Re: [OpenAFS] Linux OpenAFS EncFS?
On Mon, Feb 17, 2014 at 04:07:08PM -0800, Russ Allbery wrote: Jeffrey Hutzelman jh...@cmu.edu writes: On Mon, 2014-02-17 at 13:11 -0600, Troy Benjegerdes wrote: So $10k for design, and $100k for implementation sufficient to protect a small business's data worth between $250k, and $1M. No, that's not what Jeff said. What he said was that doing the design and analysis work required to come up with an estimate could cost $10k. I happen to think that's a bit high, but then, I'm not volunteering to do it. Generating these sorts of numbers are all about what assumptions you want to make, but if you assume 50% overhead from whatever organization has to do the work to write the contract, deal with all the legal issues, route the money to people, maintain office space or benefits or whatnot, and so forth, and then figure you want three people thinking hard about this and those people make around $75 an hour, $10K pays for about 20 hours for each of those three people. That's not out of the realm of possibility. We've collectively spent far more than that on the rxgk specification, although I suspect much of that time was uncompensated or written off as some variety of overhead by a lot of different institutions. I remember hearing lots of arguments that getting rid of DES keys would take tens or hundreds of thousands of dollars, and that 'developers need to eat' etc etc. Then one day an exploit was announced, and all of a sudden we got http://www.openafs.org/pages/security/how-to-rekey.txt I need to eat too, but I'd rather focus on marketing and identifying who exactly the customer base is that's going to pay for AFS file encryption, and IPv6, and disconnected operation, and give them a free teaser of working code than whining about how it's how hard to get the current customers to buy stuff. Who's the new customer base? How do we educate all the new bitcoin-based businesses on the benefits of AFS for running a production grade distributed filesystem to support cryptocurrency trading? These guys literally make money and if you can take payment in the money they make, you can cut half the overhead costs out. Troy Benjegerdes 'da hozer' ho...@hozed.org 7 elements earth::water::air::fire::mind::spirit::soulgrid.coop Never pick a fight with someone who buys ink by the barrel, nor try buy a hacker who makes money by the megahash ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Linux OpenAFS EncFS?
On Thu, 2014-02-20 at 13:14 -0600, Troy Benjegerdes wrote: I remember hearing lots of arguments that getting rid of DES keys would take tens or hundreds of thousands of dollars, and that 'developers need to eat' etc etc. Then one day an exploit was announced, and all of a sudden we got http://www.openafs.org/pages/security/how-to-rekey.txt This did not get rid of DES keys except in some limited contexts; the cache manager still uses a DES session key, and fixing this still requires money. (Which YFS has invested for its product, and MIT is funding for OpenAFS --- but the latter gets us exactly one person working on it.) Yes, I know you're living in a very different world. Problem there is that nobody else using AFS is living in that world or able to live in that world. Must be nice. -- brandon s allbery kf8nh sine nomine associates allber...@gmail.com ballb...@sinenomine.net unix, openafs, kerberos, infrastructure, xmonadhttp://sinenomine.net
Re: [OpenAFS] Linux OpenAFS EncFS?
Troy Benjegerdes ho...@hozed.org writes: I remember hearing lots of arguments that getting rid of DES keys would take tens or hundreds of thousands of dollars, and that 'developers need to eat' etc etc. Then one day an exploit was announced, and all of a sudden we got http://www.openafs.org/pages/security/how-to-rekey.txt Which took at least tens of thousands of dollars, and I'm fairly certain took hundreds of thousands of dollars. You just didn't see a bill because the cost was absorbed by several institutions who paid staff to work on this, and other people volunteered their time. -- Russ Allbery (ea...@eyrie.org) http://www.eyrie.org/~eagle/ ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Linux OpenAFS EncFS?
