Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Web-Based Private File Storage?

kdawson posted about 4 years ago | from the dead-servers-tell-no-tales dept.

Data Storage 467

steve802 writes "Recently, someone died in our company, and word is getting around that the admins who were given access to his Outlook account have found personal things that are embarrassing at best (the rumor mill differs on what was found). No matter, it raises a question. I have personal stuff in Outlook folders that I would not want someone in IT to see if I suddenly dropped dead: emails to the wife, photos of the kids, that kind of thing. I also keep a journal at home that I save to a server; personal reflections that I never want anyone else to see, especially if I die. So I was thinking that some sort of web-based storage for files, individual emails, and perhaps even Outlook folders would be perfect. All my most private personal stuff in one place. I found CryptoHeaven, which seems to offer some of what I'm looking for — but it is pricey. I'm willing to pay, but something less than $400/year would be nice. Best would be a service with a dead-man's switch, so that if I don't access it in, say, three months, it auto-purges. Any thoughts?"

cancel ×

467 comments

Sorry! There are no comments related to the filter you selected.

Freenet (2, Interesting)

Wonko the Sane (25252) | about 4 years ago | (#33165482)

Slow, but very secure.

Re:Freenet (4, Interesting)

Mordok-DestroyerOfWo (1000167) | about 4 years ago | (#33165718)

Any web service, just create a TrueCrypt [truecrypt.org] container. As long as you sync the container between your computers regularly it shouldn't be an issue. I've been doing it this way for about 3 years now (I keep all of my important data there for when I'm on the road). Works perfectly fine with Windows and Linux.

Re:Freenet (-1, Troll)

commodore64_love (1445365) | about 4 years ago | (#33165800)

>>>Mac OS X

False advertising. Ooops. It doesn't work with all of Mac OS 10.x - only the more recent versions.

Re:Freenet (0)

Anonymous Coward | about 4 years ago | (#33165980)

>>>Linux

False advertising. Ooops. It doesn't work with all versions of the Linux kernel - only the more recent versions and only on x86.

Re:Freenet (-1, Flamebait)

Peach Rings (1782482) | about 4 years ago | (#33165868)

Apparently the questioner isn't too bright. What more obvious "dead man's switch" is there than knowing your password?

Re:Freenet (0)

Anonymous Coward | about 4 years ago | (#33166038)

>
> Apparently the questioner isn't too bright. What more obvious "dead man's switch" is there than knowing your password?
>

Apparently, Peach Rings isn't too bright. The OP names access by *administrators*, who can easily reset your Outlook/Windows password to a known value, or simply bypass access restrictions completely, like using the 'root' user on Unix.

Re:Freenet (2, Informative)

0100010001010011 (652467) | about 4 years ago | (#33165882)

I have Chrome, Thunderbird, my MP3 player and DropBox on TrueCrypt partitions.

Computer is PowerCycled and it's "gone". Since speed isn't a huge factor I went paranoid and went with AES-Twofish-Serpent. Good luck recovering my stuff.

I use DreamHost [dreamhost.com] for my mail/webserver. They're not 5-9s but they're cheap and still seem like they are a "small company". Plus they wrote Ceph [newdream.net] , (distributed/scalable file system, which merged into 2.6.34.)

I'm sure you could write cron script or something to run on the shell to do what you're talking.

GOOGLE MAIL (2, Informative)

stanlyb (1839382) | about 4 years ago | (#33165512)

Create a google email account.... Nooo, i am just joking.

Re:GOOGLE MAIL (1)

dc29A (636871) | about 4 years ago | (#33165786)

I got a bunch of encrypted archives uploaded to my Google Docs account that I can access anywhere I need it.

Haven't looked around but with the new Google command line tool (or other command line tools), pretty sure uploading/downloading could be automated. Then fire up WinRar using the same script and encrypt/decrypt archive. This way Google can't snoop on your files.

Re:GOOGLE MAIL (4, Insightful)

icebraining (1313345) | about 4 years ago | (#33166026)

WinRAR? Turn over your geek card.

At least, use gpg to encrypt it and Dropbox to automate uploading/downloading. Bonus points for an automated encryption system (encfs mount point, for example).

Re:GOOGLE MAIL (0)

Anonymous Coward | about 4 years ago | (#33165820)

google docs would be safe secure free way to do it. If you're really paranoid, use incognito mode exclusively over https. The likelyhood of that information getting out is nil. No one cares about your diary, except you.

