The warning should not be "watch what you store on SkyDrive", the warning should be "stay the hell away from Microsoft".
> provides or creates links to external sites that violate this Code of Conduct.
> depicts nudity of any sort including full or partial human nudity or nudity in non-human forms such as cartoons, fantasy art or manga.
So linking to http://en.wikipedia.org/wiki/Naturism would be enough to get banned, no?
Now I need to go warn a family member who majored in art history.
Does that mean that in photos, chimps must wear clothes?
Note the prohibition of advocating pornography and expressing hatred.
Tons of services have that.
Either way it becomes very difficult to draw lines.
I prefer my private data to be "clothed" in an encrypted file system though.
Creepy level: 110%
Less likely but more worryingly it could be skin-tone detection and other pornography detection algorithms with a human filter.
For all we know that guy had a lot worse things than a couple of half nude pics in those 9GB of data.
Having followed a bunch of these types of stories on some other sites (webhostingtalk), 9 out of 10 times the "victim" is holding back so much details from the actual story that they might as well be lying.
I'm suprised how easily people swallow someone else's hearsay and then spray vomit it out as the truth.
and then you said:
Having followed a bunch of these types of stories on some other sites (webhostingtalk), 9 out of 10 times the "victim" is holding back so much details from the actual story that they might as well be lying.
You're contradicting yourself. You're stating hearsay (you had no direct contact with the issue of 9/10 lying people, you only heard it from webhostingtalk) and then purporting it to be true.
Regardless of whether the original author is telling the truth, it doesn't matter because that's not the point of the article. The point is that you may lose more than you know simply by being deemed a violator in the eyes of Microsoft, so it's buyer beware.
Relating to your comment: People are innocent until proven guilty in the US. If Microsoft found something that they deemed a code of conduct violation, then they can bring it up with the police or they can at least bring it up with the account owner. Maybe it was SkyDrive uploading more than he expected?
I'm promoting the statistical observation that there is a 90%-95% chance that these types of stories are made up.
My dataset is gathered over the last decade, from hundreds of stories, first published by the "victim", then detailed by the other party.
> so it's buyer beware
No. It's reader beware, if you want to take my comment into context.
The fact is if there is no sensationalism, then there is no story. Hence we get mostly sensationalism when we get stories. And that's not hearsay.
As far as statistics go, there's a 100% percent chance you pulled that one out your arse.
I don't think that private file storage services should be snooping in what I'm storing. Their limitations to what I store should be limited to what's legal (they can have stricter limitations to what I share if they want), and they shouldn't be checking every file (even automatically) to see if it looks legal.
I tried to look for the ToS, but it seems that to see them I have to first get a LiveID and agree to the LiveID ToS, so I gave up at that point.
Service Agreement: http://windows.microsoft.com/en-AU/windows-live/microsoft-se...
Stop pattern matching and start thinking.
Your support engineers aren't familiar with basic UNIX backup utilities and decline to provide support services despite your advertising holding them in such high regard. From rsync's website:
"All technical support is handled by engineers that have the access, authority and expertise to solve your issue.
There are NO first level techs and no auto-responders or ticketing systems. You will always deal with a human engineer immediately.
You will receive support for all interaction you have with your rsync.net filesystem. Support is unlimited, regardless of your tool, platform or implementation."
If there's anyone using rsync who has had a different experience, feel free to speak up, but I was less than satisfied. When I saw the shameless self promotion on HN I felt compelled to give a second perspective.
That would imply that MS is unique here -- they're not. Apple's TOS for iCloud * says it scans content and may revoke service if it finds content it deems "objectionable," "obscene" or "in poor taste" (that last one cracks me up ;) ).
If I remember right -- I'm thinking back to the kerfuffle over Google Drive's and Dropbox's TOS -- the other services have similar clauses.
* - http://www.apple.com/legal/icloud/en/terms.html
+ publish or share materials that are unlawfully pornographic or indecent, or that advocate bigotry, religious, racial or ethnic hatred;
+ violate the law in any way, or to violate the privacy of others, or to defame others.
