Comment by XorNot
4 years ago
Honestly: don't upload unencrypted content to anyone, for exactly this reason.
I have cloud backups of family photos, but they're all through restic or rclone with the crypt filter applied. Privacy is about the right to put yourself in context.
> Privacy is about the right to put yourself in context.
Wow. This is a brilliant. Did you come up with this?
Maybe from here?
Six Words on Privacy
https://safecomputing.umich.edu/six-words-about-privacy
The problem with personal encryption for long term storage is that it is easy to loose private keys and passwords.
For this type of encryption, I think the password could be “password” and that would be good enough. The primary goal is to frustrate automated scans, not targeted brute force attempts.
That's a problem with very easy solutions, considering what's at stake. Use a paperkey, NFC card, smartcard or even a printed data matrix sheet to store the keys and/or password DBs. The reason why all these aren't popular enough is that people don't consider privacy to be important - until something goes seriously wrong, like in this story.
Sorry, 99.99999% of the general population don't know what restic or rclone is. In fact, I won't be surprised if 90% of software engineers have never heard of them. These things aren't really know outside circles like hacker news.
As software engineers and the stewards of modern technology, we have a responsibility to build tools which enable capability for the rest of the people - particularly in the open source world.
People can't run their own encrypted messengers so we have Signal. People should be provided with interfaces, and advocated too, use cloud services for their data in a safe way.
Privacy is about the right to put yourself in context.
Very well said.