Separate them (5, Insightful)

Anonymous Coward | about 4 years ago | (#33165522)

Dont use personal info on work systems. Often time anything in there is usually subject to scrutiny.

Re:Separate them (5, Informative)

shentino (1139071) | about 4 years ago | (#33165648)

Indeed.

Best solution to keeping your boss out of your personal stuff? Don't do personal stuff on company time.

Re:Separate them (3, Funny)

Profane MuthaFucka (574406) | about 4 years ago | (#33165706)

The restrooms are your own time. Do your wanking in there.

Re:Separate them (0)

Anonymous Coward | about 4 years ago | (#33165854)

Indeed. If you cannot go a few hours without being in constant contact with everyone you know, you have other problems. I enjoy getting away from the family for some nice, simple work. Sheesh.

Re:Separate them (3, Insightful)

Anonymous Coward | about 4 years ago | (#33165918)

Absolutely. Never, never, never, never use your employer's computers for personal stuff. At all. Period. That computer is your employer's, and anything you put on it is also his. Whether that is strictly, legally true is immaterial. In practical terms, it is.

You keep personal reflections in a journal that you never want anyone else to read, ever? Then, don't write it down. Duh. Anything you really don't want your survivors to ever under any circumstances see--physically destroy it. Don't have physical access? Oh, well.

Assume that anything you write down, especially if you store it on someone else's computer, will be read by someone, probably the owner of the computer. If it's on your own computer, it becomes your wife or childs computer when you die. Anything you left there is theirs.

Don't want to take this advice? Don't come crying to me if, after you die, somebody sees something you didn't want them to.

TrueCrypt? (3, Informative)

e065c8515d206cb0e190 (1785896) | about 4 years ago | (#33165528)

Why does it have to be web based? If the only requirement is absolute privacy, TrueCrypt will suffice.

Re:TrueCrypt? (1)

Lunix Nutcase (1092239) | about 4 years ago | (#33165594)

Because he was talking about computers at work? I doubt most companies are going to let you encrypt the hard drives on your work computer to block them from seeing what's on it.

Re:TrueCrypt? (0)

Anonymous Coward | about 4 years ago | (#33165714)

They don't actually have to know. Run the portable version of TrueCrypt, and just make a small encrypted file into which you can place all of your private stuff. It's what I do at my work computer. TrueCrypt does have necessarily encrypt the entire hard drive. You can use it to make a "dummy" hard drive image, which basically acts as an encrypted folder.

Yes, they might find out you have some encrypted stuff on their hard drives, but at least they won't be able to get into it.

Re:TrueCrypt? (1)

Lunix Nutcase (1092239) | about 4 years ago | (#33165780)

Yes, they might find out you have some encrypted stuff on their hard drives, but at least they won't be able to get into it.

Yeah, and then they'll just say "Show me what's in it or your fired for misappropriation of company resources".

Re:TrueCrypt? (1, Insightful)

Anonymous Coward | about 4 years ago | (#33165856)

Then you lose your job. The OP is not asking how to protect his job. He's asking how to protect his private data while accessing it on a company PC. That includes some risk.

Re:TrueCrypt? (1)

randizzle3000 (1276900) | about 4 years ago | (#33166006)

But you could make a hidden volume inside the encrypted volume (http://www.truecrypt.org/hiddenvolume)

Re:TrueCrypt? (1)

Lunix Nutcase (1092239) | about 4 years ago | (#33166028)

You would still have to explain why you have TrueCrypt on your system. Unless you purge all traces of having downloaded it and installed it on the PC it's not like they won't be able to find that you've been encrypting things on the computer.

Re:TrueCrypt? (1)

NFN_NLN (633283) | about 4 years ago | (#33165752)

Because he was talking about computers at work? I doubt most companies are going to let you encrypt the hard drives on your work computer to block them from seeing what's on it.

You don't need to encrypt an entire drive. You can encrypt a binary blob (file) and then pass it around to HDD, USB, email, web etc.

In fact, why would you trust an online service for privacy. Just use any old online service to store your encrypted blob.