On Mon, Feb 17, 2014 at 10:21:40PM +0200, Jukka Tuominen wrote: Personally, I feel a bit bad that a great system like OpenAFS needs to be stitched with a separate VPN and file encryption software, when it could be all built-in. Combining tools doing their jobs well is not a bad strategy. Using EncFS with OpenAFS as the backend sounds interesting. Alas, it seems a bit stale. Stephan I'm all for combining the best efforts of various projects (see my own bigger-than-life project at www.liitin.org), I just don't think the outcome is very secure if its up to each individual to stitch up all the components together themselves. I mean, everything necessary is out there right now, but somehow organisations and homes are just worthless :) Br, jukka A relevant article: http://www.alternet.org/corporate-accountability-and-workplace/8-ways-corporate-greed-perverting-idea-sharing-economy Can I apt-get install Liitin? This sounds like a very compelling pre-installed software option for my bigger-than-life project for open-source hardware: http://q3u.be/ -- Troy Benjegerdes 'da hozer' ho...@hozed.org 7 elements earth::water::air::fire::mind::spirit::soulgrid.coop Never pick a fight with someone who buys ink by the barrel, nor try buy a hacker who makes money by the megahash ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Linux OpenAFS EncFS?
On Thu, Feb 20, 2014 at 11:27:07AM -0800, Russ Allbery wrote: Troy Benjegerdes ho...@hozed.org writes: I remember hearing lots of arguments that getting rid of DES keys would take tens or hundreds of thousands of dollars, and that 'developers need to eat' etc etc. Then one day an exploit was announced, and all of a sudden we got http://www.openafs.org/pages/security/how-to-rekey.txt Which took at least tens of thousands of dollars, and I'm fairly certain took hundreds of thousands of dollars. You just didn't see a bill because the cost was absorbed by several institutions who paid staff to work on this, and other people volunteered their time. I've seen plenty of bills where I spent my time working on afs instead of more marketable or VC-friendly consulting work. Maybe we are not thinking about this in the right frame. There are billions of dollars worth of cryptographic currencies that did not exist when we started arguing about needing to replace DES keys, and if I had left my graphics card mining bitcoin instead of shutting it off because it was too noisy, I'd be hiring someone to do this. Here's a thought experiment: Can we make a cryptographic currency (afscoin?) in which say 5%, 10% or whatever of the coin is 'premined' and to be handed out by an appropriate foundation on delivery of working code? -- Troy Benjegerdes 'da hozer' ho...@hozed.org 7 elements earth::water::air::fire::mind::spirit::soulgrid.coop Never pick a fight with someone who buys ink by the barrel, nor try buy a hacker who makes money by the megahash ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Linux OpenAFS EncFS?
On 2/20/2014 2:14 PM, Troy Benjegerdes wrote: On Mon, Feb 17, 2014 at 04:07:08PM -0800, Russ Allbery wrote: That's not out of the realm of possibility. We've collectively spent far more than that on the rxgk specification, although I suspect much of that time was uncompensated or written off as some variety of overhead by a lot of different institutions. I remember hearing lots of arguments that getting rid of DES keys would take tens or hundreds of thousands of dollars, and that 'developers need to eat' etc etc. Then one day an exploit was announced, and all of a sudden we got http://www.openafs.org/pages/security/how-to-rekey.txt There is a clearly a disconnect with how things work. A security issue is discovered. We don't announce it to the world until some manner of addressing it is in place. In this case close to nine months passed between notification of the vulnerability and the workaround was completed. Only then was a CVE filed, distributions notified, and finally a release issued. It is certainly true that once there was an exploitable vulnerability many individuals and their organizations prioritized getting a workaround in place when they would not have done so otherwise. That is the nature of security exploits or data corruption issues; they change the priority of the work. Often to the detriment of those doing the work because no one gets compensated for working on something you can't tell anyone about. Beyond that. When I and most others discuss getting rid of DES keys, we are not simply talking about the ability to configure your KDC to stop issuing DES keys as part of the afs service ticket. I am referring to halting the use of 56-bit keys for wire encryption. The workarounds for OPENAFS-SA-2013-003 do nothing to replace the 56-bit keys used by fcrypt for wire privacy and data integrity. I need to eat too, but I'd rather focus on marketing and identifying who exactly the customer base is that's going to pay for AFS file encryption, and IPv6, and disconnected operation, and give them a free teaser of working code than whining about how it's how hard to get the current customers to buy stuff. You can't market something you don't have. Open source is not a free teaser. The Elders and Gatekeepers spent the better part of 2004 to 2007 trying to obtain funding for a road map better known as the wish list. The response from the community in no uncertain terms was we cannot provide funding when there is no guarantee it will be completed. The response from large commercial operating system vendors that wanted to use the technology was that OpenAFS is too far from a first class file system to be given to end users as an alternative. The response from potential large new deployments was that there are too many performance warts; too many use cases that must be avoided; the security is too weak; the application compatibility is incomplete; and it is not used by enough other organizations. We all knew that; hence the existence of the unfunded wish list. I and others placed a bet that if we could build the product that we believe AFS should be that organizations would pay for it and we could recoup the development costs that way. We shall see if we were correct in the coming months. Jeffrey Altman smime.p7s Description: S/MIME Cryptographic Signature
Re: [OpenAFS] Linux OpenAFS EncFS?
