On Mon, Jun 02, 2014 at 07:16:16PM +0200, Bzzz wrote: > On Mon, 02 Jun 2014 19:01:17 +0200 > Diogene Laerce <me_buss...@yahoo.fr> wrote: > > > I use crashplan and Im quite happy with them : very professional > > and they do offer that service. ;) > > > > Their website : https://www.code42.com/store/ > > From what I see, encryption is blowfish, which is good; > but they also keep your key, which is very bad.
I like the idea of Crashplan, but just slapping the label of "Blowfish" on their encryption isn't quite good enough [1]. If I could trust that the encryption was done competently, I'd move to Crashplan in a heartbeat. [1] https://stackoverflow.com/questions/17005256/448-bit-blowfish-considering-the-64-bit-blocksize-is-it-secure-at-all-for-larg > > This is the advantage of encfs: you keep your key, so the > repository is just a shell. Yes, but choosing your encryption badly can cause problems. For one, as above, bad choices can mean poor security. But also a badly chosen encryption scheme might mean unnecessarily large diffs (and so more storage/bandwidth on your cloud provider).
signature.asc
Description: Digital signature