Case closed:

Beginner's Tutorial
How to Create and Use a TrueCrypt Container

http://www.truecrypt.org/docs/?s=tutorial [truecrypt.org]

Re:TrueCrypt? (1)

countSudoku() (1047544) | about 4 years ago | (#33165796)

Yes, but it's still THEIR computer. Just use ssl/gmail for your personal crap, and PGP/encrypt your stupid personal thought from people who are most interested in them. Which is the crux of the biscuit; people who really care will circumvent your encryption anyway. and get at that juicy data you have there. Just write it in a journal, then burn it. What is so special about our private thoughts that make us write them down in case we forget them later? Just think more! I'm going to lunch now. Don't need to jot that in my journal. This is my frickin' journal. Slashcomm!

Translation (2, Insightful)

grahamsz (150076) | about 4 years ago | (#33165538)

I think you mean "emails to the wife, photos of the wife, that kind of thing"

Re:Translation (2, Funny)

bsDaemon (87307) | about 4 years ago | (#33165566)

Unless someone who hated him uploaded some photos of someone else's kids in an attempt to frame him...

Re:Translation (1)

essinger (781940) | about 4 years ago | (#33165636)

I think her really meant, "emails to a hooker, naked photos some random teenager, that kind of thing"

Web-Based Private Is An Oxymoron (4, Informative)

Maarx (1794262) | about 4 years ago | (#33165550)

Web-Based Private is an oxymoron. Why does this have to be web-based?

It would be pretty trivial to set up a Linux distro with two hard drives, one with the simple operating system and the other an encrypted drive with a passphrase, and set up the OS to nuke the second drive if the current time is ever greater than three months from the last time the passphrase was successfully supplied.

Re:Web-Based Private Is An Oxymoron (0)

Anonymous Coward | about 4 years ago | (#33165976)

Completely agree. Want it private? Keep it off the interblogotubenetspherez.

Keep a small memo pad with you (you know, with a pen and paper), and a scrapbook/journal for organizing your personal memoirs. Print out and delete emails you want to keep private. Privacy is the opposite of accessibility in the computer world. A little tinfoil can go a long way.

His wife is great in the sack (-1, Troll)

Anonymous Coward | about 4 years ago | (#33165560)

I was fucking his wife last night and apparently he was hung like a toddler.

Re:His wife is great in the sack (1)

couchslug (175151) | about 4 years ago | (#33165724)

"I was fucking his wife last night and apparently he was hung like a toddler."

She said you were a "form and fit replacement".

Work account? (5, Insightful)

The MAZZTer (911996) | about 4 years ago | (#33165564)

Solution: Don't do personal stuff on your work account...

Re:Work account? (1)

deathplaybanjo (1735092) | about 4 years ago | (#33165676)

Solution: Don't do personal stuff on your work account...

better solution: host your own email server at home.

yeah your electricity bill is going to increase and you'll need decent reliable internet.

Personally, i use Gmail and expect no privacy.

Re:Work account? (1)

bsdaemonaut (1482047) | about 4 years ago | (#33165842)

It can be pretty easily done and at very little cost. An email server doesn't require much in the way of hardware, and it's incredibly easy these days to build (or buy) yourself a computer that uses less wattage than a lightbulb. If you get yourself an mx backup server (which can be had for about $10/yr) most standard home broadband connections would be plenty stable.

Re:Work account? (3, Insightful)

TooMuchToDo (882796) | about 4 years ago | (#33165956)

Pay for a virtual private server somewhere. Tie it to a credit card or some payment method that you need to keep paying. You die? Payments don't get made, hosting provider nukes the virtual machine after X days for non-payment.

Re:Work account? (2, Insightful)

Kronos. (40016) | about 4 years ago | (#33165708)

Indeed, a technical solution is not needed for this problem as far as I see it. A little common sense and separation of work and personal life would go a long way.

Re:Work account? (4, Interesting)

grasshoppa (657393) | about 4 years ago | (#33165722)

No shit. OP: Bad news, if it's on company equipment, IT has already looked at it. Your fetish for donkeys is now well known.

As far as the personal stuff at home; who cares? Family means never having to explain the albino midget you keep in the closet.

Well duh (1)

Anitech (1208966) | about 4 years ago | (#33165586)

Here's an idea... Don't keep personal data on company assets. As an admin I can't stand having people store there wedding videos, "personal" music collections, and what have you on the company's network file storage.

Why using company mail for private issues? (0)

Anonymous Coward | about 4 years ago | (#33165596)

Why are you using your company mail to send/receive personal mail? There would be nothing to find if you separated your personal information from the company.

