Scotty
|
|
| Total Posts: 667 |
| Joined: Jun 2004 |
| |
|
Suppose I was working with someone in a different part of the world and wanted to share things like:
- market data (gigabytes)
- pdfs and documents
- code
I need it to be simple to access and somewhat secure. Some options are (but I'm a bit clueless):
Google cloud
Amazon ec2
dropbox
a VPN
Any experiences or advice to share? |
“Whatever you do, or dream you can, begin it. Boldness has genius and power and magic in it.” |
|
|
 |
|
| Dropbox has worked well for me, but I am a bit apprehensive on the security around all these things. I, too, would like to hear more. |
|
|
 |
YukaRedux
|
| Now with added evil |
| Total Posts: 574 |
| Joined: Dec 2004 |
| |
|
I've found Dropbox to be outstanding in terms of value & uptime - being able to access my docs from the iPhone has also saved my ass on more than a few occasions. Super easy to set up & use.
Security-wise, they're OK - they've had some problems in the past. My feeling is that anything of critical importance and secrecy that you shoot into any cloud-based provider should be separately encrypted & password protected. |
Back from the dead. And still not a girl. |
|
|
|
Trev
|
|
| Total Posts: 31 |
| Joined: Mar 2010 |
| |
|
| SpiderOak is very solid and has a better reputation vis a vis security versus Dropbox. It also has an iPhone/Android app. I've been using SpiderOak and Dropbox both for about a year now and really like them both: I added SpiderOak after reading about some about security issues with Dropbox (i.e. ability for on-site personal to see passwords and other info) and added SpiderOak due to security implementation. |
|
|
|
goldorak
|
|
| Total Posts: 385 |
| Joined: Nov 2004 |
| |
|
If it is all about sharing documents, you may want to have a look at amazon S3 rather than amazon EC2. On Amazon S3 you can have your documents encrypted "on-the-fly".
s3sync is a pretty useful tool in that case. |
If you are not living on the edge you are taking up too much space. |
|
|
|
weismat2
|
|
| Total Posts: 71 |
| Joined: Jul 2007 |
| |
|
Depending on the quality of the internet access, you may also consider buying synology boxes and use sftp and/or rsync to sync the boxes.
You might need such a box anyway as a datastore locally.
The software bundled with the boxes has a nice GUI to setup Unix services for non-Unix persons.
|
|
|
|
moonvest
|
|
| Total Posts: 20 |
| Joined: Mar 2010 |
| |
|
Has anyone had experience with Huddle?
I'm trying to find a more secure alternative to DropBox as well. |
|
|
|
|
granchio
|
|
| Total Posts: 1416 |
| Joined: Apr 2004 |
| |
|
| to share code, we use SVN with the main repository on a dedicated server. we use it also for important docs, sheets etc so we get the versioning on those too. |
"Deserve got nothing to do with it" - Clint |
|
|
jslade
|
|
| Total Posts: 751 |
| Joined: Feb 2007 |
| |
|
I have used dropbox and google docs, and found them helpful for sharing data. I have no idea how secure they are.
One thing I have found helpful for remotely managing small projects is basecamp. It's free for "single projects" which can be as big as you want them to be. You can build up task lists with associated documentation, links and so on. I think you can upload files up to 2Gb.
Another commercial thing I've used is projectlocker; the SVN and wiki can be helpful if you're using SVN to share code. |
"Learning, n. The kind of ignorance distinguishing the studious." |
|
|
|
DrGrumpy
|
|
| Total Posts: 93 |
| Joined: Nov 2008 |
| |
|
I guess you need to specify what "somewhat secure" means to you Scotty.
You can have perhaps two of: secure (think encrypted), easy to access and easy to setup/maintain.
My view is that any machine that you don't have physical control over is somewhere you would want to think hard before storing any of your special sauce...
Dropbox and Spideroak are fine for a lot of things. Pogoplug is an interesting option where you have your own drives at your own various locations. My concern with these is that you don't control your own data. Pogoplug in particular feels vulnerable - you need their licenced software to access *your* data on *your* drives. Dropbox (or Ubuntu One for example) is not encrypted, so someone hacks their server, or gets your password and you're screwed. Recall you need to think about whether your communications with the servers are encrypted.
The other option is to host things yourself. Get a cheap box, put in a raid, use vpn (yuck!) or ssh in to access your data. Software-wise, use git and git-annex to remove the svn repository single point of failure. git-annex looks an awesome way to manage large data over various machines. I'm using it for movies, music, my paper archive and data sets without a complaint as yet.
An alternative that I've been told about is Tahoe-LAFS. Distributed; encrypted; error encoding (i.e. k-of-n encoding means you can lose (n-k) machines and still have all of your data); read/write, read only or verify only access; open source. Sounds an interesting option. Not sure how easy it is to use...
|
A girl goes into a bar and asks for an example of double entendre, so the barman gives her one. |
|
|
nadtim
|
|
| Total Posts: 8 |
| Joined: Jun 2012 |
| |
| |
|
dgn2
|
|
| Total Posts: 1907 |
| Joined: May 2004 |
| |
|
| I have used egnyte to do that sort of thing. It was relatively cheap to get 1TB and a you get a bunch of users, each with an account. It supports large file uploads in a dropbox type way, but also has FTP. Would cost you maybe $50 a month. |
...WARNING: I am an optimal f'er |
|
|
|
What bothers me is that all these tools allow to have many copies of the info in many machines, and often unsecured.
