1

After hearing about programs like PRISM, I don't trust cloud storage very much to backup my computer files. I'd like to know a way, the best way, to backup about 5-10GB of storage and ensure that I am the only one that will ever be able to access it. This should be "off-site", meaning not in the same room or building with my computer, and free or a pay-once model would be nice.

Things I've already found or thought about:

1) https://prism-break.org - A neat website with all sorts of ways to keep your information private from PRISM and similar programs, though their mentions of cloud storage seem to mostly show protocols supporting some type of blockchain or Tor cloud storage services without any viable providers of it yet (most/all are in beta).

2) Put my data on a USB drive and carry it around with me. However, if that drive is lost whomever finds/steals it will have plenty of time to try and crack any encryption I have on it (as encryption is being broken all the time, and newer methods are used) so then they will have my files. Are self destructing drives a thing? How would that even work without it accessing the internet? I could put all my data on a micro SD card and surgically plant it into my skin, but I don't think I'd ever want to go that far. And it will be a pain if I want to update my backup files.

3) Put the files on my phone. Cell phones might have better encryption than what I could have on a USB drive, but since I use Android, which I don't exactly trust (i.e. owned by Google), my files could be accessed when it's connected to the web or a certain app that snoops around the directories.

4) Use a physical public storage unit, or even a rented bank deposit box, to store a hard disk drive. In the long run this will cost too much $, and if I can't afford to pay it who knows what will happen to my stored drive, and then if I'm trying to recover my files and can't get the drive I could lose my data forever.

TL;DR Which method do you think is the safest and what is your reasoning? Which cloud storage provider do trust the most that is safe from government or attackers? Is it best to wait for blockchain cloud storage to be a thing? Do you have any other ideas?

Improve this question
3
  • 1
    use a program named true crypt or it's successor Vera Crypt to create a encrypted container to put your files
    – Vishwa
    Commented Apr 9, 2019 at 6:08
  • You don't trust the internet in general, you don't trust a USB drive to not be lost/stolen, you don't trust encryption, you don't trust your phone or Android or Google, you don't trust a bank safety depost box (if you don't pay)... Is this a riddle? I think I know the answer - Delete the data and it will be hidden for eternity
    – Xen2050
    Commented Apr 9, 2019 at 23:33
  • Questions seeking product, service, or learning material recommendations are off-topic because they become outdated quickly and attract opinion-based answers.
    – Ramhound
    Commented Apr 10, 2019 at 11:24

2 Answers 2

Reset to default
1

You are overthinking the problem - PRISM does not break encryption, it bypasses it by getting data from one of the parties in unencrypted form - i.e. the sending party or party with decryption key. To safeguard against this, simply ensure your data is encrypted and you are the only one that has the key.

There is no problem (from a PRISM POV) uploading an encrypted backup to a cloud provider provided they don't have the key. Keep the key separate, safe and in multiple places, and/or split it between multiple people you trust such that no one person has the whole key.

To comment on your options -

  1. If you use a proper random key (not password) and decent algorithm you will be long dead before the encryption can be broken - in fact it's possible that the universe will be dead...

  2. Android cellphones use LUKS (Linux Unified Key Setup). It's a good system and TPM equivalent makes it hard to break. You can get a similar benefit with greater flexibility using LUKS in Linux or Bitlocker on Windows. VeraCrypt is likely OK too. Of course, if you don't care about filename leakage (i.e. metadata), file level encryption is OK as well.

  3. Swap encrypted USB disks with a bunch of friends. That said, uploading ENCRYPTED data (where you hold the keys) to the cloud is likely more secure and PRISM safe.

Improve this answer
2
  • The only thing I may be overthinking is that the NSA wants my stuff, but when I have a lifetime of work in an archive or password entries, personal contacts, and even private keys, it is going to concern me where I put it.
    – user1018976
    Commented Apr 9, 2019 at 20:17
  • Cloud storage today is still centralized, so the provider still has access to the encrypted archive or could make a copy of it even after I removed it. Encryption is being cracked all the time, and I can't really be sure that 10-20 years from now hardware wont be powerful enough to crack AES-256 or some other contemporary algorithm as easy as it it to crack 8 character passwords now. Hence why I mentioned some type of decentralized storage, so no single entity would have my files as they would be split over many places.
    – user1018976
    Commented Apr 10, 2019 at 2:33
0

Solutions #1 and #3 have data on a remote-access device, which is not advisable. #2 is prone to loss/destruction. #4 is what most companies do... and with added cryptography, you can avoid the incurring cost for a deposit box ;)

Put the data on an encrypted harddisk, memorize the key, and store it at a friends place, at your parents' home, in your office, or at whatever other remote place - for free. You may even suggest to do that mutually. The hard disk does not consume much room, and noone can access your data without the encryption key. (In the worst case, they will lose the hard disk.)

Every now and then (when you visit that place) swap the harddisk with a different one, which carries a fresh snapshot of your data. If you have at least two harddisks, at every point in time there will be an offsite backup. If you have more, you can operate with multiple locations. It's what squirrels do, so it must be a good strategy ;)

Improve this answer

You must log in to answer this question.