Tuesday, February 7, 2012

A Dropbox Replacement

So, I've just had an idea, and am not having much success finding it out there already. If you know of it, please let me know. What am I thinking of having it do?

This will need to do several things. First and foremost, it needs to support the same ideas as Dropbox: It syncs files across Windows, Linux, Mac, Android, and iPhone. It will allow people to share files with each other. It will also allow public sharing of files (such as photos).

The remaining pieces are where it gets interesting. I'd like the system to use a system like TrueCrypt. Using this, it will keep the entire dataset encrypted. It will also use many small files (on the order of 10M-100M), so that only an encrypted chunk has to be transferred, instead of the whole encrypted dataset. Doesn't sound like a big deal, until you start factoring in the ability to store photos. Imagine having to upload the entire dataset as one big chunk just because you rotated that picture of Uncle Jim where you were holding the camera sideways. 10G (or more) being uploaded, just for that, kinda sucks.

The backend storage is also different: Instead of uploading those chunks of data to a specific server somewhere, it uploads to a service utilizing Amazon's S3 protocol (obviously, Amazon itself is a viable choice for this).

As an added bonus feature, it should be able to commingle chunks from different S3 backends, and use that as a way to provide steganographic features. Using that, it would even be possible to have multiple layers of hidden volumes.

Another bonus feature: A destruct password. One that, when entered, will render the entire volume, and any hidden volumes, unusable. Considering the direction the government is going, this could be a very good thing to have.

An even better bonus feature would be having the TrueCrypt container dynamically resize as you add data, so that your space only goes as large as you need it to. With the idea of hidden volumes, this might not be feasible, but it would be nice.

Now, put all of this together, and you wind up with a service that is actually very easy to manage. It gives the security of TrueCrypt, the convenience of DropBox, and the mobility to use all of your data where you want and how you want.

Is this out there? Does anybody already have it available? Or is this something to be written at some point?


Kevin H said...

You might be able to build something on top of, or in conjunction with TahoeFS.


Michael Pedersen said...

Actually, I just had a different thought that could do this.

TrueCrypt is open source. What if it were modified to have a separate thread responsible for uploading changed blocks to an S3 compatible backend?

At that point, the UI is modified to allow selecting the backend. The end result would be something that would allow for very small changes being uploaded (normally, anyway), and secure storage on a cloud backend.

I might have to do find a way to add this patch. I think it meets what I'm looking for very well. The only thing I lose from DropBox is the ability to easily share files publicly, but I don't use that from them anyway.

I really like this idea.

Fellow Traveler said...

IMO solution is to use Tahoe-LAFS for the storage. That will handle the striping, the crypto, etc.

Integrate Open-Transactions, to solve issues of resource allocation.

Then you will have the perfect client-centered Dropbox replacement.

With OT handling the accounting, you can use Bitcoins as the "Skype credits".

You can even send yourself a small % of those coins directly over the network, as your payment for writing the client.