Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Communications Encryption Privacy Security IT Your Rights Online

Ask Slashdot: Keeping My Data Mine? (2015 Edition) 132

New submitter schklerg writes: Like many, I am tired of being the product of the corporate "cloud" overlords. To that end, I've got my own Linux server running Tiny Tiny RSS (RSS — Feedly replacement), OwnCloud (Storage / phone backup / Keepass sync / notes — Google Drive replacement), Coppermine Gallery (picture library), Dokuwiki (quick reference), and Shaarli (bookmarks manager — Foxmarks / Sync replacement). Crashplan lets me pick the keys for my backups, and the only thing Google Drive ever sees is a pgp encrypted file of various items. Next up is moving from gmail with iRedMail. Yes, the NSA may have it all anyway, but being under less corporate control is a nice feeling. What have you done to maintain control of your own data?
This discussion has been archived. No new comments can be posted.

Ask Slashdot: Keeping My Data Mine? (2015 Edition)

Comments Filter:
  • by Anonymous Coward

    Good luck on finding anyone who can read a 9 track tape...that's where I keep my data.

  • by SeaFox ( 739806 ) on Thursday December 17, 2015 @03:09PM (#51139181)

    That's pretty optimistic. I'm sure we'll have a duplicate discussion about this before the end of the year.

  • by Anonymous Coward

    I put the stuff on my hard drive.

    • Re: (Score:1, Funny)

      by Anonymous Coward

      I put the stuff on my hard drive.

      But you're still at the mercy of "teh Corporationz" who made the hard drive!
      REAL Men don't use teh EVIL Korporate Overlord hardware, we manually encode the bits on pieces of bark, which comes from trees hand-planted from Heritage seedstock, watered from sekret underground aquifers, and fertilized with our own shit. Backdoor THAT at the factory, China/NSA/GCHQ/KGB, haHA!!!

      • by Anonymous Coward
        That's silly, real men need nothing but a needle, a microscope, a hex editor and a blank DVD.
  • by Anonymous Coward

    and with my GPIB card, I can control my lab instruments too, and keep the data in GeoCalc spreadsheets.

    "Cloud" that, bitches. I guess I could connect the RR-Net to the web somehow.

  • Nothing! (Score:5, Insightful)

    by moxsam ( 917470 ) on Thursday December 17, 2015 @03:12PM (#51139217)

    What have you done to maintain control of your own data?

    I did nothing and it worked. It's still all on my harddrives today. Cool, huh?

    • Try going paperless and dataless... run from a live disc, no cloud, no hard drive, or storage media, and nothing to backup. There you go.

    • What have you done to maintain control of your own data?

      I keep everything on my own fully encrypted harddrive. I use fully encrypted hdds to do backups. I have my own fully encrypted server hosted at a host provider on the backbone with email.

      NSA may have all my mail as well, but I could go to encrypted mail send and receive if I wanted to. There is no need. If I needed to bypass NSA, I wouldn't be stupid enough to use my own equipment or networks.

      I don't use insecure, or unverifiable, protocols and d

      • How do you boot that fully encrypted cloud server? How do you keep the encryption keys out of the cloud provider's hands?

    • Re: (Score:3, Insightful)

      by randalware ( 720317 )

      never lost a hard drive or had a whole system get corrupted (virus,trojan,etc) ?

      you lead a charmed life.

      as a professional system admin ( In a former life) your data is hovering above the /dev/null file.

      learn about backups...

      • by Gr8Apes ( 679165 )
        I've done nothing, because I haven't put anything in the cloud in the first place. The cloud is a stupid idea for things you want to keep yours and yours alone. I have multiple backups, both online and offline, including remote. Same as your former life, I learned valuable lessons without the pain. (We had weekly rotations of backup sets and sent 1 of 4 offsite, so every week we'd rotate our offsite copy. Yes, it seemed stupid at the time. It seemed less stupid when we got hit by a virus. It seemed a whole
      • as a professional system admin ( In a former life) your data is hovering above the /dev/null file.

        No, I use http://devnull-as-a-service.co... [devnull-as-a-service.com].

    • Re: (Score:2, Insightful)

      by war4peace ( 1628283 )

      Or so you think...
      But seriously, I don't give a fuck that Google sees decent pictures of me and my family. Or reads the "A Steam product from your Wishlist is on sale" e-mails.
      The whole setup in TFS has an eerie resemblance to the '80s radio setups emitting tinfoil theories from a van in the boonies, using a generator for power and being "off the grid".

