At 4:30 AM 01/12/95, Nesta Stubbs wrote:
4. It is no concern (only idle curiosity maybe) where the data is parked.
it matters alot too me, that's the security of the dat, what if your data is sem top secret plan to bomb the pentagon, and you are using the data haven to distibute to your band of anonymous terrorists, I am sure you woudln't want your data stored ona public access Unix system, or in plaintext.
You shouldn't ever give the operator the info in plaintext. Encrypt it, public or otherwise, and distribute the key to your Band of Merry Men. Then it doesn't matter even it's sitting on a public access Unix system, no one can read it anyhow. The main point of this kind of data haven seems to be providing you a remote location to store your data, in an anonymous way, so even if it does end up being found out, you can't be linked to it. I wouldn't trust the operator to do anything particular with the data other then keep it safe enough so I can retrieve it later, and I'd take the neccesary precautions to account for that lack of trust. The only reason I'd trust him to even keep it safe for me, is because of reputation market. If he routinely loses people's data, word is going to get around. On the other hand, if he routinely shows people's data to the FBI, no one is even going to know about it. I don't trust him not to routinely show the data to the FBI, or store it in public. Use encryption. Of course there are different purposes for data havens, which would require more trust of the operator. But I'm not sure how well those are ever going to work, because I'd much rather trust my encryption then trust the operator.