Whats the surprise? (5, Insightful)

mschoolbus (627182) | about 4 years ago | (#33165604)

They can already read your emails..

Umm... (1)

tom229 (1640685) | about 4 years ago | (#33165608)

Personal gmail account?

Encryption (1)

Vegemeister (1259976) | about 4 years ago | (#33165610)

Encrypt it. Don't write down the passphrase. If you're especially concerned, make a script to unmount the encrypted volumes after some amount of time with no user input. Say, three hours. This is also convenient if you are arrested.

I recommend truecrypt, though I don't have experience with anything else. Also, I find it quite odd that your train of thought is:

I don't want anybody to see this. --> Put it on the internet!

Re:Encryption (1)

bsDaemon (87307) | about 4 years ago | (#33165712)

The problem with Truecrypt is that the volume is portable and they can run a dictionary attack against the passphrase at their leisure. I roll with an IronKey, with hardware-driven AES encryption. After 10 unsuccessful attempts at entering the passphrase in a row, it destroys the key, never to be recovered again.

Also on the subject of drive encryption, I have a server here at work I built with an encrypted RAID5 array using the GELI drivers in FreeBSD. The server has to be booted with a USB drive containing the encryption key if you want the drives to come back up when you reboot the server (alternatively, you can manually mount them -- point is, you need the USB key). It's a pretty nice arrangement, too.

Re:Encryption (1)

MBGMorden (803437) | about 4 years ago | (#33165844)

The problem with Truecrypt is that the volume is portable and they can run a dictionary attack against the passphrase at their leisure.

Not that I have any sympathy for the asker in this case (just keep private stuff at home and you're good), but with any decent passphrase "at their leisure" could very well be measured in millenia for brute forcing a good password. If you're over 8-9 characters, with alphas and numbers, and not based on a dictionary word, then I can guarantee you that a) barring you having national security level info tucked away they're not going to care enough to even try to break the encryption, and b) even if they DID care enough, they wouldn't be able to brute force it in any sane timeframe.

Re:Encryption (2, Insightful)

bsDaemon (87307) | about 4 years ago | (#33165978)

I understand that it be a wicked long time before they crack the passphrase, and that a good passphrase is key. Mine is pretty amazingly awesome (long, case switching, numbers for letters, all that good stuff) but I still feel better knowing that there is a hard limit on the short side that prevents a successful attack.

Re:Encryption (0)

Anonymous Coward | about 4 years ago | (#33165934)

If is worried about what you just suggested on basically meaningless (to other people) data, then he needs to take off his tinfoil hat.

Actually... (1)

gvoima (1868430) | about 4 years ago | (#33165614)

...it raises a question, why would anyone keep their personal stuff that really is embarrassing or important on company email account? Or on that matter, ON a company laptop.

Don't send personal emails at work? (1, Insightful)

Anonymous Coward | about 4 years ago | (#33165616)

How about not sending personal emails using your work email account?

Problem solved.

Some thoughts (1)

grahamsz (150076) | about 4 years ago | (#33165624)

On a more serious note.

1) Kill switch is unnecessary. If it's a paid service then it'll purge when you stop paying the bill

2) I've been playing with tarsnap lately and i'm pretty impressed. You use it just like tar but it uses a private key to store the results on their server. They can't see what you store and it intelligently tracks diffs so if a file appears in multiple archives you don't need to transfer or pay for it after the first time.

3) Something like mozy or jungledrive would surely be easier to use and should be able to offer a similar level of protection. Obviously you'll have to be a little cautious about who has access to your private key, but it should protect you from casual snoopers

4) Stop storing personal stuff at work

Re:Some thoughts (1)

MBGMorden (803437) | about 4 years ago | (#33165908)

1) Kill switch is unnecessary. If it's a paid service then it'll purge when you stop paying the bill

Two problems there. 1) It's highly unlikely that it'll immediately purge. It'll probably just disable access and keep the files around for a good while.

2) Depending on his account setup (PARTICULARLY if he's autodrafting from an account that is shared with his wife), then the auto-bill could go on for a significant amount of time beyond his death. If on a debit card, then several years until it expires. If it's straight out of a checking account (I have some loan payments setup this way), then it could go for many, many years so long as the account has funds.

Why? (4, Insightful)

quarkoid (26884) | about 4 years ago | (#33165642)

I've got to ask the question, but... why?