    • by mnemotronic ( 586021 ) <mnemotronic@@@gmail...com> on Thursday December 17, 2015 @04:53PM (#51139901) Homepage Journal
      I don't do anything either. the Chinese govt has all my info including SSN, driver's lic #, passport #, fingerprint info, job & residence history, plus criminal, drug and alcohol history. And rehab history. And relapse history. And re-rehab history. And ... you get the picture. Disk space will be a challenge.
  • by Racemaniac ( 1099281 ) on Thursday December 17, 2015 @03:29PM (#51139327)

    I bought a Synology NAS. I've got full control of my data, and sharing it in every possible way is extremely easy. They've got a ton of good packages you can use it with, so it's just installing the NAS, configuring your router, choosing which packages you want (ranging from just file browser in your browser, to a mediaplayer in your browser, to cloud like syncs, to every possible server you can imagine (vpn, web, svn, database, email, ....)) and all fully under your control :).
    It may not be open source, but it does run linux :). so even if they don't give a package, you can get it on there yourself :).
    I'm very happy i made the decision to buy it, they're not that cheap, but they work very well :). I was also considering rolling my own, but it's just not worth it imo.

    • And what do you do when the NAS fails? A single NAS represents a single point of failure, unless you bought a spare enclosure.

      • You just buy a new enclosure at that point. The discs are still good, and you can migrate your data. And if you've got two brain cells to rub together, you're also backing up your most critical data remotely.

        There are "single points of failure" all over the place in a home or small office. The vast majority only have a single router, a single internet connection, and a single source of power. Most homes probably only have a single computer. The only place you really don't want a single point of failure

        • > The discs are still good

          Except when they are not, especially in a RAID enclosure where identical drives are suffering similar rates of use. Some of us encountered the "Deathstar" series of drives, the IBM Deskstar 75GXP.

          Live disk arrays are also vulnerable to accidental "rm -rf /" errors. Off-line backup is critical to recovery from such accidents.

        • You buy a new enclosure _if_ one is still available. It's not like you can just slap the drives into any chassis, even inside the same brand. It's definitely an issue worth mentioning, especially considering the OP's zeal, since it's easy to mistakenly overestimate the reliability of data on a NAS.

          • Well, yes, there's some common sense that has to happen here. Naturally it has to be a compatible model (Synology has a chart). And how many times do we have to say it? "RAID is not a backup". It's for high availability and local redundancy, nothing more.

            RAID is useful for when one of your drives inevitably craps out on you, and you can just swap it on the fly without any downtime. I actually have a Synology NAS as well, and I've replaced failing/questionable drives several times so far over the years.

    • Re:a Synology NAS (Score:4, Informative)

      by ColdWetDog ( 752185 ) on Thursday December 17, 2015 @06:37PM (#51140509) Homepage

      You think those packages that open your Synology box to the web are safe?

      http://www.secureworks.com/res... [secureworks.com]
      http://forum.synology.com/enu/... [synology.com]

      And others. I like Synology stuff, I use it. But opening anything up to the Internet isn't safe. You may have full control of your data, but so does somebody else.

  • by sdguero ( 1112795 ) on Thursday December 17, 2015 @03:32PM (#51139355)
    I no longer consider things like my name, address, social security number, ip address, bank acct number, etc to be "my data." The only things I still consider to be mine are my pictures, films, and music which I back to to external USB drives that I store in a fireproof safe. I leave the bulk of the security of my personal information up to my providers and try to use hard to crack passwords. If there is a leak (I'm sure there will be, if not already) and it affects my livelyhood, I will hold the company that compromised my data responsible. I don't believe that I have any assets that could be attacked that aren't covered by FDIC or identity theft protection, and none (other than title for my house/cars and my 401k/IRA) are worth more than what I can get back in small claims court, so I just don't worry about it.
    • Then you don't have any data at all.
    • by bwcbwc ( 601780 ) on Thursday December 17, 2015 @03:43PM (#51139431)

      Just how do you plan to hold the companies responsible? It's almost 100% certain that the EULA waives your right to remedy in court in favor of binding arbitration. Even if you bring a lawyer to the arbitration hearing, the rules of discovery and other items are different.

    • by reanjr ( 588767 )

      Oh, a sensible security policy. Weird... don't see those very often. Most seem split into either the "internetz secure!?! IDK, LOL!" camp or the "my data must be secured from the NSA" camp.

