link to comment Share on other sites More sharing options...
0 p3x-749 Posted June 16, 2015 Author Share Posted June 16, 2015 ...sounds cool. However, my main usecase would be to create a fully encrypted '(local) Pool. Maybe there are plans for a "DrivePool plugin" with just the encryption feature Quote Link to comment Share on other sites More sharing options...
0 Christopher (Drashna) Posted June 17, 2015 Share Posted June 17, 2015 Very. As for encrypted pool, you can use the Local Storage provider to create a CloudDrive on the pool and encrypt it. Quote Link to comment Share on other sites More sharing options...
0 p3x-749 Posted August 1, 2015 Author Share Posted August 1, 2015 OK, finally got to test around a bit. I recently upgraded my ZFS NAS and now got 7x2TB greens left...I did put these in my Win8.1pro desktop (which is my old server 32GB RAM, L3426Xeon (4C8T, no AES-NI)). ...I then created a pool out of these old disks, using DrivePool. Then, I created a 1TB encypted cloud-drive on that pool, using the local provider, using default settings otherwise - although local cache was set to zero (as default), CloudDrive created a Cache-Dir on one of my pool-disks :-( WOT? - I copied over some larger movie files (from my local, main disk, which is a SSD +200MB/sec read) to the pool and reached 98MB/Sec -> good, as this is the expected speed of one green disk - then I copied the same files over to the encrypted cloud drive -> 78MB/sec write -> cool, as my CPU does not have AES-NI support. I certainly can live with that performance. (I did set IO-Performance to 4 threads each in cloud drive. maybe there is a more optimal setting for non-AES-NI CPUs?) Now, I gather in order to be able to enable duplication for some folders on my encrypted disk,... I should have started the other way round, by creating an encrypted disk out of each 2TB green, and then pool these "cloud-disks" together? But... What about the (unwanted) cache dir created by cloud-drive? I don't want it and don't have a disk to spare. Is there a way to match the full/total physical size of the local disk when creating the cloud disk? TIA, fred Quote Link to comment Share on other sites More sharing options...
0 Christopher (Drashna) Posted August 2, 2015 Share Posted August 2, 2015 There was a specific reason for the cache drives with the local provider, but I don't quite remember why. I've flagged this for Alex, so I can get a proper response instead of guessing. https://stablebit.com/Admin/IssueAnalysis/18734 As for the encryption, it's handled by Windows' CNG API. This should be very fast, as it's done in the kernel here. The slowdown may be that CloudDrive is writing to the cache and then offloading to the local storage provider. This could be slowing down the file copy. Quote Link to comment Share on other sites More sharing options...
0 p3x-749 Posted August 7, 2015 Author Share Posted August 7, 2015 thanks for taking this back to Alex. I now tried the setup the other way around: - creating an encrypted clouddrive on one local disk each - then pool the cloud-drives - then enable duplication on some folders. ...this basically works, but I am not able to create a cloud-drive with the real size of he full local disk. These disks are 2TB greens....but their net value/space is 1.82TB...I can only select to create 1TB or 2TB cloud disks, where the 2TB would be too much, wouldn't it. How can I manage my 2TB cloud drives from "overfilling" when the data reaches the physical limit of the real 2TB (1.82TB net) disks? TIA, Fred Quote Link to comment Share on other sites More sharing options...
0 p3x-749 Posted August 7, 2015 Author Share Posted August 7, 2015 ....something got messed up. Drivepool reported some drives (cloud drives missing), while the Pool, created from the raw drives (where also the cloud drives were created on locally) reported all drives fine. Also clouddrive did report some cloud drives as attached and some as non existant. ....I destroyed all cloud drives and pools No I am still seeing some CloudPart_xxxxx Folders on my C/System-Drive that I've did not put there. Even worse, I cannot delete these using the explorer...when I try to open these, windows reports them as damaged :-( This is exactly the reason why I don't do any complex things with windoze ... I know Clouddrive is beta, but I really don't like being not in control of my data or my system. Quote Link to comment Share on other sites More sharing options...
0 Christopher (Drashna) Posted August 7, 2015 Share Posted August 7, 2015 thanks for taking this back to Alex. I now tried the setup the other way around: - creating an encrypted clouddrive on one local disk each - then pool the cloud-drives - then enable duplication on some folders. ...this basically works, but I am not able to create a cloud-drive with the real size of he full local disk. These disks are 2TB greens....but their net value/space is 1.82TB...I can only select to create 1TB or 2TB cloud disks, where the 2TB would be too much, wouldn't it. How can I manage my 2TB cloud drives from "overfilling" when the data reaches the physical limit of the real 2TB (1.82TB net) disks? TIA, Fred I apologize if it's not clear. The size can be manually typed in. You can type in 1.81TBs if you want. As for overfilling, for the actual "drive", it will error out and give you a free space error just like a normal drive. ....something got messed up. Drivepool reported some drives (cloud drives missing), while the Pool, created from the raw drives (where also the cloud drives were created on locally) reported all drives fine. Also clouddrive did report some cloud drives as attached and some as non existant. ....I destroyed all cloud drives and pools No I am still seeing some CloudPart_xxxxx Folders on my C/System-Drive that I've did not put there. Even worse, I cannot delete these using the explorer...when I try to open these, windows reports them as damaged :-( This is exactly the reason why I don't do any complex things with windoze ... I know Clouddrive is beta, but I really don't like being not in control of my data or my system. What version are you on? What OS? And could you grab the contents of "C:\ProgramData\StableBit CloudDrive" and upload it: http://wiki.covecube.com/StableBit_CloudDrive_Log_Collection Just use the upload form at the bottom of the page, you don't need to do the rest Quote Link to comment Share on other sites More sharing options...
0 p3x-749 Posted August 7, 2015 Author Share Posted August 7, 2015 ..thanks for the response. I am running Win8.1pro. The version I am on is "StableBit.CloudDrive_1.0.0.283_x64_BETA" ...at least that is what the installer file/exe says....I did remove the app after that mess. I'll do the upload.... Quote Link to comment Share on other sites More sharing options...
Question
p3x-749
Hi,
I just came across the new product....looks quite nice.
Based on the feature-list, I'll have some questions, though.
- what hardware is need in order to support encryption? (i.e. TPM-Module)?
- is encryption implemented without relying on Windoze bitdefender?
- what if I want two access the cloud-drive from more than one host and use encryption?
..sorry, if this is already somewhere but I did not find that info right away....just kindly point me to it, in that case.
TIA,
fred
Link to comment
Share on other sites
14 answers to this question
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.