Troy Benjegerdes ho...@hozed.org writes: Maybe we are not thinking about this in the right frame. There are billions of dollars worth of cryptographic currencies that did not exist when we started arguing about needing to replace DES keys, and if I had left my graphics card mining bitcoin instead of shutting it off because it was too noisy, I'd be hiring someone to do this. Here's a thought experiment: Can we make a cryptographic currency (afscoin?) in which say 5%, 10% or whatever of the coin is 'premined' and to be handed out by an appropriate foundation on delivery of working code? This idea has a lot of promise, but wouldn't an even better idea be to fund the project with gold acquired from the greys that you're in contact with? They can bring new resources from outside the solar system, which avoids a closed economic model. -- Russ Allbery (ea...@eyrie.org) http://www.eyrie.org/~eagle/ ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Linux OpenAFS EncFS?
On Thu, Feb 20, 2014 at 12:37:19PM -0800, Russ Allbery wrote: Troy Benjegerdes ho...@hozed.org writes: Maybe we are not thinking about this in the right frame. There are billions of dollars worth of cryptographic currencies that did not exist when we started arguing about needing to replace DES keys, and if I had left my graphics card mining bitcoin instead of shutting it off because it was too noisy, I'd be hiring someone to do this. Here's a thought experiment: Can we make a cryptographic currency (afscoin?) in which say 5%, 10% or whatever of the coin is 'premined' and to be handed out by an appropriate foundation on delivery of working code? This idea has a lot of promise, but wouldn't an even better idea be to fund the project with gold acquired from the greys that you're in contact with? They can bring new resources from outside the solar system, which avoids a closed economic model. Maybe you know something I don't, so I'll give you the benefit of the doubt. I at least have some numbers to back up my delusions, courtesy of http://coinmarketcap.com/ 71 Catcoin $ 226,205 $ 0.19 1,188,550 CAT $ 3,081 -16.17 % Of course, the numbers don't look very good right now, I'm speculating they will look better after it shows on TV. http://www.ibtimes.co.uk/raining-catcoins-dogecoins-opray-winfrey-reality-show-backs-animal-cryptocurrencies-1434629 I mostly jest, but Marketing is serious business. OpenAFS has been marketing to the same dead, dying, and shrinking crowd of institutions that are always chronically short of funds or you have to get someone to get a grant, or sleep with the university president, or some such nonsense. When are we going to get serious about marketing to new computing users about the compelling advantages a robust, well-tested, and reliable open source distributed filesystem offers over vendor-lock-in half-assed solutions like Google Drive and dropbox? I know there are a few of you openafs users and developers that can look farther than the institution that signs your paycheck. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Linux OpenAFS EncFS?
