[Box Backup] Unencrypted storage?
Fri, 10 Dec 2004 12:32:17 -0500
Michael Pruitt wrote:
> On Sun, Dec 05, 2004 at 01:38:25PM +0000, Ben Summers wrote:
>>If you don't want encryption, then there are other good
>>open source projects to consider. Encryption will never be
>>an option in Box Backup:
> The only downside to Box Backup is that the files must be
> encrypted. I appreciate the the communications path is
> encrypted, but want to be able to search/restore on the
> server. Also, I sometimes need to restore to a client B when
> client A did the initial backup.
I don't know what all the fuss is about encryption. I initially thought
is unnecessary for use within a trusted subnet with a trusted server.
But, I can see no real disadvantage of encrypted storage, as long as
there is an easy way to browse the backed-up files. Also, tracking file
versions doesn't fit as well into a native file system. Think of CVS:
even though files aren't encrypted, they still aren't so easy to browse
Encryption for the communication channel already adds overhead. By not
decrypting on the server, you're actually saving overhead, except for an
initial migration to box-backup.
As for backing up system A from system B, that just requires sharing
encryption keys. For browsing files on the server, you just need to let
the server hold a copy of the client's keys. And you still get the
advantage of a dead disk not holding sensitive data, so getting rid of
it is not a risk.
All that is needed is a user-friendly file browser. I have a working PHP
based browser written that just needs a little more work before having
other users try it.