Apple says you can't use their service to:
a. upload, download, post, email, transmit, store or otherwise make available any Content that is unlawful, harassing, threatening, harmful, tortious, defamatory, libelous, abusive, violent, obscene, vulgar, invasive of another’s privacy, hateful, racially or ethnically offensive, or otherwise objectionable;
Google doesn't seem to mention content beyond the DMCA (maybe I'm missing something):
We respond to notices of alleged copyright infringement and terminate accounts of repeat infringers according to the process set out in the U.S. Digital Millennium Copyright Act.
It may also have been something as simple as having too many images in the folder fuzzy matching the huge DB of porn they have (Bing and Google probably have the largest collections of all kinds of porn on the planet). This is easily done using e.g. scale-invariant feature transform.
Certainly no cause for "stay the hell away from Microsoft".
Still "stay the hell away from Microsoft" in my book.
I would never trust my personal files with anyone that does this type of detection/manual review.
An intelligent company will work to minimize disruption to the user. Affording the user privacy and turning a blind eye to this sort of thing goes a long way towards producing a usable product.
But, what if someone complains? What if this photo was public and resulted in a complaint?
Even then, the idea that an entire account should be suspended over a TOS violation is absurd. By all means remove the content. Perhaps even disallow uploads for a time, or even indefinitely. But a policy of disabling everything including unrelated services and purchased content smacks if ignorant product design and typical Microsoft hubris.
This is a great example of why their product services can't gain traction in the market.
At least in the early days Microsoft was known for having a large stash of porn on their network, and it probably wasn't just for academic purposes.
There are other, more troubling things here too. Materials related to the sale of firearms and ammunition are prohibited. Firearms in various forms are completely legal to own and trade to various degrees in the United States, why are documents relating to that trade of firearms banned?
I also see that anything that incites, advocates or expresses profanity is prohibited. I would advocate that all SkyDrive users place a copy of the terms of service in their account. This should incite most people to express their opinion of Microsoft's actions by saying "Fuck you, Microsoft", and thus violating the terms of service.
Instead of "place a copy...", I'd suggest rating SkyDrive "zero" and deleting it.
Most folks don't read terms of service documents. But, putting this particular terms of service document on your SkyDrive and reading it would incite many people to express their opinion of the document using profanity. (It certainly had that effect on me ;) )
EDIT: That being said:
promotes or otherwise facilitates the purchase and sale of ammunition or firearms.
That's just creepy.
Just look at air travel. It took just a decade to get people to accept having their genitals touched by people in uniform before getting on airplanes.
There will be some very, very minor outrage initially, and then that will subside and people will obediently adapt. Some will even claim that it is your patriotic duty to accept it.
If you work or play in space owned by someone else (Google, Microsoft, Amazon, whoever) then you have to realise that they can do almost anything they want.
If this starts happening too regularly then consumers might start to rethink the benefits of cloud-based systems for running large parts of their lives.
In fact, I know there's tons of pirated content on dropbox because when I add a pirated movie, 9 times out of 10 it get's synced immediately. That means that file exists there already and they can identify it via MD5 hash. They could have banned it based on some sort of blacklist, but they didn't.
Probably because they understand that if they did, they would piss their paying customers off. So why spend effort trying to do that?
And that's how you get into trouble. You have to assume the good actors will at some point in the future execute a bad tactic (via incompetent or even malicious employees) and act accordingly. This doesn't mean you have to avoid cloud storage services altogether. The right thing to do is encrypt all your files before uploading.
Dropbox might not be interested in blocking pirated content at the moment, but this could change in the future. Their polices already say that it isn't allowed, so what would you do if all of your pirated movies just disappeared one day?
I figure that's a good enough incentive for them to not try to monitor their files.
But yeah, I pretty much agree with your basic point to not solely rely on cloud services. Always have a physical backup of stuff you actually want/need.
In finding any disagreeable content, I believe the implication was that Dropbox could map it the other way around from the infracting file to a list of users with the file's hash.
I'm not giving my private data to someone else to store.