On 20.2.2014, at 21.30, Troy Benjegerdes ho...@hozed.org wrote: On Mon, Feb 17, 2014 at 10:21:40PM +0200, Jukka Tuominen wrote: Personally, I feel a bit bad that a great system like OpenAFS needs to be stitched with a separate VPN and file encryption software, when it could be all built-in. Combining tools doing their jobs well is not a bad strategy. Using EncFS with OpenAFS as the backend sounds interesting. Alas, it seems a bit stale. Stephan I'm all for combining the best efforts of various projects (see my own bigger-than-life project at www.liitin.org), I just don't think the outcome is very secure if its up to each individual to stitch up all the components together themselves. I mean, everything necessary is out there right now, but somehow organisations and homes are just worthless :) Br, jukka A relevant article: http://www.alternet.org/corporate-accountability-and-workplace/8-ways-corporate-greed-perverting-idea-sharing-economy Can I apt-get install Liitin? This sounds like a very compelling pre-installed software option for my bigger-than-life project for open-source hardware: http://q3u.be/ -- It wouldn't be bigger than life if it were just a few .debs, would it? It's a ~ 8GB ready to use OS image based on Ubuntu. It will boot up read-only from bare metal (at least a few I've tested), as a virtual machine or even from a USB memory stick. It'll ask for your OpenAFS credientials in GUI and you will arrive on your AFS homedir. Well, you can access your Liitin account from a browser as well, even though it's a native OS. I'm actually currently working on adding a sort of Internet of Things support by means of pub-sub messaging. The idea is to be able to add new devices to control from Liitin account or develop new things out of their features. Sorry, got carried away Br, jukka Troy Benjegerdes 'da hozer' ho...@hozed.org 7 elements earth::water::air::fire::mind::spirit::soulgrid.coop Never pick a fight with someone who buys ink by the barrel, nor try buy a hacker who makes money by the megahash ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Linux OpenAFS EncFS?
hays h...@cs.unc.edu writes: openafs-info-requ...@openafs.org wrote: Am Montag 17 Februar 2014, 14:05:23 schrieb Lars Schimmer: Or does anyone has another idea on howto encrypt a directory in OpenA= FS on client system without any further interaction? What about Truecrypt? Has the advantage of being platform-independent. Bye... Truecrypt is good, but it creates a monolithic container, and that impacts backups. Encfs encrypts files and folders, so that works well for folders that are synced. Lars, FWIW, I just did a brief test--I created an crypt store in my afs home dir, and then used encfs to mount that to a directory on my workstation. That seems to work just fine. I think you'd want to do it this way--you want to be careful where you mount encrypted volumes since you don't want the mount point where things are non-encrypted accessible to backup systems not under your control. bil I think you just need to make sure that the EncFS process is running in your PAG so it can use your tokens. If you logout (but EncFS is still running) it may eventually lose tokens and no longer be able to access AFS. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Linux OpenAFS EncFS?
openafs-info-requ...@openafs.org wrote: Am Montag 17 Februar 2014, 14:05:23 schrieb Lars Schimmer: Or does anyone has another idea on howto encrypt a directory in OpenA= FS on client system without any further interaction? What about Truecrypt? Has the advantage of being platform-independent. Bye... Truecrypt is good, but it creates a monolithic container, and that impacts backups. Encfs encrypts files and folders, so that works well for folders that are synced. Lars, FWIW, I just did a brief test--I created an crypt store in my afs home dir, and then used encfs to mount that to a directory on my workstation. That seems to work just fine. I think you'd want to do it this way--you want to be careful where you mount encrypted volumes since you don't want the mount point where things are non-encrypted accessible to backup systems not under your control. bil -- ___ bil hays Infrastructure Manager Computer Science, UNC CH www.cs.unc.edu/~hays https://wwwx.cs.unc.edu/~hays/gpg.asc ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Linux OpenAFS EncFS?