Do you know if there's a way to use them or something similar like a file server but without permissions to grab the data and take it with you? |
Vespertilio homo est cientificus |
|
|
|
DrGrumpy
|
|
| Total Posts: 93 |
| Joined: Nov 2008 |
| |
|
Both git-annex and Tahoe-LAFS have the ability to have untrusted remote storage. That is, your files are encrypted locally and stored remotely. In both cases the file contents and fileames are both obscured.
For git-annex it's an option, for Tahoe it is the design.
The author of git-annex has has a kickstarter funded to turn it into a more plug-and-play Dropbox replacement.
http://www.kickstarter.com/projects/joeyh/git-annex-assistant-like-dropbox-but-with-your-own
This secure remote file issue is a big concern for me. |
A girl goes into a bar and asks for an example of double entendre, so the barman gives her one. |
|
|
Nonius
|
| Founding MemberNonius Unbound |
| Total Posts: 11347 |
| Joined: Mar 2004 |
| |
|
| not exactly the same, but what do you think of gnupg |
An a=a etc moment....http://www.dinbali.com/?page_id=74 |
|
|
|
ast4
|
|
| Total Posts: 314 |
| Joined: Aug 2007 |
| |
|
How often is the data updated? Do you have any cost restraints?
If it's not updated very frequently (suppose in a case where you're just using market data to debug some code), SVN will get the job done.
If it's updated frequently, I'd suggest checking out an unmetered VPS. Typically you can custom spec them, as well as specify the connection speed (I've worked with a few that did 10 Gbit/sec symmetrical). |
"Mathematicians are machines for turning coffee into theorems!" |
|
|
DrGrumpy
|
|
| Total Posts: 93 |
| Joined: Nov 2008 |
| |
|
@Nonius - I like gnupg, I use it, but like all of these, get the right tool for the task. GPG is *really* good at what it's designed for - to use it for collaboration, you need to include some other other tools.
Without heading WOT, I'm going to just point out a comic that I wish I had when I was teaching a course in crypto:
http://imgs.xkcd.com/comics/security.png |
A girl goes into a bar and asks for an example of double entendre, so the barman gives her one. |
|
|
|
| |
|
Este
|
|
| Total Posts: 5 |
| Joined: Apr 2012 |
| |
|
| You might also want to look at Asana for task/basic project management. |
|
|
|
|
|
Sorry to bring this back again, but don't you guys feel uncomfortable with the fact that info gets disseminated in all the computers and devices of the users, and most of the time unencrypted? What if some computer gets lost, or stolen, or somebody leaves the company?
I think the nice idea is having a client server stuff a la Citrix (I won't use it because of complexity and cost), or some file server mechanisms without the ability to take info away from the main infrastructure.
Anybody uses or knows about such a solution? |
Vespertilio homo est cientificus |
|
|
Patrik
|
| Founding Member |
| Total Posts: 1179 |
| Joined: Mar 2004 |
| |
|
I generally don't worry much about information. I'm not in the systematic space though and I'm happy to tell almost anyone what my views and my positions are. It's a big market and I don't matter that much 
People leaving your company will always have all the important bits in their head anyways, so information security isn't going to affect your main risk of information leakage materially as I see it.
In principle it's very hard to create a setup where the client of information doesn't "have the information". As long as it can be displayed in unencrypted form somehow on the client, there tends to be some way of extracting it for unencrypted storage as well if one puts ones mind to it. |
Capital Structure Demolition LLC  |
|
|
|
Polter
|
|
| Total Posts: 90 |
| Joined: Jun 2008 |
| |
|
http://arstechnica.com/information-technology/2013/04/bittorrent-sync-creates-private-peer-to-peer-dropbox-no-cloud-required/
This bit looks interesting:
File transfers are encrypted, with private information never being stored on an external server or in the "cloud." |
|
|
|
jslade
|
|
| Total Posts: 751 |
| Joined: Feb 2007 |
| |
|
Bram's expertise has always been in distributed databases; this should work pretty good. The encryption bits should certainly help compared to dropbox, but I wouldn't share the family jewels on such a thing just yet.
He's an old tovarish from beer drinking days, so I'm somewhat biased. |
"Learning, n. The kind of ignorance distinguishing the studious." |
|
|
|
ultra
|
|
| Total Posts: 19 |
| Joined: Jan 2008 |
| |
|
| Have a look at TeamDrive, I'm using it to share docs and some data. Got encryption and versioning (more like Sharepoint than svn/git etc), built in. |
|
|
|
h0h0
|
|
| Total Posts: 18 |
| Joined: Apr 2010 |
| |
|
We use bitbucket for code, yammer for communication and docs and s3/dropbox for large files.
I have also heard good things about using Box.net for secure document storage, but not first-hand experience. |
|
|
|
|