This rule should be strictly enforced on public folders. On private folders Microsoft shouldn't even be looking. While you should not be allowed to store "bad" content, it shouldn't be enforced on private folders unless there is some from of legal request.
I don't understand why they think it should work any different. Skydrive should be a way to back up files. You cannot back up your files if someone is snooping on them or if your account is banned for accidentally including that risky photo of your wife in the back up folder...
But fine. Whatever. Microsoft want to make their service unusable. Why are they then banning the entire live account? Suspending people from XBOX live and prohibiting them from using app purchases? If they are suspending the account the account holder needs to be refunded. Why don't they just prohibit the account from using SkyDrive?
Microsoft have been getting better recently. On this though they seem to have completely lost the plot.
Once again, it is the open and honest user who is close to an edge case who gets caught up.
I understand why people call for this, but it's really a very narrow window of "security concern" where that's a valid feature.
Much better would be an open API, and an open source client, which does the encryption, preferably not even technically affiliated with the cloud provider.
During installation, Dropbox asks the OS for an encrypted read/write view of "/home/user/Dropbox". The OS confirms this with the user. The user sets up the key/password for that encryption. Done.
If Dropbox is compelled in future to try and gain access to the unencrypted view of that same folder, it would have to ask the OS permission, and the OS would ask the user.
Dropbox could also ask for an unencrypted view on the initial installation, but the user should still be allowed to specify that the view it gets is of the encrypted versions of files only. This would be entirely transparent. Dropbox would have no idea if it's getting the full view or the encrypted view.
The author of that code is the FreeBSD security officer. He is also the author of my favorite comeback ever on Hacker News: http://news.ycombinator.com/item?id=35079
(Or navigate up to http://news.ycombinator.com/item?id=35068 and get some context. cperciva really is impressive.)
Others have them, but as long as you don't use the content PUBLICLY, they don't enforce, which is exactly correct.
Edit: sorry, reread. You are right about the encryption part. I still stand by the rest :)
- Childporn; pictures of very young children are stimulating to perverts and while there are definitely very 'wrong' pictures in this category, there are also just pictures you took of your young kids and have in your private folders ; that's not childporn UNLESS a pervert gets his hands on it. Meaning when it is private and yours, it should not be removed. It's memories of your children who naively play in the garden forgetting to put their pants on (I wish I could do that ffs) for instance. In the wrong hands dangerous, private and not shared; perfectly normal.
- Pirated movies; at least here you are allowed to backup movies you own, again if they are private, it cannot be that your account is removed for this; you HAVE the DVDs in your home and you ripped them in case of fire or when the break (and they often do after many years).
Both are crap arguments for removing accounts or even data UNLESS they are made public.
Hence it can be solved very easily ; just scan public dirs.
Bonus: one user, 'sickness', showed how to replicate your encrypted data across Dropbox, gdrive, etc. http://www.sickness.it/crazycloudexperiment.txt
He's a crypto expert, so you should check out his service.
No they don't. Its my data. Stay the heck out of my storage room that I pay you for every month, on time.
Its disappointing how far those companies go in playing cops and judges. They should provide service, not the letter of the law.
If cops have a good enough reason to believe you hosting child pornography, they could get a subpoena from a judge and then request Microsoft to open your vault. Otherwise we getting to the point where we don't need judges anymore -- we have bunch of creeps at Microsoft or other company deciding on what is "right" or "wrong". And this is wrong.
I'm using some popular cloud storage services(Dropbox, Google Drive) for some of my stuff, but only of public and non-critical-business stuff I need to share.
Everything else backup-worthy goes to client-side-encrypted service(CrashPlan).
That they think it's OK to routinely look at these files, where I think most consumers would have a reasonable expectation of privacy, highlights to me an extremely scary though process.
> contains or could be considered ‘junk mail’, ‘spam’, ‘chain letters’, ‘pyramid schemes’, ‘affiliate marketing’ or unsolicited commercial advertisement.
The amount of spam I used to get that was "Send this to 5 other people or bad things will happen" was amazing, and it'd be a shame if they were banning people who were storing all their email.
