Log in

No account? Create an account
More thoughts about the security of remote data storage and Dropbox - Her Most Regal Majesty, the Queen of Snark
void where prohibited, except by law
More thoughts about the security of remote data storage and Dropbox
Some people have suggested that there is a danger in using online file backup in that when the files are not on hardware owned by you there is a possibility of unauthorised access by the state in which they are located.  It's a valid concern, but I think there's a way round it.  In your online storage, you store nothing but a Truecrypt volume.  Even if your password to access the remote storage is compromised, this will not afford access to your files, since the Truecrypt volume itself is only ever decrypted locally on a machine owned by you.  This effectively removes the problem of reliance on someone else's security boundary.

It does not remove the problem of someone serving a court order on you to hand over your decryption keys under the Regulation of Investigatory Powers Act 2000, but this is a problem with files stored on your local hard drive too.  Truecrypt provides a partial solution to this in that it allows you to create a dummy container in the same encrypted volume that you can surrender the key to without revealing the existence of the encrypted data hidden by the real key.  So it should be possible for even an extremely cautious person to use a remote file storage service without fear that their data will be accessible to others.  (Obviously such a person would want to set their Truecrypt volume to use all of the most paranoid, inconvenient, security conscious measures too.)

It does not, of course, answer the criticism that the very act of providing an additional attack vector marginally decreases your security, or protect against someone tricking your decryption key out of you, either technologically via keylogger etc, or via a social attack vector.  (This being the reason that those with extreme security conscious needs do not connect computers containing secure data to any sort of network.)

Also, I have discovered that if you make a junction to a folder in Dropbox, then it will not notice changes in that folder unless you restart it. This appears to work the same for windows directory symlinks (it's not entirely clear to me how these differ from junctions, except perhaps in POSIX compliance and slightly wider applicability). The correct procedure for ensuring a folder outside your dropbox folder is backed up is thus:
  1. Close any open programs that might be using the folder in question.
  2. Move the directory into an appropriate place in your Dropbox folder.
  3. Create a junction which the same name as the folder in the original directory and link it back to the folder in the dropbox folder.
This is slightly less convenient than just making a junction into the dropbox folder, but I assume there are technical reasons why syncing gets confused if you do it the easy way.
6 comments or Leave a comment
(Deleted comment)
sesquipedality From: sesquipedality Date: January 23rd, 2011 12:44 pm (UTC) (Link)
Sorry. could you unpack that a bit? I'm not sure what you mean by that.
(Deleted comment)
sesquipedality From: sesquipedality Date: January 23rd, 2011 04:57 pm (UTC) (Link)
I wasn't actually aware of that practice. We don't really do any international law. I agree that it could be worrying, but possibly unavoidable in the modern world. I think the British courts would be likely to take a dim view of an attempt to extradite someone on the basis of where they keep their data, though.
the_magician From: the_magician Date: January 22nd, 2011 10:49 pm (UTC) (Link)
Of course you're relying on TrueCrypt not being an original product of the NSA, or similar, with a known weakness in the algorithm that they already have a crack for.
sesquipedality From: sesquipedality Date: January 23rd, 2011 12:49 pm (UTC) (Link)
Well, that's the advantage of going open source. That sort of thing is more likely to be spotted. Truecrypt also allows you to chain up to three different cyphers in case there's a weakness in one of the three it supports (AES, Twofish, something Ross Anderson did). This scenario is possible - it's just wildly unlikely.

Interestingly a couple of weeks back, someone alleged that they had been paid by the US government to do something akin to this to OpenBSD. A thorough code audit failed to reveal any backdoor.

Edited at 2011-01-23 12:50 pm (UTC)
the_magician From: the_magician Date: January 23rd, 2011 01:25 pm (UTC) (Link)
True, but just because there isn't a backdoor, doesn't mean there isn't an exploitable weakness in at least one of the encryption methods supported.

January last year a team of researchers broke 768-bit RSA encryption, and I'm sure that the NSA etc. have much more powerful machines available to them :-)

But I just assume that if the government really wanted to see what I had, they'd bug/trojan my PC and pick up the password when I typed it in locally ... grin, have you checked the firmware in your SATA drive controller to make sure it's not writing stuff to "bad" sectors, like a keylog? ;-)

But I agree, if it is something sensitive you don't want others to see, then leaving it unencrypted in Dropbox is probably not the safest thing ... does Dropbox use any kind of VPN/SSL or similar for file transfer or are the packets sent "in the clear" over the Internet?

sesquipedality From: sesquipedality Date: January 23rd, 2011 02:35 pm (UTC) (Link)

So broadly, yes, Dropbox does not transmit or store data in the clear.

Given this, I'm a little confused as to how their sharing system works.
6 comments or Leave a comment