Rethinking Encryption

A really interesting article on the encryption debate from Jim Baker, who was the FBI’s general counsel when it tried to get Apple to decrypt the iPhone of one of the San Bernardino shooters in 2016.

Baker argues that despite law enforcement facing the prospect of losing access to plain text messages from various sources, and the extra difficulties involved investigating certain cases, widespread encryption should be encouraged by all public officials to counter the much graver threat posed to national security from insecure networks and communications.

Today, digital technology is pervasive and society relies on a range of devices, networks and services to conduct its most important affairs. The political, economic and military power of the United States, as well as the health, safety and welfare of Americans, depend heavily on the secure and reliable operation of a complex digital ecosystem. We have connected our most vital international, national, regional and local systems to an inherently vulnerable network of networks. Glenn Gerstell, the general counsel of the National Security Agency, recently wrote a compelling piece about the complexities of the global digital network and the many challenges it presents to the United States.

It is, therefore, essential that we safeguard the confidentiality, integrity and availability of data on those networks. But we have not done so. The failures are systemic and involve poor design, poor implementation and poor risk management. The cybersecurity problems of the United States and its allies are profound.

With China, in particular, aggressively hacking everything from universities, to companies and Governments, Baker points out that the ongoing threat from that activity far outweighs the loss of access to some criminals’ messages.

Refreshing to see this argument put forward when we’re so often only presented with the simplistic “do this or criminals/terrorists/paedophiles will escape justice.” The fact is that our entire society now relies on strong encryption and weakening it will have far-reaching unintended consequences.

Photo Backups, Part Two

The second phase of backing up my photo archive was to find an online storage option. A bit of research narrowed the options to either BackBlaze or CrashPlan, and I ultimately opted for CrashPlan. For $70/year I can backup an unlimited amount of data, encrypted with my own personal key which never leaves my machine.

One downloaded and installed, I pointed it at my 220GB photo archive and let it loose… at which point the downsides to Australia’s ADSL network kicked in!

Living only approx. 300m from my local exchange, I have a pretty good ADSL line, connected at 20Mbps down, 1Mbps up. In practical terms, CrashPlan seems to max out at a sustained 850kbps, which means that, although I started the upload on Jan 11th, it’s still telling me I have 15 days to go!

I was away for a week at the Tour Down Under, but even still, this is what passes for excellent broadband in Australia and our current Govt. scrapped plans to build a Fibre-To-The-Premises network throughout the country, instead replacing it with Fibre-To-The-Node (where node is a cabinet at the end of your street), which will still rely on the existing crap copper infrastructure into the home.

Ah well, only 15 days or so to go!

Photo Backups

Prompted by a discussion earlier this year when I mentioned to Jacqui that a few years ago I’d lost almost all my photos of our South African trip from 2002, I’d been meaning to get around to restructuring my backup procedures for my existing photo collection, currently comprising 27,500 photos and 225GB of data.

I had local backups, but it was a pretty manual process - copy from card to external HD, then at random intervals back that HD up onto a second external HD. Better than nothing, but still pretty haphazard.

Stage 1 was to get a RAID setup going, so after a bit of research I settled on a 6TB LaCie 2big Thunderbolt2. Configured as RAID 1 gives me 3TB of storage, which is plenty to handle my music and photo libraries. Since it’s Thunderbolt 2 it’s fast enough to handle editing and managing my photo library without needing the catalog on my laptop HD.

Next stage will be to figure out some off-site storage. At this stage I haven’t decided on a suitable option. My regular documents are sorted already so I don’t think I need a continuous backup solution, especially since, apart from the actual image catalog file, the image files won’t change at all. Furthermore, it’s all on an external HD which isn’t necessarily plugged in all the time.

A few hundred GB of FTP storage would suffice, but some of the online backup services are pretty cheap for unlimited storage, so it may be easier to go with one of those. That can be next week’s research project!