On 2014-02-17 14:05, Lars Schimmer wrote: Hi! Does anyone using EncFS in combination with OpenAFS? Currently I can change into the directory, but gets a permission denied if I try to create files/directory. Anyone here tried already? Or does anyone has another idea on howto encrypt a directory in OpenAFS on client system without any further interaction? Thank you. Ok, with some extended testing and a restart of client it seems to work fine now. Simple and clean solution. A integrated encryption option in OpenAFS would be nice, but I think that will be in OpenAFS some time later ;-) MfG, Lars Schimmer MfG, Lars Schimmer -- - TU Graz, Institut für ComputerGraphik WissensVisualisierung Tel: +43 316 873-5405 E-Mail: l.schim...@cgv.tugraz.at Fax: +43 316 873-5402 PGP-Key-ID: 0x4A9B1723 signature.asc Description: OpenPGP digital signature
Re: [OpenAFS] Linux OpenAFS EncFS?
Am Montag 17 Februar 2014, 14:05:23 schrieb Lars Schimmer: Or does anyone has another idea on howto encrypt a directory in OpenAFS on client system without any further interaction? What about Truecrypt? Has the advantage of being platform-independent. Bye... Dirk -- Dirk Heinrichs dirk.heinri...@altum.de Tel: +49 (0)2471 209385 | Mobil: +49 (0)176 34473913 GPG Public Key CB614542 | Jabber: dirk.heinri...@altum.de signature.asc Description: This is a digitally signed message part.
Re: [OpenAFS] Linux OpenAFS EncFS?
On 2/17/2014 11:10 AM, Troy Benjegerdes wrote: Could some of the professionals here please estimate a direct dollar cost for such a thing? Who is going to pay for the design and estimation efforts? There are many approaches that can be used but before selecting one over another it is important to perform a threat analysis to determine which risks the solution must protect against and what the use cases are. For any estimate to be reasonable there will need to a work break down of the implementation tasks. It would not be unreasonable for such a design analysis and work break down to cost $10,000. An implementation that could be used by banks or government agencies would easily cost hundreds of thousands of U.S. dollars and take a year or more. Jeffrey Altman smime.p7s Description: S/MIME Cryptographic Signature
WinAFS vs Encryption Re: [OpenAFS] Linux OpenAFS EncFS?
On 2/17/2014 8:05 AM, Lars Schimmer wrote: Hi! Does anyone using EncFS in combination with OpenAFS? Currently I can change into the directory, but gets a permission denied if I try to create files/directory. Anyone here tried already? Or does anyone has another idea on howto encrypt a directory in OpenAFS on client system without any further interaction? Thank you. MfG, Lars Schimmer On a side note I will mention that the WinAFS client does not work with most encryption file system filter driver products because of the manner in which AFS Path IOCtls are implemented. The filter driver wants to encrypt / decrypt all file streams and the pioctl data is viewed as a file stream. When the cache manager receives the encrypted pioctl data it rejects it. The error response fails to decrypt and the application is left seriously confused. WinAFS has been tested against a broad range of encryption file system products at interop events. I have yet to find one implemented as a file system filter driver that is compatible. Jeffrey Altman smime.p7s Description: S/MIME Cryptographic Signature
Re: [OpenAFS] Linux OpenAFS EncFS?
Do you accept euros? :) I just think that this might be a good time to get European funding for Internet security projects like this? Personally, I feel a bit bad that a great system like OpenAFS needs to be stitched with a separate VPN and file encryption software, when it could be all built-in. Best Sent from my iPhone On 17.2.2014, at 18.35, Jeffrey Altman jalt...@your-file-system.com wrote: On 2/17/2014 11:10 AM, Troy Benjegerdes wrote: Could some of the professionals here please estimate a direct dollar cost for such a thing? Who is going to pay for the design and estimation efforts? There are many approaches that can be used but before selecting one over another it is important to perform a threat analysis to determine which risks the solution must protect against and what the use cases are. For any estimate to be reasonable there will need to a work break down of the implementation tasks. It would not be unreasonable for such a design analysis and work break down to cost $10,000. An implementation that could be used by banks or government agencies would easily cost hundreds of thousands of U.S. dollars and take a year or more. Jeffrey Altman ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Linux OpenAFS EncFS?