This is baffling. I can make a guess at what nude means - "a naked human, or a human with breasts or genitals on display." But I'm lost at partial human nudity. Is a man with shoes, socks, trousers, and an unbuttoned shirt clothed, or partially nude? What about if he takes his shirt off? What if he's a slob, or if he's like the guy in the diet coke ad? What if the image is a woman in a long t-shirt (with non-visible underwear).
I understand the need for wriggle-room with these types of rules, but they need to make this a bit clearer to avoid regular photos being banned.
I don't understand why MS don't allow you to migrate your stuff out of their service. This guy appears to have lost a lot of stuff. He was a dedicated MS user - he even had a Win7 phone (now useless) - but he isn't anymore.
You will not upload, post, transmit, transfer, distribute or facilitate distribution of any content (including text, images, sound, video, data, information or software) [...]
Text?! Well, that rules out backing up e-book collections there.
To be fair, I don't think Microsoft are that out of touch with reality that they truly believe nobody will use their Skydrive to back up their porn stash or, uh, erotic literature. I also doubt they will police content to that extent, and they're just doing a CYA with these over-broad terms and conditions.
As an aside: for some reason, this reminds me of a question I had to answer when filling out a UK visa application (paraphrasing) -- "Have you even been involved in any terrorist acts?"
* what nudity means - "a naked human.."
* what partial nudity means "..a human with breasts or genitals on display"
So no, it's very non-clear.
Also, children; you cannot take your baby daughter's picture with bare upper body???
What "partial nudity" means is very arguable and _has been_ argued (e.g. many stories of services not allowing breast feeding pictures), I was just pointing out the specific differentiation between full and partial seems simple.
About children: of course I don't see anything bad with pictures of naked kids, but the service has very little chances of knowing whether those pictures of 7 years olds are your nieces' or you're in a shady business, and they are reasonable to protect themselves.
We live in a fucked up society.
Obviously, there are huge gaps between stating rules, actually enforcing them, and enforcing them in a dumb way.
If I like to take naked pictures of myself and put them in a PRIVATE, never shared folder, I really find it a huge error of MS to close down accounts for that reason. And it'll bite them if they keep doing it.
But yes, if there is something wrong you want to have the RIGHT to remove + ban for any reason you see fit. MS is a company, they have no obligation to host your crap. Well, if you don't pay. If you do I think it's even muddier water IMHO.
This is my private data.
However, through the power and sheer awesomeness of open source, I might try to get my hands dirty at implementing client-side encryption sometime. The rest of the software looks perfect and I have a couple Linux boxes just begging to be used :)
I think if they keep doing this, either Microsoft or any other cloud storage provider, it will be a huge drawback in trying to convince people to store their files in there instead of their own their own devices. This is something we'll all worried about before cloud storage services took off, and now that worry is turning into reality.
From the Gmail policies (at https://mail.google.com/mail/help/intl/en/program_policies.h...) :
users may not:
Send, upload, distribute or disseminate or offer to do the same with respect to any unlawful, defamatory, harassing, abusive, fraudulent, infringing, obscene, or otherwise objectionable content
Of the millions of users, this is the first time I have heard of someone getting permanently banned. Have you seen other cases?
If you want to move away from gmail, who would you move to? I suspect that almost all services will have similar terms, so the only option would be to host your mail yourself. Even then, you probably can't use most hosting services to run the server.
Why does this reasoning apply to file lockers but not to e-mail? I have no idea.
Sorry, but that moment passed decades ago. I'm certain most pr0n is stored on machines running Windows.
There is an ick-factor here, I'm not saying it's rational.
Well of course we have to protect the children and they shouldn't find it accidentally, then publishing should be the only issue here.
Porn is also associated with prostitution, which is stigmatised as well. And some men feel that although of course there is nothing wrong with the porn they watch, the porn some other men watch leads the featured actresses into prostitution.
And some men watch porn even though they feel it's morally wrong (and morally wrong things are stigmatised). They just don't have the self-control to stop themselves. (That makes them hypocrites, but most people are hypocrites one way or another.)
