Data Havens..A consumer perspective

[Jonathan Rochkind]

At 4:30 AM 01/12/95, Nesta Stubbs wrote:
>> 4. It is no concern (only idle curiosity maybe) where the data is parked.
>
>it matters alot too me, that's the security of the dat, what if your data
>is sem top secret plan to bomb the pentagon, and you are using the data
>haven to distibute to your band of anonymous terrorists, I am sure you
>woudln't want your data stored ona  public access Unix system, or in
>plaintext.

You shouldn't ever give the operator the info in plaintext. Encrypt it,
public or otherwise, and distribute the key to your Band of Merry Men.
Then it doesn't matter even it's sitting on a public access Unix system, no
one can read it anyhow.  The main point of this kind of data haven seems to
be providing you a remote location to store your data, in an anonymous way,
so even if it does end up being found out, you can't be linked to it.  I
wouldn't trust the operator to do anything particular with the data other
then keep it safe enough so I can retrieve it later, and I'd take the
neccesary precautions to account for that lack of trust. The only reason
I'd trust him to even keep it safe for me, is because of reputation market.
If he routinely loses people's data, word is going to get around. On the
other hand, if he routinely shows people's data to the FBI, no one is even
going to know about it. I don't trust him not to routinely show the data to
the FBI, or store it in public.  Use encryption.

Of course there are different purposes for data havens, which would require
more trust of the operator.  But I'm not sure how well those are ever going
to work, because I'd much rather trust my encryption then trust the
operator.