  • I've moved from Python/C++ development on Linux to iOS development on a MacBook, but I've got the same setup as the Submitter.

    However one thing I haven't found a replacement for, is online backup. I currently use BackBlaze, and it's soooooo damned stable, light-weight and easy to use... I wonder if there's self hosted alternative?

    • I currently use BackBlaze, and it's soooooo damned stable, light-weight and easy to use... I wonder if there's self hosted alternative?

      BackBlaze stores your private key on their servers:
      https://www.backblaze.com/back... [backblaze.com]

      That doesn't seem very private to me. In fact, when you want to restore your data, the data is decrypted on the BackBlaze server, then zipped and the zip file is sent with the unencrypted files. You can add a passphrase to the private key, but again this passphrase needs to be entered into the BackBlaze website so that the files can be decrypted on the server. They promise not to store the passphrase. I love promises.

      • I think that was his point - that he hadn't found an easy self-hosted alternative. Do you have one?
        • Sure, but it's a bit more involved to use:
          https://aws.amazon.com/glacier... [amazon.com]

          Let me quote something from that page:

          $0.007 per GB

          And of course I encrypt the files locally before uploading them. My private key remains private, and I have it backed up as well on physical media in disparate locations, not online.

          • This. I do this too using S3CMD. You can upload to S3 more easily than Glacier... so far a command-line based Glacier client is sorely lacking. Still, I upload to S3 and then have my S3 data set to archive to Glacier after 24 hours which it does automatically. That means the only files that are in S3 are the most recently changed or new.

            Like you I have a script that locally encrypts with my own private key before upload. That private key I keep in my Owncloud.

            • Like you I have a script that locally encrypts with my own private key before upload. That private key I keep in my Owncloud.

              I would love to see your script, if you don't mind sharing. Mine is "in development" i.e. I still prefer to do it all manually which means that backups do not happen as often as they should.

              • Drop me an email. This user name at nodecaf dot net. I'll be more than happy to share the script with you :)

        • by ls671 ( 1122017 )

          rsync over ssh. The backup server initiate the connection. Use the backup dir option in rsync for incremental backups and a script to gzip the incremental backups.

    • by Paco103 ( 758133 )

      Crashplan allows you to host on your own environments, or peer with a friend and exchange diskspace for encrypted backups. You can even seed backups via removable disks to get a large backup hosted quickly.

      • I don't really like Crashplan. It's this humongous Java app which sucks CPU. But I agree it's probably the only practical and easy way to go about it.

  • Gogs [github.com] a self-hosted GitHub alternative written in Go
  • by Anonymous Coward

    I just don't ever do anything on the internet. Ever. Crazy bad people live there.

  • by radish ( 98371 ) on Thursday December 17, 2015 @03:43PM (#51139429) Homepage

    I can "maintain control of my own data" while still using external services. All my data sits locally, and is backed up to multiple locations, but I also put plenty of it out there in the world. But Flickr or Tumblr or Facebook or whatever could go away tomorrow without me losing anything material.

    I'm not sure what the whole "corporate overlord" thing is all about...either use the services or don't. I don't see either as a significant victory for good or evil.

    • People are paranoid that someone is watching their kitten pictures while rubbing their hands together and laughing evilly.

  • I had my own server, now a VM. $45 bucks a year. Does everything I want, and if I'm not happy with the provider I move it.

  • Backing up my data on a USB harddrive.
  • Seriously.. I don't put data on the web, in the cloud or anyplace I don't completely control and monitor unless it is absolutely necessary. IF it's necessary, it only goes encrypted. So here are my rules...

    1. Don't put data on the net if you can help it. Avoid it at nearly costs.

    2. When you *do* need/want to put data on the net, ENCRYPT it first, even if it's not sensitive.

    3. NEVER put sensitive data on the net unless you have no other choices, then encrypted it using the best encryption possible.

    4. REMO

    • You have put data on the net in clear, I've found it and here is the proof :

      Seriously.. I don't put data on the web, in the cloud or anyplace I don't completely control and monitor unless it is absolutely necessary. IF it's necessary, it only goes encrypted. So here are my rules...

      1. Don't put data on the net if you can help it. Avoid it at nearly costs.

      2. When you *do* need/want to put data on the net, ENCRYPT it first, even if it's not sensitive.

      3. NEVER put sensitive data on the net unless you have no other choices, then encrypted it using the best encryption possible.