On Mon, Feb 17, 2014 at 11:35:14AM -0500, Jeffrey Altman wrote: On 2/17/2014 11:10 AM, Troy Benjegerdes wrote: Could some of the professionals here please estimate a direct dollar cost for such a thing? Who is going to pay for the design and estimation efforts? There are many approaches that can be used but before selecting one over another it is important to perform a threat analysis to determine which risks the solution must protect against and what the use cases are. For any estimate to be reasonable there will need to a work break down of the implementation tasks. It would not be unreasonable for such a design analysis and work break down to cost $10,000. An implementation that could be used by banks or government agencies would easily cost hundreds of thousands of U.S. dollars and take a year or more. Jeffrey Altman So $10k for design, and $100k for implementation sufficient to protect a small business's data worth between $250k, and $1M. Does that sound reasonable? Do you think a 10X scaling factor for data protection is reasonable, as in $100K will protect data worth $1 million? If it's going to take a year, I should have plenty of time to figure out how big of a mining farm I need to make the money to pay for it :P Troy Benjegerdes 'da hozer' ho...@hozed.org 7 elements earth::water::air::fire::mind::spirit::soulgrid.coop Never pick a fight with someone who buys ink by the barrel, nor try buy a hacker who makes money by the megahash ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Linux OpenAFS EncFS?
Oh, and if you tack on full IPv6 support, I can pay in Catcoin, although it will probably cost me more in legal fees if euros are involved too. Jukka: What do you think about floating an indiegogo campaign to fund the stage-1 design/estimation work, and have a 'stretch goal' of getting a legal opinion on how to use https://cryptostocks.com to fund the remainder FYI, if Jaltman gets a coinbase acccount he can easily get dollars from you. On Mon, Feb 17, 2014 at 08:48:17PM +0200, Jukka Tuominen wrote: Do you accept euros? :) I just think that this might be a good time to get European funding for Internet security projects like this? Personally, I feel a bit bad that a great system like OpenAFS needs to be stitched with a separate VPN and file encryption software, when it could be all built-in. Best Sent from my iPhone On 17.2.2014, at 18.35, Jeffrey Altman jalt...@your-file-system.com wrote: On 2/17/2014 11:10 AM, Troy Benjegerdes wrote: Could some of the professionals here please estimate a direct dollar cost for such a thing? Who is going to pay for the design and estimation efforts? There are many approaches that can be used but before selecting one over another it is important to perform a threat analysis to determine which risks the solution must protect against and what the use cases are. For any estimate to be reasonable there will need to a work break down of the implementation tasks. It would not be unreasonable for such a design analysis and work break down to cost $10,000. An implementation that could be used by banks or government agencies would easily cost hundreds of thousands of U.S. dollars and take a year or more. Jeffrey Altman -- Troy Benjegerdes 'da hozer' ho...@hozed.org 7 elements earth::water::air::fire::mind::spirit::soulgrid.coop Never pick a fight with someone who buys ink by the barrel, nor try buy a hacker who makes money by the megahash ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Linux OpenAFS EncFS?
On Feb 17, 2014, at 19:48 , Jukka Tuominen wrote: Do you accept euros? :) I just think that this might be a good time to get European funding for Internet security projects like this? It would probably take much more than adequate funding for a solid implementation to get such a feature in. In particular, more funding - and more time than a funding agency will ever grant you for delivering something. Personally, I feel a bit bad that a great system like OpenAFS needs to be stitched with a separate VPN and file encryption software, when it could be all built-in. Combining tools doing their jobs well is not a bad strategy. Using EncFS with OpenAFS as the backend sounds interesting. Alas, it seems a bit stale. Stephan Best Sent from my iPhone On 17.2.2014, at 18.35, Jeffrey Altman jalt...@your-file-system.com wrote: On 2/17/2014 11:10 AM, Troy Benjegerdes wrote: Could some of the professionals here please estimate a direct dollar cost for such a thing? Who is going to pay for the design and estimation efforts? There are many approaches that can be used but before selecting one over another it is important to perform a threat analysis to determine which risks the solution must protect against and what the use cases are. For any estimate to be reasonable there will need to a work break down of the implementation tasks. It would not be unreasonable for such a design analysis and work break down to cost $10,000. An implementation that could be used by banks or government agencies would easily cost hundreds of thousands of U.S. dollars and take a year or more. Jeffrey Altman ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Linux OpenAFS EncFS?
