On 24/04/14 19:08, Zooko Wilcox-OHearn wrote:
..On Tue, Apr 22, 2014 at 12:17 PM, Caspar Bowden (lists)
<[email protected]> wrote:
It's a storage solution, and therefore not what actually Cloud is about in a
business/industry sense, who want Cloud compute power to crunch usefully on
encrypted data.
I think you're on the right track here, Caspar. People need a lot more
than just "self-storage in the cloud". There are two dimensions that
they need more:
1. sharing; Sharing is a lot different from self-storage. Most cloud
storage crypto *cements* the self-storage nature into place, by adding
an encryption key, held by the user, that cannot be safely divulged to
any other user. Tahoe-LAFS is very different in this way, it doesn't
impede sharing. (As Tom Ritter alluded above, sharing is easy in
LAFS.)
2. computation; People do need storage, but they get a lot more value
from apps. Most cloud storage crypto cements into place the "no apps
allowed, just data storage" nature, but LAFS is at least potentially
better:
a. You can share your data with a remote server. Suppose you have a
collection of data stored in LAFS. It could potentially be a large
dataset, it could be heterogeneous in its schemas and storage formats
(i.e., it isn't all in one tidy SQL db, but spread out in multiple
formats and files). You started storing it in LAFS years ago, and have
been incrementally adding to it and maintaining it ever since (i.e.,
you didn't plan ahead for what's about to happen). Now you decide that
one particular subset of it, e.g. one particular SQL db, or one
particular folder full of docs, or something, needs to be shared with
a remote server so that the server can do something fancy with it. It
is easy for you to send that particular server access to that
particular folder full of docs, without divulging any of your other
data to that server and without divulging *anything* to anyone else
other than that server.
b. LAFS can be integrated with client-side Javascript, so that all
of the storage is encrypted and in-the-cloud, and all of computation
is performed in Javascript on the end-point device (i.e. in the
browser). I think things like this are the future.
These are great features, unavailable in other designs.
I just wanted to emphasize three points:
* there is an awful lot of hogwash talked (not in connection with
TAHOE BTW) that somehow "encryption" can take care of
confidentiality in the Cloud. This is not true, in the sense of
a-Holy-Grail-of-FHE discussed above in thread. It is literally a
case of policy-makers hearing blah-Cloud-blah-blah-Encryption-Audit
- that sounds OK. Many policymakers seem (still) not to (want to)
understand that. There is no technical means to deny a government
access to Cloud data, if laws have been passed to do that, and that
Cloud provider's service involves computing with the data (rather
than raw storage of data encrypted by the user)
* A lot of stuff can be done with P2P architectures or on the user's
device, but calculations which require close-coupling between
intermediate results in a parallelized algorithm, can't be done P2P.
But perhaps more importantly, the business model of commercial Cloud
services from Google, Microsoft, etc. are to fill datacentres with
conventional software applications that have been virtualized. This
is precisely the kind of "Cloud" which encryption can't protect. It
is the unique selling point of Cloud computing - "elasticity" of
computing power. Any data from the rest of the world sent to US
jurisdiction is buck naked before laws like FISA 702 (and policies)
like EO12333, which only protect rights of citizens of those
countries (US citizens and legal residents), and those not very well.
* contrary to what seems prevalently reported this discriminatory
aspect of US law is not the norm throughout the world. In fact, I
have only been able to discover a handful of refs in Canadian,
Australian and NZ law. Germany has 1. UK none. Indeed, it is a
principle of the European Convention of Human Rights prohibits
discrimination by nationality in this way, even for national
security laws, period (except that German thing - it's complicated -
ask me).
Caspar
--
Liberationtech is public & archives are searchable on Google. Violations of
list guidelines will get you moderated:
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe,
change to digest, or change password by emailing moderator at
[email protected].