      4. REMOVE any and all data on the net you have no more need for right away.

      --
      Don't be a pessimist. It wouldn't work anyway...
      Reply to This

  • Update Software (Score:5, Insightful)

    by Luthair ( 847766 ) on Thursday December 17, 2015 @03:50PM (#51139481)
    If you really want to keep your data yours, you better be on top of all software updates. i.e. ownCloud has had 24 CVEs this year alone.
    • by d33tah ( 2722297 )
      And add some HTTP authentication so that you won't even be able to contact owncloud without entering password.
  • Thank you for this post schklerg, I was looking at replacing my Synology NAS with something that can do more and your post gave me lots of information in that direction.

    FYI, the reason I am replacing the Synology is that it doesn't have enough processor power to run Plex, and keeps crashing under load. It isn't a bad product, just not enough horsepower for my needs.

    • There are a few options for you in this respect:

      1.) Run the Plex server on another machine, and use a drive mapping to give the Plex server access to your media library. This is what I do, but for other reasons.
      2.) FreeNAS. Plex, OwnCloud, and CrashPlan are all two-click-install plug-ins. TT-RSS is fairly simple to install in a jail and there are a handful of cut-and-paste tutorials for doing so. A friend of mine who's Unix savvy has successfully gotten Piwigo to work in a FreeNAS jail (IMO better than Copp

    • by SeaFox ( 739806 )

      Have you looked into XPEnology?
      It's basically Synology's software hacked to run on any PC hardware you want.
      So you can keep your familiarity with the Synology interface and packages, and put them on a machine with horsepower you'll never see in Synology's product lineup.

  • by Britz ( 170620 ) on Thursday December 17, 2015 @04:08PM (#51139619)

    - Piwigo for photos, because Digikam supports direct uploads to Piwigo.

    - Kolab for Email/Calendar/Contacts, because it support ActiveSync and thus iOS and Android support syncing out of the box. Also Kolab is pretty awsome.

    - Seafile for cloud file syncing, because it is a lot faster than Owncloud

    Please keep in mind that I recommend Owncloud as well, because it is a lot easier to install and maintain. You only need webspace. No one in their right mind should really be operating a personal email server in 2015. This is what Google Apps is for. If you earn minimum wage or above, anything you pay for Google Apps will be a lot less than the time you spent on maintaining an email server. I also use Keepass and sync the file.

    - Firefox Sync is open source and uses client side encryption. So why bother with Shaarli? Maybe because Firefox only just now came back to the iOS platform? Note: Chrome/Chromium is nice, but not really for me. For several reasons. This is a thread about keeping your data to yourself, so Chrome goes out the window anyways. Then we have the repeating issue with the extensions

    http://labs.detectify.com/post... [detectify.com]

    which applies to Chromium as well. And then there was the quality/packaging issue on Debian. Among other stuff. So why bother? I use Chromium frequently. Just not as my primary browser.

    • I like Google Drive, but OwnCloud is nice. I set it up in Docker in like 30 minutes with postgresql, redis, php-fpm, and nginx, living happily with other services (nginx connects to php5-fpm via socket and listens on a unix socket on another volume; the nginx unix socket volume is shared between all nginx containers, and the final container listens on HTTPS for a virtual host and just proxies back to the unix socket).

      I've thought about hooking up OwnCloud to Google Drive (it does that) so I can use OwnC

    • by Britz ( 170620 )

      I also set up DokuWiki myself recently. My webhoster Netcup is offering to update this application for their customers when they install it through their interface. In any subdirectory of my choice.

    • by Nkwe ( 604125 )

      No one in their right mind should really be operating a personal email server in 2015. This is what Google Apps is for. If you earn minimum wage or above, anything you pay for Google Apps will be a lot less than the time you spent on maintaining an email server.

      I disagree. True, it does cost you some time and you need certain skill sets to do it properly. You are purchasing benefits with that cost however, namely the comfort that no third party is accessing your already received and historically sent (archived) mail. In a legal discovery situation, you would know that there is legal action pending as you would have to be notified of a request to turn over old email; if your email is on someone else's server, you might never know. It may be true that for most peopl

    • by Anonymous Coward

      Why on Earth would you recommend gapps in a thread about keeping data to yourself?

    • I'd forgotten about Kolab, I may go that way instead. I appreciate the answers!