I get that "protect the children" is an overused slogan these days, and not just in relation to adult porn. But it's far from the whole story.
(n.b. I'm trying not to argue about what should be, I'm trying to talk about what is.)
> I get that "protect the children" is an overused slogan
> these days
I keep waiting for a porn-in-the-workplace case to come up where someone brings up the fact that we are approaching gender parity in porn consumption, and watch courts start to grapple with that.....
"incites, advocates, or expresses pornography, obscenity, vulgarity, profanity, hatred, bigotry, racism, or gratuitous violence. "
Wow, not only is it impermissible to upload pornography but apparently it is impermissible to talk about it too.... Nor can one express hatred of an ex or even say that there are times when hating another person or even an idea is beneficial!
Way to go Microsoft!
I HATE Neo-Nazis! Good thing I am not posting a document that says that to Skydrive!
This next guy doesn't seem to have been given an opportunity to fix the problem.
Perhaps just an untrained employee, or lack of a proper procedure in place by Microsoft.
Regardless, the fallout from this is likely to be quite large, as the entire reason for putting your data in the "cloud" is that you trust that you'll be able to access it.
Yes, it's seriously messed up that Microsoft employees are presumably snooping around in your private SkyDrive folders, and it has the potential to really get people to migrate away. But it requires overcoming a huge barrier of apathy, and I'm not sure this has the momentum to do so.
This is slightly annoying though.
I agree that many people think this. But I cannot understand why they think it. I hear people talk about "cloud backups", when the only copy they have of a file is the one in the cloud.
Obviously there's a few people who know the up times and down times and make an informed choice.
But many people just assume that it will always work, and who will suffer when that service is not available.
Maybe my early experience of batch processing and unreliable utility supplies and a few experiences of dropped services has taught me, and that other people are living in a world with remarkably good up times and thus don't get the chance to learn that three nines is not six nines.
Big F up, but what's new with MS these days.
Seriously, when did it suddenly become okay for companies to police our culture?
Imagine cars breaking down because you used it to drive to known bad neigbourhood?
Imagine dinner plates that break down because you out meat on them?
Imagine fruit juice that evaporates if you mix it with alcohol?
Why is Microsoft targetting the amish people? It does not make economic sense.
I had my Youtube account suspended and that subsequently banned me from my Gmail, Docs etc. You feel vulnerable.
Maybe some kind of policy that forced the provider to at least block you only for a specific service ?
BTW, this is the creepiest "GMail Man" variant ever.
Like others, I think MS is in a dead end street here. There is stuff that they just can't allow - harboring child porn is illegal regardless of whether you're storing it for someone else, etc. But if they don't default content into Skydrive then hardly anybody will use it and people will keep assuming Google Docs and other cloud services are just "better" for collaboration. The only way out is client side encryption, but that disables many server side functions (eg: search) and gets god-awful complex for sharing between parties.
Think about what happened if you went to Wal-Mart and purchased clothes and other items there. Then, two years later, you cause an incident at Wal-Mart and you are banned from their store. Does that give Wal-Mart the right to come to your house and burn everything you previously bought at their store???
I can't believe companies do so much to deter people from their cloud services. That'd be like Apple shutting down the iTunes and iCloud of a developer, who hacked around in iOS. I hope that has yet to happen.
I expect I'm having nude pictures of my son in about a month and a half.
Ignoring that I just made fun of all these 'nude is evil' rules: Why should Dropbox look at my data, at all? If I ever get a confirmation that they so much as access it for purposes other than backing it up/restoring it or on my direct request (through the client apps/web ui or whatever) I'm going to leave them for good. They provide storage, not more. And storage attributes (bytes stored) is all they should care about.
EDIT: Found it. https://support.google.com/drive/bin/answer.py?hl=en&ans...
"Don’t publish sexually explicit images or videos, such as those with nudity or graphic sex acts. Writing about adult topics is permitted as long as they aren't accompanied by sexually explicit images or videos, or any material that promotes or depicts unlawful or inappropriate sexual acts with children or animals. Additionally, we don't allow content that drives traffic to commercial pornography."
