Comment by throwaway77385
1 day ago
The nightmare continues. For now I am using 3rd party backup services that are (currently) promising me that my backups are encrypted by a key they do not have access to, or control over. But can this even be believed in an age where these secret notices are being served to any number of companies? I suppose the next step would be to ensure that files don't ever arrive in the cloud unencrypted, but I have yet to see a service that allows me to do this with the same level of convenience as, say, my current backup solution, which seamlessly backs up all my phones, my family members' phones, my laptops, their laptops etc. I depend on having an offsite backup of my data. Which inevitably includes my clients' data also. Which I am supposedly keeping secret from outside access. So how does that work once everything becomes backdoored?
In the case of the U.K., they can throw you in jail for not handing over your encryption key, so it’s a moot point. They’ve been slowly expanding this power for twenty years now.
Not for content in the cloud, as far as I understand. Someone will correct me, but you can be arrested and threatened with terror charges if you dont unlock your device, but this does not give them permission to access other computers via the internet.
Tommy Robinson trial for refusing to provide his unlock credentials when ingressing UK is happening in March this year.
ive been through all this with the law. no one ever got jailed for not handing over encryption keys unless they were a definitive criminal and theres strong evidence there is criminal data on the device.
they tried this with me (NCA) but the judge wouldnt sign off as they had nothning on me or my device. this did however REALLY want to access it! fuck them. pricks
https://www.telegraph.co.uk/news/2024/10/25/tommy-robinson-c...
2 replies →
Ah yes, the “we have all the power but pinky promise to only use it on the bad guys” playbook. I have complete confidence and trust in that promise. /s
security and convenience are ever at war.
Convenience usually comes at a cost. You shouldn't have to trust anyone. Just use a generic storage service and only upload encrypted files to it. Syncthing + Rclone will probably get you a similar setup that you control.
IMO the only thing you can have a high level of trust in is your own *nix server. Backup those devices to it then encrypt there before being sent to the cloud.
Handling the encryption yourself is the way to go, but for maximum security, don't send that encrypted data to the cloud. Keep it all on your own server(s).
That doesn't help people who aren't technically capable, of course. But at least those who are can protect themselves.
Why couldn't the government just get a warrant and take your local servers? At that point there doesn't seem to be much of a difference with respect to this threat model, at least cloud is convenient.
Depends what kind of security. Local doesn't help if your house burns down or is robbed.
> your own *nix server
Just be sure it's pre-Intel Management Engine / pre-AMD Platform Security Processor!
[dead]