I mean, if you don't want anybody to find this stuff when you're dead, why bother collecting it when you're alive?

And for the 'pictures' of the wife, what's wrong with a Truecrypt store?

Re:Why? (1)

war4peace (1628283) | about 4 years ago | (#33166050)

Mod parent VERY insightful.
If I die, i don't give a shit how people are going to perceive me if they find my not-that-secret porn collection or whatever they would loathe. Because I'm dead!
What makes the poster ask such a question?
Is it fear that his family will think differently of you post-mortem? Well, my friend, if you have such deep and ugly secrets towards your family, then sorry to say, doesn't sound like a family to me.
Is it fear that society would make you a pariah post-mortem? Whet do you care? Death is forever, the last thing you'll do in your life :)
I dunno, it seems to me that people think too much about how they are be perceived by others. So much that they cease to be themselves and become... masks? Puppets?
The only thing that would make you try and hide some data is if that data is proof of something extremely illegal. So ugly that it'd cast a big and dark shadow over the ones you love. But that, my friend, is a good sign that you should either stop it or better yet, come clean with it and confess.
In the end, we're stuck with a morality problem here.
If you are an 250 pounds man who loves wearing pink stockings, then no need to make sure this stays hidden after you die.
If you raped and killed 12 cheerleaders over the last 10 years, then it'd be best to confess that to the first police officer you encounter.
Either way... they're not going to take you out of the grave and laugh at you / arrest you for anything they might uncover.

Easy (1)

aaaaaaargh! (1150173) | about 4 years ago | (#33165650)

Encryption + online storage. You can use openssl, truecrypt or whatever you like for encryption and, say, Jungledisk for online storage. Problem solved. Unless you think your colleagues will mount a 1 trillion entry dictionary attack against the file that they illegally recovered from your personal online storage after your death. In case of which you should perhaps look for new colleagues.

Re:Easy (0)

Anonymous Coward | about 4 years ago | (#33166014)

Yeah, just keep a couple years worth of prepaid hosting and let the provider delete it if you don't pay up postmortem. The cold hand of capitalism can flip your dead man's switch.

You'll be dead (1, Insightful)

Anonymous Coward | about 4 years ago | (#33165656)

Are you really going to care that much?

please explain (0)

Anonymous Coward | about 4 years ago | (#33165660)

I don't understand how the old e-mails can embarrass YOU after YOU are dead. Please explain.

Re:please explain (1)

longhairedgnome (610579) | about 4 years ago | (#33166058)

Think of the children !

Use a home server (1)

Nadaka (224565) | about 4 years ago | (#33165662)

Run a server out of your house. Use linux with truecrypt and SELinux enabled. Access it through ssh if you need to from a remote site.

Why make it complicated ? (1)

germansausage (682057) | about 4 years ago | (#33165670)

Do what I do. Store the unhallowed debris of your grimy little soul in a true crypt file. When you shuffle off to meet your maker the passphrase goes with you. Need web access, put it on dropbox.

Completely Disagree (4, Insightful)

TehZorroness (1104427) | about 4 years ago | (#33165672)

When you die, your writings and works are the only thing left of you. They are the only way for someone to try to dig deeper into your mind and build up an understanding of your true character. A lot of crazy shit happens in a lifetime, someone may really appreciate you leaving a book of your reflections behind.

Re:Completely Disagree (1)

theJML (911853) | about 4 years ago | (#33165992)

You may not want everything in that book though. Don't want to slander yourself with something that may have only been a passing thought or thought exercise and is afterwards taken completely out of context.

While I agree with you, it might be best to have an easily found diary/journal/captain's log/whatever for your relatives to find upon your passing, perhaps even including said location in your will.

Re:Completely Disagree (1)

MikeFM (12491) | about 4 years ago | (#33166080)

I don't see what people could be doing that is so embarrassing anyway. Unless you are taking photos of yourself dressing as a wolf and having sex with real sheep it's probably nothing that most the people around you aren't doing too. I really don't see the whole paranoid need for privacy. Who cares if everybody else knows that you're just like everybody else? It's probably healthy to stop worrying that you'll be found out.

That said, why not just use an encrypted disk image? Mac OS and Linux have built-in encrypted disks and Windows can get something like TrueCrypt. I often keep my work encrypted while still in-progress to keep people from trying to help (we have some none programmers that wish they were programmers in management).

