Since you're putting so much attention to the use case I am morally obliged to detail it for you. Hope you find it interesting.
Live CDs have security applications. You can boot a severely infected computer without worrying about malware logging what you type to access your remote data. Also when you power it off there is no trace of your activity left. So subsequent boots of the infected o/s cannot steal anything from you. This is useful when using public computers, where previous users are wreckless with the sites they visit and have no qualms about executing trojans etc. But also when using a computer you share with family members, perhaps you do not trust it to be free from infection, so when you want to access the bank or pay online you boot the live CD, just to be on the safe side.
US military personnel are encouraged to boot a live CD on public computers if they have to use such computers, where a hardened live CD is prepared for this purpose, here it is:
http://www.spi.dod.mil/lipose.htm
Myself I do not trust the US military so I am making my own hardened live CD. So far I am plugging usb drives when I need access to private data, which of course nullifies one of the advantages of the live CD as malware can now infect the usb drive and stay there, so usb drives are only plugged strictly when very trusted sites are visited, and only if access to the data is absolutely essential.
Instead of a usb drive, why not hold data in a server somewhere, and be just as strict in only visiting very trusted sites when you mount the server directory. If AES256 or whatever is used properly, the data cannot be eavesdropped. However, the plaintext is available to the owner of the server, and we do not want that.
To avoid this privacy issue, people have suggested that public storage is used in conjunction with truecrypt. So you store the truecrypt container in the server and only decrypt on your end. Here's how it is done with dropbox:
http://tonyonsecurity.com/2012/08/05...box-truecrypt/
When a change is made in one of your user files, a small part of the truecrypt container file is modified by truecrypt. The dropbox application takes care of synchronizing its copy of the container with the server copy efficiently, transmitting just the changes.
You cannot use dropbox if you do not have a local drive to store the duplicate, or a ram drive large enough to store the duplicate. The container is twice as large as the maximum amount of data you store in it, so it can easily get too large for the live CD created ram drive.
If the server offers NFS access, you can just mount the folder where the container resides on the server and use truecrypt on the remote container directly, no need for a local duplicate. NFS takes care of only transmitting modified sectors or other chunks depending on the filing system underneath.
But NFS is very insecure and no wonder it is not offered by server space providers online, so I am told.
Someone recommended sshfs-fuse instead, where if you have a shell account on a server with ssh support, then your space on the server can be mounted as a local directory, and your truecrypt container is accessible directly from the truecrypt application, just like with NFS.
However, this requires a shell account on a specific server, which doesn't sound like cloud to me. Cloud computing is about transparent scalability where you do not manually migrate to a bigger server when storage resources or bandwidth resources are not enough for you (risking compatibility and security problems due to the new hardware and software), but migration is done automatically for you. So there is zero cost and effort migrating. It's as if you have unlimited space and bandwidth. Your credit card is charged automatically depending on resource usage.
Quote:
I'd like to know why just getting a rack server and adding hard drives to it as needed (and then, when it comes to it, getting a second rack server and making your own cloud), which is what everyone else would do, isn't the best solution here.
|
Because you then get concerned with hardware and administration which is not the task for the user of online storage space, or if others do it for you, you only gain storage space but no extra bandwidth or cpu power, and sooner or later you have to migrate. But in the cloud migration is automatic, not your concern.
Quote:
If your answer is "I need unlimited storage and bandwidth" then it translates to "I don't know what I need."
|
I know what I need now, my amount of data is known. But I do not know what I will need in the future.
Quote:
How large are the files and how much RAM do the workstations have?
|
About 1 TB at present if this is important. From what I said above it shouldn't be, and not all data has to go to the server. Neither should RAM matter, as it is not the bottleneck, and RAM available is unknown as the live CD is for use on public computers too.
Quote:
have you actually confirmed that editing a file larger than the client computer's RAM size is feasible?
|
It's not about editing as in using an editor, but modifying small parts of a very large file, as done by truecrypt.
Quote:
Originally Posted by dugan
First, I've already pointed you towards some storage providers that fit your exact requirements. I am not impressed that you've completely ignored them.
|
I was put off by webdav being mentioned because I did not know how to mount it and it has a terrible reputation for security:
http://www.networkworld.com/news/201...11-webdav.html
Then I went to a couple of these providers' sites and they didn't look much like cloud to me, cloud was mentioned by them more like a marketing ploy, to say they have big scalable hardware or something. Are you aware of amazon S3? That is true cloud computing. If someone offers cloud storage like this for a low price or for free, I'd like to know.
If free providers for this exist, maybe I'll make my own version of truecrypt that works redundantly with several containers over several cloud providers, so any crappy free providers do not hurt too much. Maybe software raid over mounted directories already exists?