Avatar
Crusty 👨‍💻 1y ago

So interesting when you dive into a topic, and you realize it is not black and white. It is like an onion, and have layers.

I am setting up my own cloud, and dove into data-at-rest-encryption.

For an average user of a cloud, how would you approach encryption? Is my data encrypted, secret? It sounds kind of yes or no.

But this is not that easy.

You can encrypt only content, then your filenames can be readable, but not its content. Filenames can give away some information, that could help attackers to decide if it worth a try. Like passwords.txt ...

If you encrypt also the filename, your content and filename is safe, but not the metadata like file size. But you can use less characters for your filenames, because the encryption will make it longer, but still you whave to fit in 255 characters max filename length. Also in such case, you encrypt on file level, where attackers can know that there are encrypted files.

If you encrypt a whole device/partition you won't have separate files to see, until the partition is decrypted. Therefore, even file metadata is safe. In such a case, if you erase your partition properly before, from an outsider without decrypting the partition, your partition can look like only random data.

Good morning! ☕️

#nostr #grownostr #plebchain

Reply to this note

Please Login to reply.

Discussion

Avatar
Sacred Peak 1y ago

yep

depends on what you are encrypting, what the security level you need is, how fast you need to be able to access it, yadda yadda.

(and... my shameless Syncthing plug cause it avoids the cloud part entirely 😂)

good morning Crusty

Avatar
Crusty 👨‍💻 1y ago

Good morning Dale!

I guess, that is also good security measure to not use clouds at all. 🤙

How does a syncthing plug work? I know synchthing, although haven't used it so far.

Avatar
Sacred Peak 1y ago

I meant I'm shamelessly promoting it, but here's how it works essentially...

It's a multi OS daemon/service that synchronizes between devices using encrypted transmission. You can have 2 way sync or 1 way sync... there are many ways to customize it; for example I write using Obsidian which uses normal flat text files and a directory structure for everything so I sync that folder to whatever devices (grapheneos phone, Linux box, grapheneos tablet in my specific case) and then point Obsidian to that folder on each device and boom it works. As soon as I've written it's synchronized. I'm also using it for BTC Wallet backups on my phone; I'm backing up my BTC wallet, putting that in a folder that syncs and it's sent to my Linux box which has a copy and then also runs a nightly backup of its own. You can tell it not to sync on cellular and even to only sync on specific wifinif you need to. I do the same for my phone photos, and when I edit them on Linux then sync thing knows and syncs the edits back to my phone - no Appl$ or Googl$ clouds involved. 💘

PS sorry this ended up like a novel but it's a multi faceted app.

Avatar
Crusty 👨‍💻 1y ago

Cool!

I guess syncthing has a disadvantage, that you have to have storage on your phone to the files you want to read/view on it. With your own cloud, you could save space on your phone not storing everything and view them on the fly, but that then requires internet of course... so tradeoffs!

Do you prefer Obsidian over other note taking apps? If yes, why?

Avatar
Sacred Peak 1y ago

yeah, every decision has trade offs. for example my husband wanted to use proton drive as a backup for large RAW photos from a full frame camera on our latest trip but the size made proton drive encrypting each one too slow so he gave up so the answer to 'what way is best?' is 'it depends' in every case. 😂

I read an article on Obsidian a while ago when I started writing and self publishing online. as a long long time Linux user having an app that has feature parity across devices was a key point for me. as I read up more on it, I saw that it could do much more than just notes I not use a plugin for saving online articles (it can often grab article text from behind paywals as an added bonus shhh). I use it for to dos as well. you can structure your notes and file history as you like. it'll even do a graph that shows how all your connected notes relate to each other. Obsidian uses plain text files and folders, which in my mind is ideal... no weird file formats so if Obsidian dies I still have all my notes. It has a leaning curve but it's worth it.

https://obsidian.rocks/getting-started-with-obsidian-a-beginners-guide/

Avatar
Crusty 👨‍💻 1y ago

True! But I guess, it is the best if you can try different solutions to see which solves your problem the best. Also what I think, it is the best, if you try to understand what you really want, because maybe you don't even need an overblown solution. Somehow I prefer simple solutions over complicated ones if possible. But this really requires you to understand the problem, the available solutions, so you can select the simplest most suiting one.

Obsidian has a learning curve as vi/vim? 😂

Thanks for the link, nice article. I think I will try Obsidian. I couldn't find so far the best note taking tool for myself. Maybe this will be it. Note taking is really powerful.

Avatar
Sacred Peak 1y ago

yeah. there's no real "best" anything (and I dislike the wall of those posts in search results) because it's situational including the needs of the person and all that.

I loved learning Obsidian and I hope you will too.