Why web-based? (1)

hcdejong (561314) | about 4 years ago | (#33165678)

If you want to access the info anywhere, but keep the files private, you could store them on a USB drive instead. That eliminates most security holes, and you could easily encrypt the files for even better security.
This also gives you the option to launch applications from the drive (I use FirefoxPortable, for instance), ie. applications that you control instead of the company. That still leaves the possibility of the company snooping on any connections you make, unless you encrypt those.

Keeping personal stuff on a work computer is just bad informational hygiene.

Just a though... (0)

Anonymous Coward | about 4 years ago | (#33165682)

Maybe you shouldn't use your work email for personal stuff?

Use encrypted archives? (1)

capo_dei_capi (1794030) | about 4 years ago | (#33165692)

Make a tar, zip, w/e archive of the stuff you want to backup, encrypt it and upload it to the cloud, eg. dropbox. Make sure sure that it's bigger than the free 2GB, so when you die and stop paying the storage fee, they'll delete your account. Was that so hard, or did I overlook something?

this is silly (1)

Lord Ender (156273) | about 4 years ago | (#33165694)

First of all, keep your business and personal data separate, or at the very least keep your embarrassing personal data separate.

Secondly, don't upload shit you want to keep private to any web service. They may not be honest, but even if they are they could still be hacked. Use truecrypt on a USB drive you keep with your car keys. For backups, upload the encrypted file container from your USB disk to any random online file storage periodically.

Thirdly, don't worry about being embarrassed after you die. You'll be dead; you won't care.

Lesson Learned (0)

Anonymous Coward | about 4 years ago | (#33165720)

I don't use my work PC for anything personal besides browsing /., shopping for tech books on amazon, and anything else I deem SFW.

On my PC at my last job, I had an excel budget that I updated during lunch for maybe a week before I gave up using it. Needless to say, I forgot about it months later when I left, and who knows who saw it. Not the worst thing that could happen, but lesson learned nonetheless.

Also, I don't use my work email for personal stuff; that alone is reason for termination if the company needs one (using company resources for personal use).

Bittorrent (0)

Anonymous Coward | about 4 years ago | (#33165744)

Encrypt it - rename it gang_bang_naked_chicks.avi and post on your favorite bittorrent site. Unlimited storage free forever.

web based storage? (1)

vux984 (928602) | about 4 years ago | (#33165756)

So, I'm looking for something to be absolutely private and secure...
"So I was thinking that some sort of web-based storage for files..."

Yeah. That was my first thought too. "Lets put them on the internet."

How about,
1) don't access absolutely private stuff at work.
2) store it on an encrypted drive
3) consider putting instructions in your will that it be destroyed

Other than that, as for a dead-mans switch type thing. Seriously? You'd seriously prefer continually risking losing the documents forever over the slight possibility that someone might hack the encryption and see them after you are dead?

Why not just delete them now and spare yourself the hassle?

Um (1)

MBGMorden (803437) | about 4 years ago | (#33165762)

This is about the easiest problem in the world to solve. If you don't want corporate IT in your personal business, then don't do your personal business on those systems. You have no expectation of privacy on work computers. Anything you don't want them to see, do it AT HOME on your own system.

Internet == network of networks. (1)

carton (105671) | about 4 years ago | (#33165778)

A home router capable of running OpenWRT VPN packages, such as a Fonera or a Sheevaplug, and then store files on your home server. The Fonera has pretty control panels produced by funded developers, so the software is pretty good, but its radio has a blob driver, and its memory and CPU capability makes it seem like a ripoff compared to the Sheevaplug which has more than 4x of both.

There are many different kinds of VPN: OpenVPN is probably best at busting through firewalls, while L2TP/IPsec has clients pre-integrated into proprietary operating systems.

You will also need to set up dynamic DNS on this router, and worry about the un-neutral port blocking or no-servers AUP your ISP might do.

I use a plain IPsec VPN based on proprietary Cisco software, which is something you can also do with eBay, but this is definitely not the wise approach for someone with no budget or experience, and a dynamic IP address.

Once the VPN is done you can get to your files almost the same way you do at home, only slower, and ``browsing'' won't work. but ``map network drive'' and Command-K will work just as they do at home, if you use an IP address. There is no monthly fee, and you keep all the files in your possession where a dishonest or over-cooperative ``cloud'' company can't eagerly turn them over in response to secret police state letters, curious advertisers, or civil lawsuits.

