Hi folks! I'm one of the architects of Tahoe-LAFS, and the founder and CEO of LeastAuthority.com, which sells Tahoe-LAFS products and services.
> On 22/04/14 14:05, Tom Ritter wrote: > > I'm pretty sure that TAHOE does provide confidentiality - the keys > don't leave your device (more correctly, the gateway running on your > device) unless you distribute them. Which you can, you can send the > decryption key granting read-capability to anyone, but you don't have > to. This is correct. On Tue, Apr 22, 2014 at 12:17 PM, Caspar Bowden (lists) <[email protected]> wrote: > > It's a storage solution, and therefore not what actually Cloud is about in a > business/industry sense, who want Cloud compute power to crunch usefully on > encrypted data. I think you're on the right track here, Caspar. People need a lot more than just "self-storage in the cloud". There are two dimensions that they need more: 1. sharing; Sharing is a lot different from self-storage. Most cloud storage crypto *cements* the self-storage nature into place, by adding an encryption key, held by the user, that cannot be safely divulged to any other user. Tahoe-LAFS is very different in this way, it doesn't impede sharing. (As Tom Ritter alluded above, sharing is easy in LAFS.) 2. computation; People do need storage, but they get a lot more value from apps. Most cloud storage crypto cements into place the "no apps allowed, just data storage" nature, but LAFS is at least potentially better: a. You can share your data with a remote server. Suppose you have a collection of data stored in LAFS. It could potentially be a large dataset, it could be heterogeneous in its schemas and storage formats (i.e., it isn't all in one tidy SQL db, but spread out in multiple formats and files). You started storing it in LAFS years ago, and have been incrementally adding to it and maintaining it ever since (i.e., you didn't plan ahead for what's about to happen). Now you decide that one particular subset of it, e.g. one particular SQL db, or one particular folder full of docs, or something, needs to be shared with a remote server so that the server can do something fancy with it. It is easy for you to send that particular server access to that particular folder full of docs, without divulging any of your other data to that server and without divulging *anything* to anyone else other than that server. b. LAFS can be integrated with client-side Javascript, so that all of the storage is encrypted and in-the-cloud, and all of computation is performed in Javascript on the end-point device (i.e. in the browser). I think things like this are the future. Regards, Zooko Wilcox-O'Hearn Founder, CEO, and Customer Support Rep https://LeastAuthority.com Freedom matters. -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at [email protected].
