Tahoe-LAFS Weekly News, issue number 42, March 3 2013

Welcome to the Tahoe-LAFS Weekly News (TWN). Tahoe-LAFS is a secure, distributed storage system. View TWN on the web or subscribe to TWN. If you would like to view the "new and improved" TWN, complete with pictures; please take a look.

Announcement and News

Least Authority Enterprise Mentioned in Wired

Wired mentioned Least Authority Enterprises Least Authority Enterprises in its article on Crypton. Crypton is an effort by SpiderOak SpiderOak to "make it trivial for any developer to add encryption to an application — even if the developer doesn’t have extensive experience with such things" [0]. The article references Least Authority making it easy for users to encrypt the data users store on Amazon's S3. Congratulations to the Least Authority team for this mention.

Weekly Dev Chat Meeting Notes

Below are Zooko's meeting minutes from the Weekly Dev Chat.

In attendance: Zooko, Andrew, Iraklis, David-Sarah, Anna, Amber, Rohit, Oleksandr, Samuel

Topic: Message-Locked Encryption, convergent encryption

Discussion: Wide-ranging survey of possible future compression and encryption schemes; segment-level deduplication, segment permutation and dummy-segment-insertion (sort of like Oblivious RAM?), content-determined+variable-length segmentation (like bup and backshift), Amber's idea of a novel way to do that sort of segmentation besides using a rolling hash, pre-image-resistant rolling hashes, Ristenpart et al.'s "Randomized Convergent Encryption", probably more stuff.

Next week will be a "Nuts And Bolts" meeting. It will be at 16:00 UTC (8:00 Pacific) so that Brian can attend before going to work. The topic will be "Let's close a bunch of tickets for Tahoe-LAFS v1.10 now, while we're on this videoconference together".

From the tahoe-dev Mailing List

Secure OS for Running Tahoe

Simon Forman inquired about a secure operating system for running Tahoe-LAFS. Patrick McDonald recommended Simon construct a threat model for the information he wished to protect and then find an OS which meets or exceeds that threat model. Greg Troxel provided a solid case for NetBSD as the secure OS. P S offered Qubes OS as a possibility particularly for handling multiple threat models.

What Tahoe-LAFS Reveal to an Attacker

Inspired by the above thread, Patrick asked what information Tahoe-LAFS would reveal to someone with root. Kevin Reid provided an informative synopsis of the possibilities. In light of redundant array of independent clouds becoming more a reality, Patrick asked,

"How do we protect ourselves against attacks from service providers who have full root access on one or more of our storage nodes?" [1]

Ed Kapitein provided the idea of mounting home directories on a chosen cryptoloop and mount .tahoe directories over SSHFS from a machine which you do trust. Zooko provided an excellent summation of what we need to do.

Glowing Quotes

Tahoe-LAFS on Twitter

"This week's Tahoe-LAFS Weekly Dev Chat was a heady mix of encryption+compression+deduplication ideas. http://identi.ca/url/75340004" [2]

"I really hope the scientists who attended this week's Tahoe-LAFS Dev Chat to invent new crypto show up at next week's to review Python code." [3]

"Greg Troxel makes good arguments for NetBSD being a good secure platform for Tahoe-LAFS: http://identi.ca/url/75296362 (also aliens)" [4]

Patches Needing Review of the Week

There are five (5) ticket still needing review for 1.10.0:

There are six (6) tickets still needing review of 1.11.0:

The Tahoe-LAFS Weekly News is published once a week by The Tahoe-LAFS Software Foundation, President and Treasurer: Peter Secor peter . Scribes: Patrick "marlowe" McDonald marlowe , Zooko Wilcox-O'Hearn zooko , Editor Emeritus: Zooko. View TWN on the web or subscribe to TWN . Send your news stories to marlowe@antagonism.org — submission deadline: Friday night.