Jump to content
  • 0

I guess i missed the point of Cloud drive for uploading to the cloud


asdaHP

Question

I have been trying to test cloud drive to backup some of my folders to ACD. The first few times I was using the encrypted method to securely upload and so i didnt expect to be able to read the files from the cloud. Recently i setup an unencrypted clouddrive with the aim that i could use this method to backup some files from my server that I could then look at from a different computer or location. Only when i logged into ACD did i realize that irrespective of whether using the encrypted or unencrypted method, the files are listed under stablebit cloud drive as CloudPart folders and the files in it are not readable on the amazon cloud drive site. I guess someone could download them and reverse engineer (or whatever else it is called) if possible, but in reality even unencrypted files are not practical for remote access.

 

So i cant use the cloud drive method to upload files that i want to be able to access from other computers. I am sure this is written in the FAQs or opening page, and as always i overlooked it, but more likely I was secretly hoping and praying that cloud drive was something similar to odrive or other ways of uploading files into the cloud, especially since amazon's app offering is terrible. Oh well, keep looking...

 

 

Link to comment
Share on other sites

8 answers to this question

Recommended Posts

  • 0

Sorry, yeah, even the unencrypted drives do not use just the raw files. 

 

There are a number of reasons for this, but the main one is that we store raw blocks of disk data on the cloud provider, not the files.  This allows for greater flexibility in what you can do with the drive.  

For instance, the drive supports VSS, hard links, formatting as ReFS, data deduplication, etc. 

 

These wouldn't be possible if we used a different approach to how the software works. 

 

 

As for accessing the files, even the un-encrypted data is encrypted, due to the fact that various providers will analyse and index the files based on the file contents.    

Link to comment
Share on other sites

  • 0

So the only advantage of encryption is if someone else manages to get a hold of your cloud credentials and install CloudDrive they still won't be able to mount the drive? That seems like a very niche case and of course I understand the need for security, but I'm afraid of forgetting my password :) 

 

I never really considered that due to its architecture, CloudDrive is secure by its very nature so it should be possible to avoid the encryption.

Link to comment
Share on other sites

  • 0

So the only advantage of encryption is if someone else manages to get a hold of your cloud credentials and install CloudDrive they still won't be able to mount the drive? That seems like a very niche case and of course I understand the need for security, but I'm afraid of forgetting my password :)

 

I never really considered that due to its architecture, CloudDrive is secure by its very nature so it should be possible to avoid the encryption.

 

yes and no.  The key used by default (for unencrypted drives) is not secure. It's meant purely for obfuscation of the data, and not actual secure encryption (eg, easy to brute force).  And I believe that we plan on publishing the key we're using, so people could decrypt and access the raw disk data, if needed.

 

The actual encryption is much more secure, and exponentially harder to break. (eg, supercomputers clusters running for decades)

 

 

As for forgetting your password, amen.  Print it out and stick it into a safe or security deposit box? :)

 

 

 

But even is StableBit CloudDrive is designed to be very secure by default, the provider accounts may not be.  If somebody gets ahold of your account credentials (which is shockingly easy, as proven by the number of breaches in the last few years), they could just mount the drive with our software.

 

So, encryption adds an additional layer of protection.

Link to comment
Share on other sites

  • 0

Interesting discussion

 

Am i right in assuming that the obfuscation would prevent Amazon doing any de dup from stable bit users data stores.

​a) because it has a level of encryption - assuming Amazon would not go to the trouble of cracking it or using the key as and when it becomes available

B) as its raw blocks the likelihood of two users having the same raw blocks is minimal.

 

or am i underestimating what Amazon does with the data?

Link to comment
Share on other sites

  • 0

Sorry, yeah, even the unencrypted drives do not use just the raw files. 

 

There are a number of reasons for this, but the main one is that we store raw blocks of disk data on the cloud provider, not the files.  This allows for greater flexibility in what you can do with the drive.  

For instance, the drive supports VSS, hard links, formatting as ReFS, data deduplication, etc. 

 

These wouldn't be possible if we used a different approach to how the software works. 

 

 

As for accessing the files, even the un-encrypted data is encrypted, due to the fact that various providers will analyse and index the files based on the file contents.    

