
PrivateStorage.io: A secure and privacy-focused cloud storage solution - aralib
https://leastauthority.com/blog/least-authority-and-private-internet-access-announce-privatestorage-io-a-secure-and-privacy-focused-cloud-storage-solution/
======
moviuro
FWIW, I've been using syncthing [0] for some years now [1] and am very
pleased. Even though my data is unavailable on the cloud from any untrusted
computer (like e.g. my corporate laptop), it's synced on my "fleet".

I'm not sure that PrivateStorage actually adds anything to the equation?

EDIT> The Tahoe LAFS [2] model is more that you spread your data over multiple
providers. NAS at home, several VPS providers, or what have you. It feels like
RAID in the network, and it allows very precise setting of redundancy
policies.

So syncthing actually only runs on trusted machines, whereas PrivateStorage
will be able to run on both trusted (tightly managed) and untrusted machines
(like a VPS in the USA).

[0] [https://syncthing.net](https://syncthing.net)

[1] [https://try.popho.be/byeunison.html](https://try.popho.be/byeunison.html)

[2] [https://tahoe-lafs.org/trac/tahoe-lafs](https://tahoe-
lafs.org/trac/tahoe-lafs)

~~~
scott00
How much data do you sync? I'm syncing 60 GB with NextCloud and it annoys me
frequently: every time I log in it spends 5 minutes scanning my data, pegging
at least one core of CPU and using up a lot of my I/O capacity. And of course
at a pretty annoying time, since I almost always want to be actually using my
machine during the first 5 minutes after logging in. And I'd really like to be
syncing more data. Anyway, wondering if syncthing does better in this respect.

~~~
Chilinot
Im using Syncthing as well, and in my Syncthing dir on my laptop there is
currently 52 GB of data.

That includes a synchting-share for my automatic backups and my "dropbox"
replacement (a simple directory for syncing between phone, and computers).

It works great. I haven't had any issues with it. The current release of
syncthing is very stable. Earlier versios were a bit error prone. But they
seem to have fleshed out most, if not all bugs i encountered in earlier
versions.

------
joekrill
Looks like it's not actually ready yet? PIA has a great track record, though,
so this seems promising.

I also like this when you give them your email:

>> This is not a mailing list, and your email will be permanently removed
after we send a one‑time notification when PrivateStorage is available to the
general public.

------
ZeroCool2u
There are a number of alternative paths in this space if you're truly focused
and willing to invest a bit, but if you care about privacy enough to seek a
service like this out and just want to minimize mental overhead, this seems
like a good choice.

Tahoe-LAFS makes some impressive claims like maintaining confidentiality while
running on untrusted machines. I think a lot of folks now would assert that
really any machine running x86 due to Intel ME and the AMD equivalent should
in fact be untrusted.

I'm not in a position to criticize though, this is just from a cursory glance
at the summary page, and frankly I used PIA as my own VPN provider for a
number of years and had only positive experiences.

~~~
rsync
"There are a number of alternative paths in this space if you're truly focused
and willing to invest a bit, but if you care about privacy enough to seek a
service like this out and just want to minimize mental overhead, this seems
like a good choice."

It feels to me like 'borg'[1] is becoming the de facto standard for this use-
case. There were a number of similar tools (like duplicity) for years but borg
seems to have buttoned up all of the issues.

Some call it the "holy grail of backups".[2]

[1]
[https://borgbackup.readthedocs.io/en/stable/](https://borgbackup.readthedocs.io/en/stable/)

[2] [https://www.stavros.io/posts/holy-grail-
backups/](https://www.stavros.io/posts/holy-grail-backups/)

~~~
rakoo
Borg et al are specifically made for backups. Tahoe-LAFS is for general use.

------
comboy
So on one hand, you just need some good open source software for that, there's
enough cloud and there's no reason you wouldn't choose the cheapest one if you
have everything client side encrypted and can add more redundancy. On the
other hand..

> the system runs on Tahoe-LAFS

that got me very interested.

------
tchaffee
Should anything truly private be stored in the cloud? I have never seen a
solution that doesn't boil down to trusting someone. The claim is that the
code is open source. But I don't know how I would verify that that's the
actual code they are running on their servers. I also don't understand the
payoff. For information that's not truly private (like your music collection)
but that could possibly be data mined, then a very basic level of privacy you
get from something like Dropbox should be enough, right? What does this
service offer that other cloud storage providers don't offer? For information
that's truly private, why would I risk it becoming eventually available to
hackers by putting it somewhere in the cloud? What am I missing?

~~~
lotharrr
The data is encrypted on your client before it leaves your computer. You're
relying upon the servers to hold onto your ciphertext (i.e. availability), but
not to keep it secret (confidentiality). And the client can detect changes to
the ciphertext, so you aren't relying upon the servers for integrity either.

You have to trust the client code, for sure, but that's something that you're
at least nominally in a position to inspect and verify.
[https://github.com/tahoe-lafs/tahoe-lafs](https://github.com/tahoe-
lafs/tahoe-lafs)

~~~
tchaffee
I'm a programmer. And I still don't think I'm in a position to verify if
something is cryptographically secure. It's quite possible that a client has
been built with an extremely subtle backdoor already in mind. One that crypto
experts won't find for years.

~~~
thinkloop
Yes, but it's like when you're at a cafe and need to go to the bathroom so you
ask the random guy next to you to watch your laptop. Sure he could steal it,
but you reduced the attack vector to just him.

~~~
tchaffee
It's a reasonable analogy. To use your analogy I'm suggesting you don't trust
anyone with your laptop and bring it to the bathroom with you. If something is
truly private and / or valuable information don't put it in the cloud. I'm not
alone in that thinking. When it comes to storing people's digital currency you
hear about things like cold storage. For very good reason.

