Is convergent encryption used by Bitcasa safe?
-
If some authority wanted to find out all illegal copies of some digital content stored in Bitcasa and their uploaders, would the encryption in place prevent them?
-
Answer:
Please note that I don't work at Bitcasa, my answer is based only on my IT knowledge. First of all, by "content" we mean "a particular sequence of bytes", i.e. "digital data". So differently encoded/compressed copies of the same movie or song or software will be different "content". So I will say "data" instead of "content" for clarity. Is it possible to find out whether some data is already stored in Bitcasa? Just try to upload the data to Bitcasa and notice how much data is sent out from your computer. If it's significantly less than the size of your data (the data might also be internally compressed by Bitcasa, you should consider this, too), then you can assume that the data was already somewhere in the Bitcasa cloud. However, if the amount of data sent from your computer is about the same as the size of your data, it doesn't prove that the data wasn't in the cloud. It might be in another datacenter, for example. Is it possible to find out who also has your data? You can't know this without breaking into the datacenters, obviously. But even if you do, it's not so easy. As far as I understand, Bitcasa stores encrypted chunks of data which can be found by their hashes, and then stores a list of chunk hashes which builds up a file. The file metadata (i.e. the list of hashes) is by itself encrypted with user's key. Bitcasa claims that the user's key never reaches datacenters in plaintext, which means that the file metadata is decrypted on the client side. So, if you are sitting at the datacenter, you can't immediately know which chunks of data belong to which users. Instead, you'll have to monitor which users request chunks which store your precious data. And if these chunks are never requested, you are out of luck. But... Yes, you have the last resort: force Bitcasa to insert a backdoor into the client software which will... do whatever you want, actually. But that's possible with any cloud storage provider. But!... If you are paranoid, please apply additional client side encryption before storing any data in the cloud. This sacrifices convenience, of course.
Vadim Ippolitov at Quora Visit the source
Related Q & A:
- How to Code Encryption Algorithm in Java?Best solution by code2learn.com
- What's encryption?Best solution by en.wikipedia.org
- Is it safe to buy a used LCD or Plasma HDTV?Best solution by Yahoo! Answers
- Is it safe to buy used pc games off amazon?Best solution by Yahoo! Answers
- What is a convergent sequence and a divergent sequence?Best solution by vitutor.com
Just Added Q & A:
- How many active mobile subscribers are there in China?Best solution by Quora
- How to find the right vacation?Best solution by bookit.com
- How To Make Your Own Primer?Best solution by thekrazycouponlady.com
- How do you get the domain & range?Best solution by ChaCha
- How do you open pop up blockers?Best solution by Yahoo! Answers
For every problem there is a solution! Proved by Solucija.
-
Got an issue and looking for advice?
-
Ask Solucija to search every corner of the Web for help.
-
Get workable solutions and helpful tips in a moment.
Just ask Solucija about an issue you face and immediately get a list of ready solutions, answers and tips from other Internet users. We always provide the most suitable and complete answer to your question at the top, along with a few good alternatives below.