| |||||||||||||
Howto fix the problem:Howto fix the problem:Posted Oct 15, 2009 7:22 UTC (Thu) by dlang (✭ supporter ✭, #313)In reply to: Howto fix the problem: by drag Parent article: Ubuntu to store copies of all users' address books
do you want to run the risk of loosing everything if you loose the password? or are you willing to take the risk that someone will break in through the Canonical security, download your data, dig through it to find something interesting, and take action on it?
I would not use their service personally (I would do the client-side encryption and keep track of the key), but I know a lot of users who I would recommend use something like this so that when they trash their system badly enough that they need to reinstall their systems they will still have their data. Many of these users have trouble remembering one password for their system, let alone taking appropriate actions to protect an encryption key.
(Log in to post comments)
Howto fix the problem: Posted Oct 15, 2009 8:02 UTC (Thu) by ekj (guest, #1524) [Link]
I have a laptop, it does backups to a fileserver in the basement. It also does encrypted backups to a backup-service on the internet. The latter is there for the case that our house is burglarised, or burn down, or some other disaster destroys BOTH laptop AND fileserver at the same time.
And yes, if that happens AND I've forgotten the password for the encryption, it's acceptable for me to suffer data-loss. We're talking miniscule probabilities here. (I'd have to forget the password I use for logging in every day at the precise same time that something catastrophic happens at home. That's a level of risk that is entirely acceptable to me.)
Sending my entire digital world to some random company on the internet, for them and anyone that aquires, breaks into, subpoenas or otherwise gains access to their servers ? No thank you, not interested.
Howto fix the problem: Posted Oct 15, 2009 17:39 UTC (Thu) by dlang (✭ supporter ✭, #313) [Link]
you are not the common case (neither am I), we can and do take steps like this so that we do not have a single point of failure.
we also don't need a service like this because we can replicate and protect things ourselves.
this service is intended for people who otherwise are not backing things up, let alone replicating an encryption key for the backup.
Howto fix the problem: Posted Oct 15, 2009 13:19 UTC (Thu) by sourcejedi (guest, #45153) [Link]
Won't help. They still need their launchpad password.
If you can trust someone to hold your launchpad password in escrow, you can surely trust them to do the same with your encryption password.
In practice, I suspect you can just reset your launchpad password by email. So you have to rely on your ISP resetting your email password when you forget _that_. And that they don't go bust or disconnect you for using too much bandwidth making online backups :-)...
Yes, many people are likely to accept this service given the choice. But this is a pretty low bar to pass. We can and should do better.
Howto fix the problem: Posted Oct 15, 2009 16:23 UTC (Thu) by drag (subscriber, #31333) [Link]
> do you want to run the risk of loosing everything if you loose the
password? or are you willing to take the risk that someone will break in through the Canonical security, download your data, dig through it to find something interesting, and take action on it?
It is easy to keep a password or key safe. Print it out into a hard copy
Then it is win on both sides. As long as you make it absolutely known that
I suppose if customers trust Canonical then they can just send them the
Howto fix the problem: Posted Oct 15, 2009 17:37 UTC (Thu) by dlang (✭ supporter ✭, #313) [Link]
you would be amazed at the number of people so do not protect their important documents like this.
|
|||||||||||||