this post was submitted on 15 Feb 2024
394 points (97.8% liked)

Technology

59374 readers
3671 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

Proton's mission, funding sources, independence, and community are some of the reasons we're more resilient than other privacy-first companies.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 9 points 9 months ago (6 children)

I’ve keep seeing amazing things regarding proton in recent years, I think I’m overdue for a switch

[–] [email protected] 6 points 9 months ago (5 children)

I did the switch. Even if there's no PPP pricing for my region it's quite alright. I'm planning to migrate my whole family to Proton in the near future. We already have our chats with Signal and one other last thing is for media backup. We're still using a combination of Google Photos and OneDrive to save our photos. Are there any good privacy oriented data storage solutions? I'm also saving up money to spin up my own self-hosted solution.

[–] [email protected] 6 points 9 months ago (1 children)

If you're planning to subscribe to Proton Unlimited or Proton Family regardless, you might as well try Proton Drive. They try to be fairly privacy focused similar to Proton's other products.

Mega has a similar privacy-oriented design. Such that the server side shouldn't have direct access to your unencrypted file data or its decryption keys.

Still, any web-based service necessitates trusting the JavaScript you receive not to leak out your password or keys. Both Proton and Mega have a good track record so far in that regard, but the best practice for privacy with raw data storage is to encrypt your own data with local tools and treat any remote server as untrusted.

[–] [email protected] 1 points 9 months ago* (last edited 9 months ago)

I could imagine a tool that makes cloud storage act like a remote hard drive, with sectors and everything. Where these "sectors" are just small binary files.

You have software locally that is setup to track local files and calculate how they are mapped to the remote sectors. When a file gets updated, or new ones are added, it shuffles things around in an efficient manner to keep the number of remote updates to a minimum, and then it only updates or adds the required sector files. This way a tiny edit to a 4 GB local file would only require a tiny upload to the server instead of resending a new encrypted copy of the entire 4 GB file.

Not only are the little sector files all encrypted with a private key known only to you, the file structure in this system doesn't even make any sense to anyone but you.

However, if you lose you home PC and the file structure DB, the cloud copy becomes absolutely useless. Even if you had a backup of the private key.

Something like this surely already exists. Maybe there are even cloud storage providers who offer hard-drive like access to a block of data instead of being file-based.

EDIT: Turns out that's what Proton Drive does. Kind of.

End-to-end encryption for large files

Proton Drive's unique technology enables high-performance, client-side end-to-end encryption with large files by splitting large files into 4 MB chunks. Each chunk is signed with a hash to prevent removal or reordering. When you open or download a file, our file transfer and decryption algorithms ensure your data is rebuilt quickly in the correct order.

They say it's client side, but the hashes that control the ordering must be stored on the server or else you couldn't easily download the file on a other device. And I wonder if it's still efficient if you make an exit in the middle of the file. Does it need to send the full 4GB all over again? Even having to send 2 GB all over again would be a lot.

load more comments (3 replies)
load more comments (3 replies)