[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Data Havens



-----BEGIN PGP SIGNED MESSAGE-----

I know this may be getting off track on this list, but it may be worthwhile.

I was exploring the concept of a "data haven" which, to my knowledge, a place
whose location is unknown to its users, but via anonymous remailers, files
can be stored and retrived from it.

I am going to look into writing a script or program that will allow people
to store items using a passphrase or their PGP key, and retrive and delete
the files on demand.

Here are my problems though:

1:  I am clueless about Perl, and not that great with C.
2:  One must have to "hide" behind a VERY TRUSTABLE remailer, one that
    does not go down all the time, and one that accepts PGP encoded
    mail.
3:  Would hiding behind one remailer or two be secure enough?  There
    is a problem, unlike simple remailer chaining that people need to
    be able to E-mail the script.
4:  A need for verifing that the mail got to the DH successfully since
    data errors do occur, and sometimes networks truncate mail packets.
    (Compuserve is notorius about this, so is Fidonet).
5:  A way of making verifing that the user is who (s)he claims to be.
    (PGP, IDEA, or a passphrase)
6:  Multiple security levels, so files cannot be retrived even if
    one's PGP key is compromised (user settable)
7:  How will files be stored?  Will folders and directories actually
    be made, or will they be all stored in one place with wierd names
    (to prevent name collisions) and one file be the index?  Will there
    be user names or UID's?
8:  There will need to be a way to tell if the DH is up or not.
9:  How will PGP keys be stored and indexed?  One would not want
    their files mailed in the clear.  (How would I mail files
    if the user cannot use PGP?  have a user settable password,
    and use crypt?)
10: How would people be able to trust a DH?  Data Havens, by definition
    must be _very_ reliable, yet in a secure location to prevent
    unauthorized access of the files.  What bothers me is DH's starting
    up and either croaking unexpectably or being places for Bad Guys (TM)
    to be able to snarf unsuspecting people's files.  Perhaps a reputation
    based system?
11: How would a DH turn away files because the disk is full?
12: Would integrating DigiDollars with a DH be a good idea?  (For
    secure storage of your files, we charge $1 DD per month per meg,
    and .01 DD per transaction.)  What would the DH do with the files
    if they are not paid, or double-spending occurs?

I will be working on a command set that one can use for sending and
retriving files to and from the DH, as well as an authication system that
can support PGP, DES (SunOS style), or crypt (yes, laughable security,
but some people cannot use PGP at work).

I think I will use perl for eventually writing this, but I know nothing
about perl, so will have to print out a manual or two and do some
work on my linux box...

As per my previous posts, I am very clueless, but If I can get a decent
data haven script working, it will be worth all the flames :-).
Once the script is written, all one has to do is install the script,
and ping a Penet type remailer, then post the anon remailer address, and
Voila' a DH now exists.

I apologize for the length of this post, but there are a lot of questions
and problems in making a stable, usable data haven.
- ---
Finger [email protected] for PGP key, and please use it when
mailing me.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBLntxFXDkimqwdwa5AQEE0gP+P+8sjma3rDkrxhZOBRam7/0v6lsUG0e9
fvtUsLHKAYaB8f6cCUUxwtpwhrI/9TPeh7QoQnEcHlhDO1kV46X9kA1n04hhJpXb
Rx+BWSNaLHB3tynaXkN0lTIR/r6CGs+zKvc8BOJpLHSL7ajowmXs1C9Z8Lf4IW+G
8IwG9TR/iec=
=9Vg8
-----END PGP SIGNATURE-----