Store data in a Chinese cloud?
<falls off chair laughing>
Given the recent revelations about mass data slurping by the NSA, we were relieved to hear that a Chinese company has begun offering a whopping 10TB of free hosting to privacy-conscious punters. After Chinese rivals Baidu and Qihoo 360 served up a terabyte of free cloud storage to punters, rival Tencent this week floated a …
Your personal papers... perhaps not.
Your media horde? Sure.
The real problem is getting it there.
I have been having that very problem for the last few days. Decided to recently beef up my usage of cloud storage. It's been synching for days now. Dunno when it will all finally make it there and i's a relative pittance compared to 10TB.
Don't even want to think about how long it would take to push my big data into the cloud...
This post has been deleted by its author
Chinese or not, it doesn't matter if your data is encrypted. I use encfs for my data stored in the cloud, but it probably won't work with Weiyun - there's just a Windows application and a crappy, non-standard API for accessing the files. So unless some helpless nerd creates a FUSE driver, no 10T for me.
Actually no.
Annex M allows up to around 2.5 meg
432k is a BT imposed limit on some grades of service unless you had the max option when you got 832k
1.3 meg is the standard on adsl2+ as delivered by BT etc
Providers like plus net still cripple you to 432 unless you specifically ask and so on.
Annex M though is certainly not what you describe.
Any data storage scheme that I will use for my customers' data, let alone my own, will have to be set up and handled by myself. Because I quite simply trust nobody any longer, and that goes back way before the NSA scandal. If I can't see *all* the possible settings, i.e., have root-level access to the storage medium, I won't let my customers use it unless they really, really insist after several rounds of warnings.
Back to the topic. After having had one customer complain that parts of his work had been patented in the US by a different company not known for expertise in the same area roundabout the time patent applications were being filed in Europe by said customer, I decided to add a disclaimer to my contract: I won't be held responsible for customer stupidity. Now, putting business data of any kind on a Chinese-run cloud, that is customer stupidity. Same level as an U.S.-run cloud service, really.
I have started to ask around for the possibility of having a storage server placed in Sealand...
I downloaded the apk out of curiosity. Requested permissions include network and GPS location, identifying other running apps, changing connectivity, connecting and disconnecting WiFi, changing WiFi settings, full network access and sticky broadcasts.
Good thing there's no attack surface for 0-days.
The human genome can feasibly be stored in as little as 1.5GB of data. Given that the person-to-person DNA variance is about 0.1 percent, then, the unique Steve Ballmer can be represented by around 1.53600 megabytes. Therefore, the Tencent cloud could store an impressive 6,708, 739 copies of Ballmer's DNA profile.
All of which relies on the assumption that Ballmer is entirely human.
If you don't want free stuff don't use it, simple as. Ten TB is a lot of space for all that junk data that you don't want to delete but also don't want clogging up your own spindles, just make sure you run it through some fairly hefty encryption. If the PRC want to brute force your 2048 bit encryption keys just to see your archive of holiday snaps then let them. Meanwhile if the data has any commercial value you will have it stored locally somewhere that has good information security and physical security principles applied.
Everything that is free tends to have hidden costs.
Deliberately surrendering control over one's data to a service hosted in a foreign country, whose government is one of the most powerful on the planed, and has ambitions (easily realised) of expanding that power, when the service in question is moreover provided free of charge, with an almost incredible enticement to use it (virtually limitless storage), is really folly. Relying on encryption when a Trojan or whatever it is called might be used to considerably shorten the odds on discovering the key used is not a reliable defence.
Once the data is in place, under the jurisdiction of the Chinese government should they choose to avail themselves of it, then given the lack of any enforceable contractual confidentiality terms on account of the lack of consideration for the provision of the service (not that such [Western] capitalist concepts would impede the Chinese authorities), what is to stop them from helping themselves?
For example: the idea would not be to look at everybody's holiday snaps. But once one of the users of the free cloud service was identified as being in a key position and/or having access to sensitive information, a government service might focus on that person and use all means at their disposal to get to their data. As such, the offer of 10 Terabytes of storage could be seen as a fishing exercise, designed to attract as many people as possible, especially young and careless ones, who one day might come to have responsible jobs and whose past indiscretions may be stored in archives in China, ready to be used as a bargaining chip to secure a "more cooperative attitude".
Of course all this may be wrong and Ten Cents may merely be engaging in a huge exercise in philanthropy towards the population of Earth. Why not? Anything is possible.
Create dozens and dozens of interestingly named files, encrypt them 100 times with a variety of strong encryption algorithms and extreme passwords, stuff them all into a 100GB TrueCrypt file, protected with some binary data keys, wrap it all into a few layers of weak encryption (like DES) - just for fun.
Then Bzip2 it into a file called "unreleased_tiananmen_video_and_government_wires.bz2" or "more_nsa_data.bz2", and let them have @ it.
The other hidden gotcha with these services is the maximum file size - last time I tried Microsoft's Sky Drive it was 100 MB for them.
This pretty much stuffs storage of HD movies, large database backups and large encrypted containers (i.e. pretty much the only things that would potentially soak up terabytes of space) - unless you fancy splitting them before uploading.
I would hate to be an new author trying to research and write about the kind of subject matter Tom Clancy writes and researches about or a Hollywood writer researching for the next 007 script. Then have a USA Gov. agency decide you're a terrorist for looking and storing that kind of information in someone's cloud the NSA is gobbling up. You might get a knock on the door from the Gov. or worse. At least with the Chinese cloud the worst you can expect to happen is that your account gets closed or edited if anything stored there is found to be undesirable.
Several comments have suggested that we should use this service to upload tons of encrypted junk in order to waste their space and processing time. I suggest that is exactly what they WANT you to do, because tons of encrypted data coming from western countries will neatly mask any encrypted data being sent back by Chinese spies.
Has anyone managed to sign up for this yet?
I made an account, but when I try to get the free storage I get this:
Does not meet all the conditions for obtaining
Conditions for obtaining:
1 Log micro cloud phone 1.6 version
2 registered handsets are not involved in this activity
3 your QQ number is not involved in this activity
* If you are already logged in before the start of Mobile try to log in again after logging out
It would suggest they want me to install something on either an Android or iOS device.
Even if I had either of those, they can sod right off!