Encrypting seed drives for offsite storage with same privately issued keys

boxlite

Junior Member
Oct 8, 2017
2
0
1
In conversation with several online cloud data backup services for both consumers and commercial operations, I kept coming across the same problem that their software was not open source, so how to trust? As in most cases it’s best to never trust the provider, but the software encryption! Services then which allow the generated keys to be in the possession of the user, and only the user, seem like the best way forwards.

But then the second issue: upstream speed. My theory then was that if open crypto-algorithms likes AES were relied upon by the company, then surely a Seed Drive could be encrypted before hand with the same keys and mailed in safely?

The solution time and time again rubbished the idea of a Seed Drive (storage mediums pre-populated with data and sent through traditional post to the storage provider for the sakes of speed) due to technical issues:

• Extra manual work requirements

• The Seed Drive(s) require software changes

• New security protocols needed for how staff interact with Seed Drives

• Increased complexity to add Seed Drive data into existing storage infrastructure


As if my suspicions were not raised enough already, why then does every avenue to true anonymity keep being blocked off?
(don’t get me started on crypto-payments)


My question is what are the steps needed to provide such a service?
 

boxlite

Junior Member
Oct 8, 2017
2
0
1
The best I could find was open source encryption software called "borgBackup" and online storage solution rsync [dot] net, which seems to be what I want, and for a better price than SpiderOak.
 

Elixer

Lifer
May 7, 2002
10,371
762
126
You don't need to trust them for encryption, you could just encrypt it yourself, and then have their software just upload that.
 

John Connor

Lifer
Nov 30, 2012
22,757
618
121
You don't need to trust them for encryption, you could just encrypt it yourself, and then have their software just upload that.


That's what I do. Open source or not, it's still someone else's computer. When I upload website backups to the cloud I encrypt the whole thing in a SFX AES encrypted archive prior to uploading. I really don't care about Boxcryptor or anyone else's schemes.