The internet should be connecting everyone together. It's not a service delivery platform for cloud providers, although you may think that if you read too many of the ads these companies post, and internalize too many of the un-neutral restrictions last-mile carriers place on your access.

Just live a clean and pure life... (1)

sgage (109086) | about 4 years ago | (#33165782)

... and you'll have nothing to worry about :-)

I keed, I keed!

First off, anyone who keeps incriminating material on a work computer is ot-nay oo-tay ight-bray.

I do keep a series of rather personal and private journals on my home computer, password-protected. There is some stuff that I've written there that's not meant for anyone else to see, ever.

Other than that, I don't think anyone would be too interested in the vast collection of stuff on my computer - some of which has followed me from computer to computer since CP/M days...

Actually, some of it might be of historical interest

Encrypted mail (0)

Anonymous Coward | about 4 years ago | (#33165788)

Just get yourself a nice gmail account, and install Thunderbird with the enigma extension. Send encrypted mails to it. Keep your decryption key private. Won't be accessible without the key anyway.
Also, web based private stuff usually is an oxymoron but the security of web based storage is worth the exposure.

Stop using work e-mail for anything unrelated to work. At the very least, use outlook but store config info for your private e-mail address on it also.

Home Net (1)

Frightened_Turtle (592418) | about 4 years ago | (#33165792)

I never left personal files or data on the computers at work. I would shunt anything personal to a server I had running at home. For any personal journal writing or private data, I would SSH into the server and create it there. I went to great pains to ensure that I left nothing personal or private on the company's property.

I'm not comfortable storing sensitive personal information off site with some online service. My preference is to store important data in a small RAID I set up in a fireproof area in my basement. Come tornado or conflagration, my data will still be accessible after doing a little digging with a backhoe. If the server was still alive, I could retrieve it wirelessly!

If I really wanted off site storage, I would rather put it in a relative's house. They get use of a really good computer, and I have an off site server where I can mirror important files.

Use Gmail (1)

dollarwizard (1806856) | about 4 years ago | (#33165794)

For any file up to 20 mb, you can create email drafts in Gmail and attach the files you want to save. Have the subject of the email be the name of the file you're saving to it. Then save it as a draft (don't send it to anybody).

It's worse after you die? (1)

Last_Available_Usern (756093) | about 4 years ago | (#33165806)

They can already read your data and email now. Why is it more embarrassing for them to read the stuff after you die than before?

Next on Ask Slashdot: What beverage to drink? (0)

Anonymous Coward | about 4 years ago | (#33165810)

In deciding what beverage to drink on this warm summer day, I must ask the Slashdot community this fairly obvious "no-duh" question in order to get maximum return of "nothing but obvious choices" each unique to the poster while completely wasting everyone's time.

The answer is simple (1)

BigBadBus (653823) | about 4 years ago | (#33165826)

Don't use your work email for private and personal stuff. D'oh!

Discretion? (5, Insightful)

Xacid (560407) | about 4 years ago | (#33165874)

I'm kind of surprised I haven't seen any comments on the bigger issue - the IT folks entrusted with this data who let data leak (or at least rumors of the content). As a system admin - if you're at that level you're already not trustworthy enough to keep that postion and would probably be reassigned depending on the severity. Understandably if it's something illegal then it needs to be report it but even still - discretion is still required. It's no one else's damned business.

Compare this to your HR person - would you like them to spill your SSN randomly here and there? Just because the guy is dead doesn't mean his data requires less care.

Anywho - as far as technical solutions 1) don't put personal stuff on a work computer, 2) even some web space and an ftp account should be nearly sufficient if you just need a place to store files remotely that isn't easily accessible.

LARTing is in order. (1)

couchslug (175151) | about 4 years ago | (#33165886)

Take the personal shit off, now, because you don''t need it there. Backup and store elsewhere.

Don't put anything but business correspondence on business systems, and don't put anything unencrypted on email you don't want to see on 4chan.

I don't use my workplace email. I use a webmail address so my correspondence follows me if I leave. Not an option for everyone, but nice so you can't get locked out by accident or intent. All my browsing at work is done using Firefox Portable, copied to USB key, and archived at home.

