tsftd

[Already Implemented] "blind" Or Encrypted Sync

Recommended Posts

I am in the process of setting up mutual backup syncs for my family.  Having been through a major natural disaster in the past, I'm sensitive to the possibility of not only a hard drive dying (solved by local backup), but the entire location (house/office/etc) being destroyed (earthquake, hurricane, fire, etc).

 

Bittorrent Sync fulfills this task admirably -- each family member/group (myself, my parents, and my sister) will have an old computer running Linux with a multi-terabyte drive.  Each person will have their own one-way sync, which is tied to the other 2 computers.  It allows each group to have 2 backups in different states (and countries, in fact), at minimal cost or bother (basically the cost of the drive, as we have plenty of old computers laying around, and once setup, there is practically no need for maintenance).

 

HOWEVER, there is one problem.  Each group has certain data that they don't want everyone else to be able to see.  I have work-sensitive data (such as clients' personal info), my parents have financial records (their own and mine as they have DPOAs to manage certain financial interests of mine in the states since I live outside the country and in a very different timezone), and my sister's husband is (understandably) hesitant to have his family's sensitive information available on 2 other computers.

 

The solution to this, of course, would be a "blind" sync.  One which allows you to store the data on the synced computers, without that data being available to them.  Simply encrypt the remote data (data in the "blind sync" location), while leaving the local data unencrypted.  This would allow people to use the "cloud" feature without having to worry about the security of their data on the remote end.

 

Ideally, there would be another option to have the "master" node encrypted but sync it unencrypted (for use cases where, for example, the data is stored "in the cloud" on a server node within a remote datacenter not under the direct control of the user, but synced nodes must be unencrypted for use).

 

This would allow:

Master node - Slave node(s)

unencrypted - unencrypted (currently the only possible setup)

unencrypted - encrypted (for backups without the backups being readable locally)

encrypted - unencrypted (for cloud use without the cloud node being readable locally)

encrypted - encrypted (arguably not needed, as local disc encryption and then syncing the encrypted data would accomplish the same thing under the current program)

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.