CLOUD drive for farming?


#21

Yes, or other similar, or say an ASUS computer stick (VivoStick PC) which looks like an oversized USB memory stick that is actually a full computer.

A review of the old version


#22

SafeNet will be using UTP which is designed to have a lower priority than TCP (the usual traffic).


#23

https://tahoe-lafs.org/hacktahoelafs/drew_perttula.html


#24

Yes, but I think it is fair to say that the concern is for new files and not existing ones. So the opportunity to look for that by encrypting files into a library of known chunk hashes is less of an issue.

Also the self encrypted chunk is then sent encrypted by the protocol. So a man in the middle will just see encrypted data (which is the chunk encrypted during transmission). A node in the hops maybe able to compare the chunk with a library of hashes of chunk but the sender is scrubbed by the relay node. So the watcher has to be the relay node, but then the chunk is still encrypted during transmission across the relay node as a method to prevent relay nodes from watching.


#25

yeah, but we need to educate the users properly by saying that it’s not a full-fledged encryption and that they need to encrypt private files by themself (or an app using a random encryption key) if they want to be safe.

just saying “self encryption is good enough” isn’t right, it’s leads to users trusting a “broken” encryption causing a false sense of security. I would rather don’t even mention self-encryption and handle it as a “basic level obfuscation technic” it’s good enough for cat images but nothing really private.


#26

Thanks for that info.
I’ll try to see into (or start) another topic concerning encryption in order to keep this thread on topic.

ok, but that has to be plugged into a screen.
So I guess I won’t be able to run something like an array of PC sticks on a USB hub plugged into the host computer each running its own vault right ? I guess they’re all ought to run an OS simultaneously, which is impossible.
But would it be possible to run multiple vaults in a XEN hyperviser OS, such as Qube OS?


#27

WHY.

No one can see what you sent. At no time is the chunk either associated with them or the chunk unencrypted.

you —> self encrypt --> encrypted with 1st hop’s key --> sent to relay node --> sent to 1st hop --> chunk encrypted with hop 2 --> sent … --> send to hop N --> chunk stored.

The relay node is the only node that knows the chunk is from you, but its encrypted with hop 1 keys and thus cannot see it. The relay node strips your details and passes it onto the 1st hop node. The 1st hop node only knows that it needs to send the chunk further so it passes it to 2nd hop node and so forth.

Tell me where anyone can know what you sent. The relay nodes does not know the hash and the hop nodes do not know the sender.

And retrieving nodes is just the reverse.


#28

Only plugged into screen when you want to set it up or change things. Otherwise the node s/w is auto start when it boots.

You can run multiple vaults on the one PC without any virtual machine software (hypervisor or virtual box, vmware etc)


#29

So every hop (beside the first one) can read the file how do you think that’s not an issue? What’s about local caches on temporary devices? Or other future use cases we haven’t thought of?


#30

(one of the hop nodes) Wow, I saw a chunk and looked up my hashes and saw its part of a file I know about. But wait who sent it, where in the blinking world was the computer that sent it. Damn I know that a file is being stored but I knew about the file anyhow, what did it gain me. The only knowledge gained is that someone in the world’s 2 or 3 billion internet users stored the file.

local caches. No other node knows about what is on your computer unless you tell them. If you mean that computer is raided then its nothing to do with SAFE, you must have had the file in order to store it on SAFE so you are responsible for any copies you leave on your computer.

Maybe ESP or remote viewing? Or hacked computer? Really we have to work with the known knowns or the known unknowns. Trying to work with unknown unknowns is like ESP or remote viewing. Your guess is as good as anyone else’s.


#31

Even more alarming than the confirmation attack is the “learn the remaining information attack” described by Drew Perttula in 2008.[9] This type of attack applies to the encryption of files that are only slight variations of a public document. For example, if the defender encrypts a bank form including a ten digit bank account number, an attacker that is aware of generic bank form format may extract defender’s bank account number by producing bank forms for all possible bank account numbers, encrypt them and then by comparing those encryptions with defender’s encrypted file deduce the bank account number.

I meant a public pc or your smartphone being scanned on an airport or …

That’s why we should rely on proven technic, not on an already known to be broken right now and definitely not promoting it as a “guaranteed safe solution”.


#32

Step 1 of the self encryption crate compresses the data then chunks it up.


#33

Why do you think self encryption is ‘known to be broken’?


#34

So WHY should safe help with that. SAFE is a network protocol, not a hide my shit on my PC system. Get Avast or similar to wipe your drive

SAFE is NOT gonna to help you there if you don’t wipe your private stuff off your disk first. It is not a personal storage encryption system. It is a network storage system and can help you to store your files securely on the network and then your only requirement is to wipe the files off your own PC/phone.

You have not shown where safe is broken for what it is designed to do. Again get avast or similar to clean up your own pc

Where is it broken, you still have not shown where it is broken for what it is designed to do.

Oh I see, you saw the word “SAFE” and thought it made your PC safe from prying eyes. Gonna put the anti virus people out of business. Gonna put the disk wiping people out of business, is it gonna make your laptop battery never go flat. Sorry that battery one was uncalled for. But It does seem you think SAFE is meant to do a lot more than it claims to be. Get the claims right and then your perception of SAFE might be better.


#35

BUT ONLY if you know the person who submitted the form is that of use. SAFE does not allow anyone to know this and seems you missed that point many times. So knowing that the form exists is of little benefit.

Or are you saying that you take everyones name in the world/country and then create 9,999,999,999 hashes for each and every one of all the names possible?

Yes if you can do that then its (thought experiment) possible to create a table of 10^14 or 10^15 hashes to hopefully watch a chunk pass through your node (1 in 10,000 chance) and see it. And you need the name in order to identify the person whose number it belongs to in order to subvert/obtain a random persons private info. And it helps to understand the attacks first and the applicability of it to OTHER circumstances.

  • First you need to know the person or use every possible full name of people
  • Second you need to know the form they are likely to submit
  • Third you need to know the format they use when storing the form (maybe zipped with other doco)
  • Forth you need to be one of the 10 to 20 nodes that the chunk passes through to the vault or be the vault its is stored on. Wow this is easy isn’t it (not)

As to GUARANTEE that is never stated in any of the specifications since no product can make your data safe no matter what. And SAFE does not claim to guarantee to make your data 100.00000000000000% safe

  • your computer could be hacked and everything recorded
  • The cops (in NSW they DO) set up spy cameras in houses through unattended secret house entry warrants.
  • The cops enter your house (warrant) while you are sending the file and copy your RAM, DISK etc
  • that 1 in 10^18 (million million million) change of getting that document with hash lookup table that is 10^15 (1000 million million) hashes
  • guess a few more

To say that is a nigh on totally impossible thing to do is an understatement.

It would be cheaper to raid every computer in the target area.

THEN of course official documents can be changed from your hashes by simply storing the document in a different format. or adding a null to the start of the file.