On Sat, 2010-07-24 at 09:04 +0100, Matthew Macdonald-Wallace wrote: > On Sat, 2010-07-24 at 08:40 +0100, Dan Fish wrote: > > Hi > > > > This is a call for help for a project that I've set up after a > > discussion on IRC. The general idea is this - we all have data we'd > > rather like to have backed up off-site, and a number of options exist - > > dropbox, amazon s3 etc. However, most of us have some storage to spare, > > so how about creating a peer to peer, multiple redundancy, off-site > > backup system? In effect, you, as a participant, would offer up a > > certain amount of your own storage and bandwidth (can be during off-peak > > times) and get a certain amount of off-site storage, with redundancy > > (think RAID) for free. > > > > Starting a project from scratch would be a tall order and certainly > > *way* beyond any skills I have. Luckily there have been a few attempts > > at this in the past (and there are a few closed source commercial > > implementations out there). I've started a wiki page starting to > > document some of the existing open source projects - > > https://wiki.ubuntu.com/UKTeam/Projects/DistributedBackup > > It would be great if anyone with some time/knowledge/curiosity could > > have a look at some of the existing projects on the page and give an > > opinion as for suitability. Feel free to add any projects that you are > > aware of or come across. > > I like the concept, but I have a few questions that would need to be > addressed: > > 1) How would you ensure that my files cannot be copied or read by anyone > else on the network? > > 2) Who would be legally responsible for the files that are stored - the > person who uploaded them or the person who's computer they are stored > on? > > 3) How could I be sure that the materials being stored on my computer > are not something I object to? > > The concerns above arise out of a lot of recent work I've done working > closely with Law Enforcement Agencies in the UK. > > The only way to really ensure (1) is to encrypt/decrypt everything using > a unique identifier for the person who uploaded the files to the network > (GPG/PGP springs to mind as a possibility). > > The problem with encrypting everything is that if someone uploaded > illegal or malicious content to a network, that person could be done for > distributing the content, however it is entirely likely that unless a > legal agreement is in place that clarifies (2) the person who is storing > the files would be likely to be arrested and charged with possession. > In the case of Child Sexual Abuse Images, this would undoubtedly carry a > prison sentence and registration on the Sex Offenders Register for at > least 5 years. > > Point (3) is a moral issue. If I was against pornography for whatever > reason (and I'd like to point out here that this is the obvious "Daily > Mail" example, not necessarily my own view-point!), I'd want to know > that I was not storing any pornographic content on my computer - how > would I guarantee that the content on my computer was "acceptable" to > me? > > Please understand that I'm not trying to piddle on your fireworks here, > I'm just making sure that relevant issues are discussed - especially in > the litigious American-Style legal system that we appear to be heading > for in the UK! > > Kind regards, > > Matt > > All good points Matt and significant potential stumbling blocks. Regarding accessing stored files, yes, they would be encrypted on the storage device with a key that only the owner would have. Regarding the legal issues surrounding the ownership of the files, yes, a legal agreement would have to be in place - this is common to all online storage systems - S3, dropbox etc. Regarding the morality issues, that at the end of the day is down to individuals and trust.
Regards Dan -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