Personally, I feel a bit bad that a great system like OpenAFS needs to be stitched with a separate VPN and file encryption software, when it could be all built-in. Combining tools doing their jobs well is not a bad strategy. Using EncFS with OpenAFS as the backend sounds interesting. Alas, it seems a bit stale. Stephan I'm all for combining the best efforts of various projects (see my own bigger-than-life project at www.liitin.org), I just don't think the outcome is very secure if its up to each individual to stitch up all the components together themselves. I mean, everything necessary is out there right now, but somehow organisations and homes are just worthless :) Br, jukka ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Linux OpenAFS EncFS?
On 02/17/2014 08:05 AM, Lars Schimmer wrote: Hi! Does anyone using EncFS in combination with OpenAFS? Currently I can change into the directory, but gets a permission denied if I try to create files/directory. Anyone here tried already? Or does anyone has another idea on howto encrypt a directory in OpenAFS on client system without any further interaction? We used encfs on top of OpenAFS on RHEL5, and it works. I did find a quirk where both AFS ACL's and unix mode bits had to allow access for things to work. The was fixed by doing a chmod on the encfs folders. Jason ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Linux OpenAFS EncFS?
On Mon, 2014-02-17 at 13:11 -0600, Troy Benjegerdes wrote: So $10k for design, and $100k for implementation sufficient to protect a small business's data worth between $250k, and $1M. No, that's not what Jeff said. What he said was that doing the design and analysis work required to come up with an estimate could cost $10k. I happen to think that's a bit high, but then, I'm not volunteering to do it. The cost of actually doing the work will be much higher, and will depend on the design goals, including the threat model, and on how fast you want it and what bells and whistles you want. Does that sound reasonable? Do you think a 10X scaling factor for data protection is reasonable, as in $100K will protect data worth $1 million? It doesn't work this way. That's a reasonable way of estimating how much you're willing to pay for some sort of protection, but not of estimating how much it's actually going to cost. If $100k is what you're willing to pay, and you can find someone willing to do the work, then you'll get $100k worth of protection. I can't begin to guess what that would look like, but whether it is sufficient to protect your $1M asset is something you have to figure out for yourself. I recommend making sure your $100k contract includes a clear statement of work. If it's going to take a year, I should have plenty of time to figure out how big of a mining farm I need to make the money to pay for it :P Lest someone become confused... It doesn't work that way, either. Software developers need to eat more than once a year, so on a project this size, they'll expect a payment schedule that allows them to do so. -- Jeff ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
RE: [OpenAFS] Linux OpenAFS EncFS?
OpenAFS + ZFS with encryption enabled? -- Robert Milkowski http://milek.blogspot.com ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Linux OpenAFS EncFS?
Jeffrey Hutzelman jh...@cmu.edu writes: On Mon, 2014-02-17 at 13:11 -0600, Troy Benjegerdes wrote: So $10k for design, and $100k for implementation sufficient to protect a small business's data worth between $250k, and $1M. No, that's not what Jeff said. What he said was that doing the design and analysis work required to come up with an estimate could cost $10k. I happen to think that's a bit high, but then, I'm not volunteering to do it. Generating these sorts of numbers are all about what assumptions you want to make, but if you assume 50% overhead from whatever organization has to do the work to write the contract, deal with all the legal issues, route the money to people, maintain office space or benefits or whatnot, and so forth, and then figure you want three people thinking hard about this and those people make around $75 an hour, $10K pays for about 20 hours for each of those three people. That's not out of the realm of possibility. We've collectively spent far more than that on the rxgk specification, although I suspect much of that time was uncompensated or written off as some variety of overhead by a lot of different institutions. -- Russ Allbery (ea...@eyrie.org) http://www.eyrie.org/~eagle/ ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
