Store data in a Chinese cloud?
<falls off chair laughing>
Given the recent revelations about mass data slurping by the NSA, we were relieved to hear that a Chinese company has begun offering a whopping 10TB of free hosting to privacy-conscious punters. After Chinese rivals Baidu and Qihoo 360 served up a terabyte of free cloud storage to punters, rival Tencent this week floated a …
Store data in a Chinese cloud?
<falls off chair laughing>
Depends on the data.
Plans for your company's new consumer product = no
Videos of you protesting against US policies = yes
<throws out chair laughing>
Any worse than a US cloud? Plenty of people have no problem with that.
Your personal papers... perhaps not.
Your media horde? Sure.
The real problem is getting it there.
I have been having that very problem for the last few days. Decided to recently beef up my usage of cloud storage. It's been synching for days now. Dunno when it will all finally make it there and i's a relative pittance compared to 10TB.
Don't even want to think about how long it would take to push my big data into the cloud...
So storing it in the US cloud will be so much better will it. ?
My media horde are too busy pillaging to waste their time in any Chinese cloud.
Especially from an iOS or Android device...
10TB data... that you need to get to the device and then from the device to the cloud. Smart people, those Chinese!
Store data in a Chinese cloud?
<falls off chair laughing>
Chinese or not, it doesn't matter if your data is encrypted. I use encfs for my data stored in the cloud, but it probably won't work with Weiyun - there's just a Windows application and a crappy, non-standard API for accessing the files. So unless some helpless nerd creates a FUSE driver, no 10T for me.
So - on a standard 1Mb ADSL upload speed, it would only take 2.66 years to fill? assuming perfect connection of course!
BT really need to get our broadband speeds sorted out.
Except 1Mb isn't the standard ADSL2+ upload speed, that is Annexe M, the standard speed is 443kbps so it may take a while longer.
Annex M allows up to around 2.5 meg
432k is a BT imposed limit on some grades of service unless you had the max option when you got 832k
1.3 meg is the standard on adsl2+ as delivered by BT etc
Providers like plus net still cripple you to 432 unless you specifically ask and so on.
Annex M though is certainly not what you describe.
While the rest of the world is enjoying 10 MBit+ uploads and symmetrical connections.
10mbit still isn't squat for large file transfers.
It's nothing to brag about or lord over others with.
For something like 10TB, even fully wired local GigE really isn't fast enough.
Do you get free prawn crackers with your first order ?
Or wok to burner, whatever.
Going from the NSA to the PRC and expecting privacy. Really now?
No more, no less.
Great news. At last a cloud service that's safe from those evil enemies of privacy the NSA. I reckon my data will be totally safe with those nice Chinese chaps looking after it, they'd never stoop to espionage at all.
I'm guessing the PLA don't routinely share info with the INS, DEA, IRS , etc
So what access does the app give them to the contents on your phone?
Pretty much blanket permissions.
All dialogues are in Chinese however, so not practical for most western users...
Any data storage scheme that I will use for my customers' data, let alone my own, will have to be set up and handled by myself. Because I quite simply trust nobody any longer, and that goes back way before the NSA scandal. If I can't see *all* the possible settings, i.e., have root-level access to the storage medium, I won't let my customers use it unless they really, really insist after several rounds of warnings.
Back to the topic. After having had one customer complain that parts of his work had been patented in the US by a different company not known for expertise in the same area roundabout the time patent applications were being filed in Europe by said customer, I decided to add a disclaimer to my contract: I won't be held responsible for customer stupidity. Now, putting business data of any kind on a Chinese-run cloud, that is customer stupidity. Same level as an U.S.-run cloud service, really.
I have started to ask around for the possibility of having a storage server placed in Sealand...
All very right and proper.
How will you get the data to Sealand without the possibility of it being snarfed up from the network on the way?
Trained seals of course!
They might be detained for 9hours by customs but they are unlikely to reveal your secrets - seals don't leak
Is there an RFC for that? And if not, why not?
Didja catch that bit about requiring an app installed on your phone in order to use the service? Yeah, just what I need is some dodgy chinese company having access to -- I'm sure a very long list of permissions on -- my phone.
If that aspect bothers you, buy a second phone on e-bay and run it purely for data transfers between the cloud storage and the phone and/or your local LAN storage. You don't even need to have a SIM card in it if you limit yourself to WiFi connections.
I downloaded the apk out of curiosity. Requested permissions include network and GPS location, identifying other running apps, changing connectivity, connecting and disconnecting WiFi, changing WiFi settings, full network access and sticky broadcasts.
Good thing there's no attack surface for 0-days.
Or just a sandboxed VM.
Tencents current websites are so slow it would take from now until the end of time to upload just ONE of those lovely Balmer photos.
Store Ballmer's genome? You have put me right off the cloud.