Dropbox TOS don't seem to specifically mention it, they're Acceptable Use Policy notes that "unlawfully pornographic" and "indecent" material is not allowed:
"You agree not to misuse the Dropbox services. For example, you must not, and must not attempt to, use the services to do the following things....publish or share materials that are unlawfully pornographic or indecent, or that advocate bigotry, religious, racial or ethnic hatred;"
Interesting would be if they scan anything unpublished.
This prohibits publishing "Violence", "Hate speech" and "Sexually explicit material", amongst other things.
I'd guess it was written with more public publishing in mind, so it's not clear whether it's intended to include purely personal content on Google Drive.
And I was thinking the same thing as I read it, when they say "publish" do they mean make publicly available or store?
I also wonder if the Dropbox AUP just adds "indecent" to the "unlawfully pornographic" statement, or means that they prohibit all indecent exposure.
And that word "publish" shows up again.
Anyway, back to the point: so what if they don't? Why are they looking at your private data?!?
And that's why I'm trying to make sure I don't become too dependent on any one "cloud" ecosystem.
What about pictures of your kids? Anyone who has kids has the ubiquitous first bath, bathtub hijinks pictures of small children.
Where does this cross the line into child pr0n? What if you catch a "private" part by accident in the frame?
These are _not_ for public consumption but may appear on private cloud storage due to backups, etc.
This is a large issue as more and more companies are backing your stuff up in the cloud. You as a consumer may not even realize where your _private_ content is going.
A neat solution would be a client side utility that encrypts local files (or entire folders/tarballs) with gpg, generates checksums, splits them into 2048KB or 1024KB chunks and uploads those to SkyDrive. The downside is that there would have to be some sort of management/database locally (and on every machine you wanted to download the files to) that would keep track of which chunks make up which file and rebuilds everything when you download them.
Disclaimer: I work for Tonido.
> We also don't control, verify, or endorse the content that you and others make available on the service.
Isn't scanning my private content for nudity a verifying? Or what does it mean in this context.
Data and processing power should belong to the user and not corporations.
Private data is at home, or in backups stored in the bank, not at someone else network.
Sorry, why are people falling for the cloud? The whole thing is absurd. We had all our data nice and safe, we could make it accessible across the net, and it was complete in our control. Then some one came up with a new trendy way of ruining all that. Now, for some reason I am yet to understand, we give control of our data, data being the most precious thing in IT since you cant go out and buy a replacement, to bible bashing, moralistic, judgemental, board meetings in big corporations.
This is the biggest kings new clothes situation since Satan knows when.
Guys, you know how this works. Stop marching in towards the edge of the cliff. Its is no use bleating on and on about privacy etc, when almost every one is buying in the the cloud regime. When the hell did these companies ever respect your privacy and right to your own morality. You know they don't. Yet ever single time this sort of issues crops up there is almost utter surprise. Its like watching a woman being beaten up for the 100th time by her psycho husband.
Please, the king has no clothes. None. Secure you own data your way.
Thanks for the rant space.
So a photo of any woman not wearing a burkha, if placed in my private SkyDrive folder, can result in the loss of my Hotmail and Xbox Live accounts.
Wow. What kind of idiot would do business with these people?!
Seriously, why would anyone use this service. No profanity?
Because we can stick truecrypt containers in it? Not that I use it personally, I prefer Tarsnap.
Email is email... Don't let your hatred for companies run your life.
Glad I'm going back to my Android based phone this weekend.
Someone needs to clue in on "viewport" either in meta or CSS.
That said, I don't see this as a newsworthy item. It's more of a crybaby thing.
Ask HN: What's your favorite online-backup tool?: http://news.ycombinator.com/item?id=1946416
See this thread from a week ago: http://news.ycombinator.com/item?id=4224518
If you are a hacker or care about security and have money: SpiderOak or Tarsnap
Source code: Git
If you are poor and care about security: Dropbox with TrueCrypt (be careful that you don't mount simultaneously)
None of the above and lazy: Dropbox vanilla (better terms, non-evil non-giant company)
If someone were to make this into an actual product, it sould be relatively simple to make the encryption happen as soon as a file changes and avoid the latency.
