Friday, June 25, 2010

Computing in the cloud and securing my private data

Since my computers are all connected to the Internet and there are many benefits in having my 'public' computing activities hosted or stored on public (free) computers, I have been assessing whether I can keep some  of my personal or 'sensitive' files in the 'cloud'. I have concluded that none of my sensitive data should ever be put in the'cloud'. The main reason for this is that, once these bits and bytes have been sent through my ISP's servers, they are in effect 'public' or at any rate potentially so. Essentially, I have lost control of where or to whom they are sent. I have always considered my email, blogs, webs and so on as essentially open to all, or at the very least to external organizations that demand these files from ISPs and 'cloud' resource managers. That way, I hope that I have not put myself in a situation where these files could cause me problems. I am very polite in these public venues.

The items that should not be 'visible' to the outside world are my password lists, private diary entries and thoughts, my photos and personal documents, including scanned copies of my passport and my bank and credit card details. My personal address database is also private and needs to be protected. I store these files as 'invisible' items for local use only inside encrypted volumes on the local hard disks of my personal computers. These files are synchronized to each other by using batch files to send them over the local network and with a portable hard drive, which is also encrypted. There are other layers of encryption. My private documents and databases can only be opened in their applications with a password. I use TrueCrypt as the tool to make encrypted virtual local drives within the hard drives of my computers and I 'hide' my private files within them. I try to ensure that these files have never been sent across my ISP's networks, or into the 'cloud'. I do not mount these virtual drives except when I need them and I do not leave them 'open' when I am surfing or using the Internet. If I had really sensitive (military-equivalent) data, I would keep it on a notebook computer which never accessed any network and which did not have any USB ports. Backing up hidden files to an on-line resource is clearly not a good idea, so I have to be responsible for making safe copies myself. I do not  allow any access to my computers from other computers outside my local network, although I recognize that this does not prevent others from maliciously entering my network and computers through crafted web pages, Trojans or key loggers. I just have to be alert and compute as safely as I can.

But the 'cloud' has many virtues. One is the excellent feature of many of Google's on-line resources that are often linked to each other: I can write a blog in my gmail account or in a Google Doc and publish it on my blog directly from either of these applications, as well as editing the blog directly in Blogger. I hope that other cloud resources will work as well as these, so that I need only one portal for many of the on-line files that I generate and use. Perhaps this will be a feature of  Google's OS?

I conclude that I have to compute in a schizophrenic manner, with two sets of rules, one for public and one for sensitive data. I have to decide which type of data is in each file before I create it.

I believe that a local encrypted virtual drive should be available to every user, to contain sensitive data in hidden files. Add that strong recommendation to my earlier one: that every computer should have two hard drives one of which is removable and which is used to clone the system drive and to replace it when it dies, a fate (like taxes) that all are subject to. Plan ahead!

Christopher Spry
Wimbledon, London
Updated 15:37, 29 June 2010

My website is cramped

Published TUESDAY, AUGUST 15, 2006

My website is cramped

It is surprising, in this age when hard disk space is cheap and widely available, that Internet Service Providers (ISPs) limit the space available to their customers. For example, I have a community website, for which I pay nearly £100/year, which limits me to 80 MB total space. I should like to add still pictures, videos, sound files and so on, but as my web space is already full (in fact they kindly allowed me 10 MB extra space) there is currently no possibility of doing this.

At another of my website, I have arranged for searches and access to be directed through my broadband connection into my house, where they are connected to the website which I am running under Windows XP. There is no limit on the size of the website I can provide here. Fortunately, this ISP does not charge for this useful service, so I do not need to purchase additional web space beyond the small amounts they allow me to use as part of my broadband account.

I see that there are some ISPs who are offering much more space that usual, but this does not seem to have stimulated the principal ISPs to increase theirs.

Major disadvantages of serving my web from my home computer, are that the uplink speed is slow, only one web can be made available this way for each broadband connection and the computer has to be on all the time. Many computers are not designed to run continually and there may be power supply or hard disk problems ahead. Perhaps I should consider buying a dedicated server to serve my web from home. My first searches on the Internet for a suitable computer have not been very successful. For about £350 I can buy a server that this has no monitor, keyboard or mouse. I suppose I could load Linux onto it and administer it from another computer. Suggestions about the best way to proceed would be gratefully received.

I'm sure there are many people like me who have web sites which are cramped and expensive to run. For us, a computer that would run continually and silently from home, would be a great step forward.

Christopher Spry
London, 15 August 2006

My new blogs

My blogs about the Natural World are at Here, I plan to comment on computing issues that affect me as I work with, and update several Intel/Windows PCs in Wimbledon, where the  Internet connection is up to 3.5 Mb/sec and in Senni, Wales, where the Internet is only available at up to 0.5 Mb/sec.

Christopher Spry
Wimbledon, London
15:19, 25 June 2010