this post was submitted on 05 Feb 2025
12 points (100.0% liked)

Ask Lemmy

27938 readers
1784 users here now

A Fediverse community for open-ended, thought provoking questions

Rules: (interactive)

1) Be nice and; have funDoxxing, trolling, sealioning, racism, and toxicity are not welcomed in AskLemmy. Remember what your mother said: if you can't say something nice, don't say anything at all. In addition, the site-wide Lemmy.world terms of service also apply here. Please familiarize yourself with them

2) All posts must end with a '?'This is sort of like Jeopardy. Please phrase all post titles in the form of a proper question ending with ?

3) No spamPlease do not flood the community with nonsense. Actual suspected spammers will be banned on site. No astroturfing.

4) NSFW is okay, within reasonJust remember to tag posts with either a content warning or a [NSFW] tag. Overtly sexual posts are not allowed, please direct them to either !asklemmyafterdark@lemmy.world or !asklemmynsfw@lemmynsfw.com. NSFW comments should be restricted to posts tagged [NSFW].

5) This is not a support community.
It is not a place for 'how do I?', type questions. If you have any questions regarding the site itself or would like to report a community, please direct them to Lemmy.world Support or email info@lemmy.world. For other questions check our partnered communities list, or use the search function.

6) No US Politics.
Please don't post about current US Politics. If you need to do this, try !politicaldiscussion@lemmy.world or !askusa@discuss.online

Reminder: The terms of service apply here too.

Partnered Communities:

Tech Support

No Stupid Questions

You Should Know

Reddit

Jokes

Ask Ouija

Logo design credit goes to: tubbadu

founded 2 years ago
MODERATORS
Bluetreefrog@lemmy.world
candyman337@lemmy.world
TheSaneWriter@lemm.ee
TheSaneWriter@lemmy.thesanewriter.com
candyman337@sh.itjust.works
Asudox@lemmy.world
lemmy_bot@lemmy.world
beefbaby182@lemmy.world
asudox@discuss.tchncs.de
ModeratorCan@lemmy.world
shinigamiookamiryuu@lemm.ee
neidu3@sh.itjust.works
KaneLivesInDeath@lemmy.world
12
How do you ensure privacy and security on cloud platforms in an age of compromised encryption, backdoors, and AI-driven hacking threats to encryption and user confidentiality? (lemmy.world)
submitted 4 hours ago* (last edited 4 hours ago) by Flmaker@lemmy.world to c/asklemmy@lemmy.world
10 comments fedilink hide all child comments
 

How do you ensure privacy and security on cloud platforms in an age of compromised encryption, backdoors, and AI-driven hacking threats to encryption and user confidentiality?

Let’s say you’ve created a film and need to securely upload the master copy to the cloud. You want to encrypt it before uploading to prevent unauthorized access. What program would you use to achieve this?

Now, let’s consider the worst-case scenario: the encryption software itself could have a backdoor, or perhaps you're worried about AI-driven hacking techniques targeting your encryption.

Additionally, imagine your film is being used to train AI databases or is exposed to potential brute-force attacks while stored in the cloud.

What steps would you take to ensure your content is protected against a wide range of threats and prevent it from being accessed, leaked, or released without your consent?

top 10 comments
sorted by: hot top controversial new old
[–] MrPoopyButthole@lemmy.dbzer0.com 12 points 4 hours ago (2 children)

Store your own shit on your own Linux server. Don't trust other companies. Use industry standard libraries like OpenSSH, LUKS.

[–] slazer2au@lemmy.world 1 points 1 hour ago

But do realise that HeartBleed was in a industry standard library so don't trust it 100% but do keep it patched as much as possible.

[–] AceSLS@ani.social 4 points 4 hours ago (1 children)

This is only really secure if your server is in a trusted location imo

[–] MrPoopyButthole@lemmy.dbzer0.com 6 points 4 hours ago

I think that's covered by "Don't trust other companies". You just need a business internet line with a static IP to host your own stuff in your house.

[–] MajorHavoc@programming.dev 1 points 2 hours ago* (last edited 1 hour ago)

I'm going to deviate a bit from your question, since you asked a bunch of questions, and aim at the implied question underneath: "is there any hope for a non-expert?"

A Synology network attached storage device (NAS) provides reasonably good answers to the question "how can I have privacy and have some backups" without being a Linux expert.

It ships with apps that replace common cloud services with local backup equivalents.

It can also be configured to do local encryption before backing up to a cloud service, for data where disaster resilience is more critical than privacy (i.e. a library of family photos).

Edit: And as others have explained - we must always remember that the cloud is just someone else's computer.

[–] actionjbone@sh.itjust.works 6 points 4 hours ago

That's the funny thing about data storage: you don't.

Encryption mitigates the likelihood of somebody gaining access. But anyone with physical access to the media can potentially gain access to the data - it just may be incredibly difficult to decrypt (or to find a bug that permits decryption).

[–] givesomefucks@lemmy.world 5 points 4 hours ago

Just stop putting important stuff on the cloud...

Like. You're asking the best way to safely secure the $100 bill you taped to the sidewalk outside your house.

There's measures you can take, but at the end of the day why are you so set on taping a Benjamin to the sidewalk?

[–] AceSLS@ani.social 3 points 4 hours ago* (last edited 4 hours ago) (1 children)

gocryptfs is what I'd use for this. It's designed with cloud storage in mind

Using strong encryption should be enough for your use case, unless you're a high profile target. Even then, it's more likely whoever is after you will try to get access to your unencrypted files instead because cracking strong encryption isn't worth it most of the time

Iirc your cloud service provider could still figure out your unencrypted directory layout and filenames. You should really do some research on this if you wanna make sure you know all the risks

[–] Flmaker@lemmy.world 2 points 3 hours ago* (last edited 3 hours ago)

I appreciate your suggestion very much. I wonder what the difference between gocryptfs and others like Trucrypt would be.
Need to search and compare the pros and cons of both, the advantages and disadvantages of each, particularly in terms of security, ease of use, and performance

[–] asbestos@lemmy.world 1 points 3 hours ago

Cryptomator is the most frictionless one