  • 4 hard drives. Two operating in RAID1 in a Linux file server (CIFS.) 1 external hard drive which weekly automated backups are sent to. 1 external hard drive which is manually mirrored from the other external once every few months and stored in a safe place.

    RAID1 lost a drive a couple months ago, no biggy, just replaced it, didn't lose a thing. The super sensitive irreplaceables (my source code primarily) are kept in a TrueCrypt volume on my AWS server. Just extra insurance against house burning to the

  • Just wait for the NSA to stand up their own Cloud services (probably in their Utah data center) and let them host/store everything for you. Then you can kick back and stop worrying if they've got copies of all your data. As a bonus they handle all your backup needs too.

    (I mean, if you've got nothing to hide ... and all that.)

  • I run an instance of Sandstorm [sandstorm.io], which is software you can install on a Linux server that lets you run other apps. Some features:

    * One-click installs of any of 47 apps [sandstorm.io], like WeKan (similar to Trello) and Davros (similar to Dropbox) and Etherpad (which you probably already know about) and Piwik (similar to Google Analytics).

    * Total self-hostability, with auto-configured free HTTPS certificates and dynamic DNS if you want.

    * Security sandboxing of the apps against each other and away from the Internet, so malic

    • Sandstorm looks nice. I'm going to test to see if it's worth it to migrate. I was really hoping to get more of this type of responses to the thread - ones which expose others to alternatives. Thanks.

  • by Foresto ( 127767 ) on Thursday December 17, 2015 @06:17PM (#51140411) Homepage

    I self-host and encrypt where possible. For other things, I use providers as trustworthy as I can find.

    Email privacy is a tough problem, but a solvable one. I'm working on a project that will give me gmail-like convenience without entrusting my data to Google, and might eventually grow automated/transparent encryption capabilities. It's going to be a while before it's usable, though; nobody is paying me to work on it, so it doesn't get enough of my time. (The mailpile [mailpile.is] project overlaps some of my goals in this area, and might be worth a look to anyone interested in the topic.)

    A Facebook replacement is another tough one, perhaps even tougher than email, but I believe it's also solvable.

    Please keep asking questions like this, and sharing what you discover. The more of us we have thinking about these problems, the more likely we are to work out their solutions.

    • by tomxor ( 2379126 )

      A Facebook replacement is another tough one, perhaps even tougher than email, but I believe it's also solvable.

      Although i'm a little biased on this subject, i can't help but think that in 10 years time people will be scratching their heads trying to understand why facebook was so important to everyone - it feels like something that should be grown out of... i know people like to connect, but there has to be better ways (different ways) than facebook that have yet to be realised, and there is no reason why all your data and activity has to be mined by a single large corporation in the process.

      I think emails is more u

    • by mlts ( 1038732 )

      A FB replacement wouldn't be too hard to do. In fact, we already had something that did everything FB did back in the 1980s and early 1990s... we had multiples... called AOL, CIS, Prodigy, and The Source.

      If coding, it might be wise to code around having small social networks which are interconnected. Want to message someone on another network, or have a wall with content from a number of other providers? We have the Internet protocols for all of that, such as NNTP for store-and-forward bulk stuff (with a

  • I don't have a Data Mine to keep.

    Isn't this more of an issue for entities like Google? They're the ones whose Data Mine is jeopardized by the kinds of rules adopted in the EU.

    Only big companies and organizations have Data Mines.

  • Running all of that stuff is fun when you have the time, but frankly is a huge pain in the ass in the long run. Eventually you will shave that neckbeard right off and start using Gmail again, probably without any Slashdot article...

    • Running all of that stuff is fun when you have the time, but frankly is a huge pain in the ass in the long run

      Well, it depends a bit on what your needs are. I too have a family and not a lot of spare time. For email, I use Google Apps. It's not worth it to me to spend the time on configuring spam protection on the level of Google. But file syncing is very, very easy. I got an ownCloud instance running in 30 minutes or so, plus another 30 minutes getting it to run over HTTPS. That's more than a year ago; haven't touched it since then, except for the occasional update.

  • They have these things called "Hard Drives" and they can "Store Data" and even made into a "Raid" that can help "Preserve Data".

    I have to go look up how much I owe Dr. Evil for the use of the quotes but expecting the online storage to be private is like wishing that an ice cube will protect you from a nuke.

  • Stop using cloud services?

The 11 is for people with the pride of a 10 and the pocketbook of an 8. -- R.B. Greenberg [referring to PDPs?]

Working...