------
nitrohorse
I wonder how this compares to Cryptomator [1].

[1] [https://cryptomator.org](https://cryptomator.org)

~~~
cascom
Or ARQ if it’s just for backup...

------
newscracker
I'm curious what the pricing will be when this is opened up to the public.
Some years ago when I compared encrypted online storage, I found Least
Authority to be quite expensive. It still seems to be ($25 a month). [1]

[1]: [https://leastauthority.com/](https://leastauthority.com/)

------
zencash
Very interesting, may use this, I'd still layer in a VPN, i've had leaks in
the past[1].

[1] [https://vpntoolbox.com/disabling-webrtc-
browsers/](https://vpntoolbox.com/disabling-webrtc-browsers/)

------
_bxg1
Does anyone know what kind of impact client-side encryption would have on sync
speed for potentially-large files (as opposed to simple text messages)?

~~~
meejah
Tahoe-LAFS does "erasure coding" on the chunks of data. This increases the
size of the data (adding redundancy) so that you can recover a file without
recovering every single chunk. These parameters are decided client-side. In
the smallest possible case (i.e. every chunk required) there is some slight
overhead from the zfec and Tahoe headers.

If you are using redundancy of any kind, it will inflate the size of the
ciphertext versus the plaintext thus affecting sync speed.

Tahoe-LAFS does split everything up into fixed-size chunks, though, so the
total size of the file doesn't really matter -- it will still be uploaded in
128kb (default) chunks to the storage servers.

So, it's not the encryption that has an impact but the erasure-coding (which
gives the "RAID-like" features) and you can configure it to have zero
redundancy and thus only some slight increase in the total amount of data to
send.

~~~
_bxg1
Hadn't even thought about a difference in size; I was thinking the CPU
overhead. If I save a 1GB file, how much processor time will it take to re-
encrypt the whole thing so it can be sent off? Or does the chunking apply here
too; i.e. only the chunk of the file that's changed has to be re-encrypted?

~~~
meejah
I don't know the exact answer to that, but "not much" in comparison to the
time to send the bytes over the network. The actual contents are encrypted
using AES which often has built-in instructions on modern processors and is
thus very fast. The vast majority of the time is uploading time here.

Tahoe does use "convergent encryption" (basically, the key is based on the
contents) so that the same file encrypted by the same client results in the
same ciphertext (and thus, doesn't need to be re-uploaded).

I believe that only happens at the "capability" (i.e. file) level, though, not
each chunk. So, if you had a directory of 10 files each 100MB and changed one,
you'd only have to upload the new directory-descriptor and the one changed
file -- but if you change a few bytes of a 1GB file, you'd have to upload all
the ciphertext for that file again.

~~~
_bxg1
Thanks for the well-informed answers!

------
nickik
Does this have a way to only sync partially sync? So if I have my huge music
library there, but I only one sync particular folder to my phone?

------
iagovar
Based in the US apparently. I guess everyone here knows what that means. Not a
great jurisdiction if you are concerned by privacy.

~~~
rygxqpbsngav
Still PIA got good standing in avoiding the data/log access requests so far
for their VPN service.

~~~
iagovar
I'd still lean towards Iceland, Switzerland or Romania, although I'm still not
sure if I should trust any EU country over this topics.

~~~
t0astbread
Why not?

~~~
iagovar
[https://restoreprivacy.com/5-eyes-9-eyes-14-eyes/](https://restoreprivacy.com/5-eyes-9-eyes-14-eyes/)
Mostly, but also by some of the news I see over here about parliaments trying
with more or less success trying to pass laws to take down websites or force
them to comply with questionable reasons.

I understand that there could be reasonable arguments behind, but I feel very
uneasy about it.

------
adrianN
How does this compare to tarsnap?

~~~
moviuro
tarsnap's target audience is sysadmins and other UNIXy gurus. My grandma and
my dad, who would benifit most from a secure sync mechanism would probably be
unable to use it.

Also, I'm not sure how you can use tarsnap at good cost for p2p sync.

[0] [https://www.tarsnap.com/](https://www.tarsnap.com/)

~~~
simias
Tarnsap is for backup, I don't think it can really be used for sync in the
general sense. It's also hard to predict how much it's going to cost you if
you don't exactly know how much data you're going to upload (and is IMO
prohibitively expensive for even moderately-sized backups).

I love the tech behind tarnsap, I love that the client is open source, I love
the whole philosophy of it but I really struggle with the pricing.

~~~
yjftsjthsd-h
> the client is open source

No, it's source available.

~~~
moviuro
Indeed, see [http://www.tarsnap.com/open-
source.html](http://www.tarsnap.com/open-source.html) and
[https://github.com/Tarsnap/tarsnap/blob/master/COPYING](https://github.com/Tarsnap/tarsnap/blob/master/COPYING)

------
fauigerzigerk
This is interesting. I currently use Sync.com which works great on my Mac but
unfortunately doesn't have a Linux client.

------
cascom
What is the advantage over ARQ + B2/S3/etc...

------
PlaneSploit
This sounds like just inferior Storj.

------
t0astbread
Interesting. How does this compare to hosted Nextcloud offerings?

------
boynamedsue
They're calling this service S4 and not expecting to get sued into oblivion by
AWS?

It's also not very creative. Says a lot about the maturity of their their
thinking when there's such obvious naming similarity.

~~~
tyingq
It does appear to be based on the phrase _" Simple Secure Storage Service"_.
Maybe 4S or SIV would have been better.

