Privacy & Cloud Storage

@Charcol0x89

What is the cloud?

Advantages

  • Restore phone contacts & settings
  • Sync calendar between devices
  • Share photographs with family
  • Accessing a document from multiple locations
  • many more...

Risks

Trusting another company with your personal info

  • That they won't do anything with it
  • That they don't give/sell it to other organisations           (incl backdoors)
  • That they secure the information from malicious individuals (identity theft, stalkers & abusers, leaking financial info & nude photographs)

 

Just because a company is large, doesn't make it immune to data breaches

So what can we do?

1. Encrypt files before uploading

  • Cryptomator (https://cryptomator.org/)

Client-side AES encryption for files kept in the cloud

  • CryFS (https://www.cryfs.org/)

Not only file contents, but sizes, metadata and directory structure are kept confidential

 

Both are open source and work alongside Dropbox, iCloud etc.

 

2. Move to an encrypted cloud provider

  • Seafile - $10/mo for 100GB, hosted in Germany and the US
  • Least Authority S4 - $25/mo for unlimited storage, US
  • SpiderOak - $12/mo for 1TB, Closed source, although they say they have no knowledge of your data.  Snowden has recommended SpiderOak over Dropbox in an interview.
  • Owncloud - Similar to Dropbox but with lots of plugins
  • Nextcloud - Recent fork of the owncloud project

3. Set up a hosted cloud server 

Advantages:

  • More control over what hardware it's on
  • You choose the infra provider, location​
  • Less of a target
  • Seafile
  • Owncloud
  • Pydio
  • Tahoe-LAFS - decentralised

4. Set up a cloud storage server on your own hardware (ultimate tin foil hat mode)

Advantages:

  • Total control​

Disadvantages:

  • Total control
  • Have to deal with backups, bandwidth, uptime, power usage, maintenance and many other things

Seafile demo

Workshop time!

https://whatnobob.dev.blackhats.net.au/index.php/Seafile_Workshop

Shout out if you need help

Slides:
http://slides.com/charcol/cloudstorage

Privacy & Cloud Storage

By Charelle Collett

Privacy & Cloud Storage

For the Brisbane Internet Safety meetup, 7/7/16

  • 228
Loading comments...

More from Charelle Collett