Loomio

How can we ensure Privacy is being protected in cloud era?

KVM
Kannan V M Public Seen by 380

While cloud being someone else's computer and we are sharing our private data with them because we need to use their cloud service?
Even though they might be using open source technologies, we will still have to trust the service provider with the data. Is there any way to avoid this dependance on trust on that provider?

  • How can we make sure our privacy is not breached because we send our data through someone else's computer?
  • Is there any standards for that?
  • How we can use encryption for that purpose?
PP

Pirate Praveen Tue 2 Jan 2018

  1. We should be in control of our infrastructure. We should be paying only for the hardware/bandwidth.
  2. We have multiple decentralized standards. matrix for chat, diaspora/mastadon for social media etc. It is a cultural challenge than a technical challenge.
  3. matrix has end to end encryption, for email use gpg.
KVM

Kannan V M Tue 2 Jan 2018

Federation is a good solution for social media, but how can we assure our data is not stolen when we can not afford our infrastructure? That is my primary question.

B

Bady Tue 2 Jan 2018

in my opinion the technical challenge is to create fast, reliable, distributed (peer-to-peer, not just decentralized) and end-to-end encrypted solutions. i agree with the cultural challenge part, but if the technical challenge is handled then the developer community can focus on making the solutions more convenient (looks, user-friendliness, etc.) which is also a very important factor when addressing the masses.

B

Bady Wed 10 Jan 2018

PP

Pirate Praveen Wed 10 Jan 2018

I agree p2p is the final goal, but decentralized systems provide a stepping stone in the short term. We can't easily jump to p2p directly from centralized services, especially in countries like ours where internet access is very costly. p2p systems will have to deal with a lot of data transfer (tox) or have to use a system like tor (briar app), which can be very slow.

PP

Pirate Praveen Tue 2 Jan 2018

The question is not about affordability at all in my opinion. Its people not realize the important of control over our data. It does not cost so much to run our own infrastructure.

KVM

Kannan V M Tue 2 Jan 2018

so there is no technical solution to the cloud problem? (one solution can be end to end encryption, but we cant always use end to end encryption too)

PP

Pirate Praveen Tue 2 Jan 2018

host your data with someone you trust, and we need more and more people to offer such services.

PS

Pavithran S Tue 2 Jan 2018

  1. Encrypt everything you transfer over someone elses computer. Just dont trust it with unencrypted traffic. All the data which you send also should be via HTTPS.

  2. Standard protocols do exist but we do need apps and mass adoption. We can obviously use webdav/caldav with nextcloud, matrix via riot, Federation via Diaspora, friendica.

  3. Email obviously via GPG but you are leaking lot of meta data via email. I would rather have two matrix instances communicating with each other via e2e.

PP

Pirate Praveen Tue 2 Jan 2018

If people realize its importance, we can easily solve the technical, useability and convenience questions by funding more people to fix it.

NE

Nandakumar Edamana Tue 2 Jan 2018

There are some cloud storage services that claim to have client-side encryption enabled. And when it comes to the basic services like Google Drive, the simplest way is to use an archive format like 7z that supports encryption (of course, we shouldn't unzip it online).