Ok, thought as much when i saw all those strange files. So is there a way if i am away from my server that has the clouddrive software, say at work, to download those chunks and then recreate the files i want without needing to reinstall clouddrive on that computer. Of course there is no way id know which files are in which chunks so could be difficult.

 

Amazon has 100% access to your files, it even says so in the TOS.  They can and WILL browse your media.  They also use dedupe software to delete your stuff and replace it with links to one centralized version.  Everything you upload to ACD should be 100% encrypted, unless you like other people having access to your data.

Chilling to hear that. I dont remember reading the TOS that closely but worries me if they have an option to say use my family pics as advertisements or similar. I dont really care if they dedupe as my original copies are at home in multiple locations.

 

If i an encrypt the files, then i lose the ability to access them remotely. After all that is one of the reasons i keep certain files on the cloud.

Link to comment
Share on other sites

  • 0

Ok, thought as much when i saw all those strange files. So is there a way if i am away from my server that has the clouddrive software, say at work, to download those chunks and then recreate the files i want without needing to reinstall clouddrive on that computer. Of course there is no way id know which files are in which chunks so could be difficult.

 

 

Without the software? No, not at this point. 

 

However, this is a common request and something that is on our mind. 

 

The "best" solution right now, is to somehow make it available from the system hosting StableBit CloudDrive.  There are a number of solutions to do this (VPN into the network, SeaFile, a web server using WebDAV, etc). 

 

 

 

Chilling to hear that. I dont remember reading the TOS that closely but worries me if they have an option to say use my family pics as advertisements or similar. I dont really care if they dedupe as my original copies are at home in multiple locations.

 

As chilling as this is, pretty much every consumer cloud provider does the exact same thing. 

 

They have access to your data, can give it to Alphabet Agencies (FBI, CIA, DHS, ATF, etc) without notifying you of doing so.  

 

As for deduplication, this is also normal, and happens for a very good reason.  If the same file is behing uploaded by hundreds of people, that means either you need to story this same file hundreds of time, or store a single copy that is referenced by these different accounts. 

 

This also makes finding and removing copyrighted material much easier for these companies, as well.  if the file matches a known hash, just remove it.  

 

And yes, this has actually happened to us in the past.  That's why we obfuscate even unencrypted data. 

 

 

 

If this disturbs or chills you, ... well, maybe it should.  

And that's a big part of StableBit CloudDrive's reason for being.  "Trust no one" storage and encryption.  

 

 

 

If i an encrypt the files, then i lose the ability to access them remotely. After all that is one of the reasons i keep certain files on the cloud.

 

And that's part of the trade off: the more secure something is, the harder it is to access.  

 

We do try to make it as easy as possible, but for now ...

Link to comment
Share on other sites

  • 0

Without the software? No, not at this point. 

 

However, this is a common request and something that is on our mind. 

 

The "best" solution right now, is to somehow make it available from the system hosting StableBit CloudDrive.  There are a number of solutions to do this (VPN into the network, SeaFile, a web server using WebDAV, etc). 

 

 

 

 

As chilling as this is, pretty much every consumer cloud provider does the exact same thing. 

 

They have access to your data, can give it to Alphabet Agencies (FBI, CIA, DHS, ATF, etc) without notifying you of doing so.  

 

As for deduplication, this is also normal, and happens for a very good reason.  If the same file is behing uploaded by hundreds of people, that means either you need to story this same file hundreds of time, or store a single copy that is referenced by these different accounts. 

 

This also makes finding and removing copyrighted material much easier for these companies, as well.  if the file matches a known hash, just remove it.  

 

And yes, this has actually happened to us in the past.  That's why we obfuscate even unencrypted data. 

 

 

 

If this disturbs or chills you, ... well, maybe it should.  

And that's a big part of StableBit CloudDrive's reason for being.  "Trust no one" storage and encryption.  

 

 

 

 

And that's part of the trade off: the more secure something is, the harder it is to access.  

 

We do try to make it as easy as possible, but for now ...

Thanks. Yes ease of access vs privacy. Personally the info i am putting up unecrypted is the kind that i am not too worried about copyright, agency access etc but rather that someday i dont find family pics being used for an amazon ad without my permission.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...