It's not for everyone, though:
At the present time, Tarsnap does not support Windows
(except via Cygwin) and does not have a graphical user
What scenario do you refer to? Why would it be bad to run a non-paused Dropbox client and mount a TrueCrypt volume inside it at the same time?
First, I created a small 64 MB TrueCrypt partition. I then mounted the partition in TC. I noticed immediately that the tc file has an exclusive lock, so any changes in your TC partition will never be synced until the partition is unmounted! If your use case is to mount your partition immediately upon login, work for the day, and then shutdown, Dropbox will never have an opportunity to sync your partition.
My next test was to mount the TC partition simultaneously (Desktop and Laptop). Then I run into conflicts, as another posted mentioned. Because of the exclusive file lock, if you mount simultaneously on two machines, you will start getting duplicate -conflict files when unmounting either of the partitions, since the other is still locked. It's not immediately clear from examination which TC partition is actually the most recent one. And may Gods have mercy on you if at any time you edit both partitions before they sync.
Even if you're willing to live with these annoyances, there is now the trade-off of which partition size to create. Too large of a partition and syncing can take a long time, even if you make minimal file changes (because of chaining, there is not a 1 bit -> 1 bit change in TC partitions). Too small of a partition, and you'll have to keep resizing it or creating new ones. What a hassle.
The only use case which seems to work well for me, is for minimally modified files, like for annual tax returns. Here, a TrueCrypt container makes sense and works quite well because the partition is basically read-only and unlikely to be simultaneously or even regularly mounted.
So for those people who keep suggesting TrueCrypt, I'm curious, do you actually use it, and if so, how? The suggestions for file-level encryption (encfs) appear to be much more sane.
Indeed, it seems like one of those problems where solutions seem obvious (use TrueCrypt!) until you experiment or think about it more deeply.
The advantage of EncFS is that it's not a huge binary blob, instead you transparently store files with garbled names and garbled contents, but an otherwise untouched directory structure. I'm not sure if TrueCrypt can do that too.
Update: Looks like they are using some kind of embedded flash. Does that mean a flash or actionscript cryptography implementation?
To answer your questions:
1. all encryption/decryption is done in JS. BouncyCastle java source code is used (slightly tweaked for performance) - it is compiled into JS using Google's GWT compiler.
2. flash is only used for triggering file save dialog, similarly to downloadify, in browsers that do not support HTML5 alternatives. In Chrome, which supports <a download>, flash is not used (100% JS/HTML5)
3. problems mentioned in the post you referenced can be generalized into two groups: (a) hijacking the server to serve "trojaned code", and (b) inherent JS limitations such as the absence of proper PRNG.
Concern (a) is valid. However, most client systems have auto-updating software products installed, with auto-updating enabled (browsers auto-update themselves; anti-viruses and OSes do the same, etc. - the Flame worm was using Windows Update to sneak in, I think). It is a universal issue in the modern "connected" world, and most users have to live with this threat if they want to use the Internet in any meaningful way; I can't imagine a person eyeballing the source of every patch they compile/apply on their system.
Concern (b) is not really valid now, IMHO. As mentioned above, it is possible to use a solid open-source crypto library either directly (e.g. Stanford Crypto JS library) or compile one into JS, to use proper PRNG, etc. With proper testing (standard/published test vectors; cross-platform tests - encrypt in JS and decrypt in java, etc.) it is possible to make good crypto in JS. And things like side-vector attacks do not look relevant here, as the attacking code needs to run on the client, which means the client has been compromised already.
Re: OpenPGP vs PKCS1: historical reasons (have a well-tested code for PKCS1). If at some point it becomes clear that OpenPGP is much better, adding it won't be a big issue.
* brackup: uses encryption, host yourself. http://code.google.com/p/brackup
* Camlistore is worth keeping an eye on.
Looks like a next-generation all-purpose low level CMS. By the same author of brackup, Brad Fitzpatrick. http://camlistore.org/