Won't be long before they suddenly announce unforeseen storage charges, and claim they had no idea that their apps contained spyware.
The human genome can feasibly be stored in as little as 1.5GB of data. Given that the person-to-person DNA variance is about 0.1 percent, then, the unique Steve Ballmer can be represented by around 1.53600 megabytes. Therefore, the Tencent cloud could store an impressive 6,708, 739 copies of Ballmer's DNA profile.
All of which relies on the assumption that Ballmer is entirely human.
If you don't want free stuff don't use it, simple as. Ten TB is a lot of space for all that junk data that you don't want to delete but also don't want clogging up your own spindles, just make sure you run it through some fairly hefty encryption. If the PRC want to brute force your 2048 bit encryption keys just to see your archive of holiday snaps then let them. Meanwhile if the data has any commercial value you will have it stored locally somewhere that has good information security and physical security principles applied.
Everything that is free tends to have hidden costs.
Deliberately surrendering control over one's data to a service hosted in a foreign country, whose government is one of the most powerful on the planed, and has ambitions (easily realised) of expanding that power, when the service in question is moreover provided free of charge, with an almost incredible enticement to use it (virtually limitless storage), is really folly. Relying on encryption when a Trojan or whatever it is called might be used to considerably shorten the odds on discovering the key used is not a reliable defence.
Once the data is in place, under the jurisdiction of the Chinese government should they choose to avail themselves of it, then given the lack of any enforceable contractual confidentiality terms on account of the lack of consideration for the provision of the service (not that such [Western] capitalist concepts would impede the Chinese authorities), what is to stop them from helping themselves?
For example: the idea would not be to look at everybody's holiday snaps. But once one of the users of the free cloud service was identified as being in a key position and/or having access to sensitive information, a government service might focus on that person and use all means at their disposal to get to their data. As such, the offer of 10 Terabytes of storage could be seen as a fishing exercise, designed to attract as many people as possible, especially young and careless ones, who one day might come to have responsible jobs and whose past indiscretions may be stored in archives in China, ready to be used as a bargaining chip to secure a "more cooperative attitude".
Of course all this may be wrong and Ten Cents may merely be engaging in a huge exercise in philanthropy towards the population of Earth. Why not? Anything is possible.
Now, substitute 'China' with a country name of your choice and you begin to see the bigger picture.
People will be well to remember the Ten Commandments.
So you mean that the Chinese now play the American Game ? How fucking horrible. The yellow danger can now even replicate American evilness after having replicated American economic methods !!!!!!!
What is hidden about this cost? Are you so smart that you are the only one who has figured out that your data might be compromised if you share it. News flash, stuff in the paper isn't confidential either.
Create dozens and dozens of interestingly named files, encrypt them 100 times with a variety of strong encryption algorithms and extreme passwords, stuff them all into a 100GB TrueCrypt file, protected with some binary data keys, wrap it all into a few layers of weak encryption (like DES) - just for fun.
Then Bzip2 it into a file called "unreleased_tiananmen_video_and_government_wires.bz2" or "more_nsa_data.bz2", and let them have @ it.
The other hidden gotcha with these services is the maximum file size - last time I tried Microsoft's Sky Drive it was 100 MB for them.
This pretty much stuffs storage of HD movies, large database backups and large encrypted containers (i.e. pretty much the only things that would potentially soak up terabytes of space) - unless you fancy splitting them before uploading.
I would hate to be an new author trying to research and write about the kind of subject matter Tom Clancy writes and researches about or a Hollywood writer researching for the next 007 script. Then have a USA Gov. agency decide you're a terrorist for looking and storing that kind of information in someone's cloud the NSA is gobbling up. You might get a knock on the door from the Gov. or worse. At least with the Chinese cloud the worst you can expect to happen is that your account gets closed or edited if anything stored there is found to be undesirable.
Several comments have suggested that we should use this service to upload tons of encrypted junk in order to waste their space and processing time. I suggest that is exactly what they WANT you to do, because tons of encrypted data coming from western countries will neatly mask any encrypted data being sent back by Chinese spies.
Has anyone managed to sign up for this yet?
I made an account, but when I try to get the free storage I get this:
Does not meet all the conditions for obtaining
Conditions for obtaining:
1 Log micro cloud phone 1.6 version
2 registered handsets are not involved in this activity
3 your QQ number is not involved in this activity
* If you are already logged in before the start of Mobile try to log in again after logging out
It would suggest they want me to install something on either an Android or iOS device.
Even if I had either of those, they can sod right off!
Use their cloud to post your resume. At least it will get read!! Heck, maybe they are hiring?? I like Chinese food. :)
PRISM would slurp you data on the way there so either way you're done.
How times change. Storing my data on a Chinese server bothers me no more and no less than storing it on a US server.
Biting the hand that feeds IT © 1998–2017