January 14, 2016

My solution for cloud storage

[This post and its content is really old, but I decided to disclose it only around 2016 since I still find the content valid]

Back in 2013 I received a present from my father: a brand new iPad. At a first glance i thought this device was totally useless, but in the following weeks I I found that my efficiency, perhaps thanks to monotasking,  was definitely increased. In those months there were the Snowden's revelations, and I started caring even more than before about my privacy. I had never used "the cloud" before, but an iPad without it's cloud it's pretty useless, and I had to find the best privacy-aware solution.
As a technician, my view as cloud as remote storage, is that there's nothing really innovative in synchronized file sharing over a network: What one can get out of the cloud is an enhanced user experience, device synchronization, and (if you dare to call them so) automated backups. 

I passed a few days trying to find a suitable solution for my environment: I needed to synchronize my iPad+linux+OSX+android+Windows in a secure way.

There are a plenty of solution for conceiving cloud storage and encryption, but none of them can put together all my platform with the option for offline consulting on mobile devices (i.e. Cryptobox, which required to be online when I insert my password: what a bummer!)

As far as I remember, the solution I found was:
  1. Cryptobox+Dropbox
  2. Dropbox+Truecrypt+Disk Decipher
  3. Dropbox+oPenpgp Lite (iPad)
  4. ownCloud

The first three solutions were discarded for various reasons. I did not want to use Dropbox even with encrypted files because of the Metadata (notwithstanding that they give you so little space), and the user experience of the software that you can put on top of Dropbox is (was?) rather poor.

The only "drawback" of the 4th is that  you have to manage you ownCloud deployment which is not that bad as one can imagine :) If you have already a VPS, that's by no mean a problem. I have a really cheap VPS that I use almost just for that and it's not a burden at all.

Now (after 2 years I have in draft this post) I'm still using ownCloud. I love the InstantUpload feature for my mobile devices and I'm using plenty of  internal Apps (such as task, notes, gallery, news, etc..)

I have chosen to host it on a VPS (with encrypted storage)[1] and my connection is in HTTPS thanks to Let's Encrypt.

Combining ownCloud and QubesOS together it's even more better: you can have multiple account and sync each single AppVM on it's own (beware of the security implication of this, though). When I need to take notes on a random computer, I have a specific account for that, so I won't leave my important credentials on a yes-i-have-the-latest-keylogger machine. It also support 2fa and SSO, which is just lovely.

[1] yes, keys are on the server, but you can buy a physical machine, or use a domestic server if you have a decent and reliable connection.