Beating dead horse... (1)

drumcat (1659893) | about 4 years ago | (#33165892)

"I have personal stuff in Outlook folders that I would not want someone in IT to see..." Stored AT your IT department. As 100 people here have said, solve that problem first.

Re:Beating dead horse... (1)

drumcat (1659893) | about 4 years ago | (#33166024)

When you're done with that, whichever program or setup you choose, get a good password. Do something you remember well, like your name. Then use the key to the upper-right of that key... so if your name was Jacque Strappe, you drop the space, and it's iwf284e65w--4 or something like that. Cool? Now go hide your blackmail stuff on a key. Use AES. If you have a mac, use knox.

Why do you care? (1)

h3llfish (663057) | about 4 years ago | (#33165912)

You'll be dead, after all. We are all food for worms. Get over it.

SwissDisk (1)

benmcollins13 (1835308) | about 4 years ago | (#33165924)

Check out http://www.swissdisk.com/ [swissdisk.com] (Guilty, I started the company many years ago, but I don't own it anymore, just maintain the servers).

Re:SwissDisk (1)

drumcat (1659893) | about 4 years ago | (#33166056)

"Secure File Sharing - Using our "Temporary URLs" feature, you can ahare any file on your SwissDisk without giving access to your whole filesystem. You can designate how many days the Temporary URL can be used. You can even track how many times files have been downloaded." If they tell you to ahare stuff, I'm not sure I'd trust them. Miss one keystroke and your data is vapor. You better be better than that.

Anonymous Coward (0)

Anonymous Coward | about 4 years ago | (#33165948)

This really isnt anything new or a new idea, IIRC M$ were planning on creating a totally DB based filing system, just like the one exchange uses. But they created sharepoint...
File duplicate (at a data level) was removed due to the referencing nature..

Private Work Email? (1)

leeosenton (764295) | about 4 years ago | (#33165952)

Why would anyone think a corporate Outlook account wasn't being monitored by admins?

personal email (1)

fermion (181285) | about 4 years ago | (#33165958)

I only do work stuff on work email. I have personal emails accounts to do personal stuff, all web based. Many people use gmail for this. It is not private, and after one dies it might not go away, but unless one is important no one will really have a reason to look at it. Certainly your local sys admins will not have access to it, unless they are just nosy and can get your passwords, but that is an issue with any solution, which is why the paranoid don't even use company machines for personal business.

Apple has me.com which provides email and storage for $100 a year. Many people balk at the price and use the free servers of their work email, but the repercussions of that is the reason for the question. It is plug and play and friendly to the non-techie, with password protected space for all the things you describe. For about the same price, or a little less, you can get a shared server account, bluehost, terrabyte, dreamhost are the companies I have dealt with, set up a personal domain, and host your email, save files, do pretty much whatever. They will generally give you much more storage space and allow ssh access.

I cannot imagine what someone is selling you $400 a year. Probably setting up and hosting an exchange server. A quick google search for MS Exchange hosting still seems to be les than $100 a year for small accounts.

I am not sure if there is an in between for the free gmail and google docs account and the $100 a year shared server account, or if all this useless because Exchange is the only solution. In any case, $400 seems way too much.

Web-Based Storage (1)

ZippySquirrel (1713078) | about 4 years ago | (#33165964)

The lesson here is: Your work email isn't yours. We are constantly re-educating users here at work that the email isn't their personal property. It belongs to the company, and you should be aware of the fact that at any time, without you being aware of it, members of the IT could be reading your email. Generally speaking, we don't unless there is cause (instructed to by Management / HR as part of an investigation, your request, etc) but the possibity exists. I always advise people that if you don't want it shouted across the room for all to hear, don't put it in an email. Corporate email is NOT private, at least not within the company. As for storage, if it's web-based, you in theory have the same problem. An admin for the storage company would be able to access your data etc, in case of file ownership issues, or a court order, etc. The only truly secure way to store your files (and it would be an absolute pain) would be to copy them to an encrypted harddrive, and then physically store that drive in a safe / security deposit box. And that doesn't take into account the possibility of theft / equipment damage.

Why (1)

koan (80826) | about 4 years ago | (#33165988)

Why do you have things on your computer that you don't want people to see, and they aren't encrypted or otherwise protected?

Sorry just can't get past that question.

Wikileaks (0)

Anonymous Coward | about 4 years ago | (#33166012)

The greatest WTF!? when the NSA decrypts their insurance file and finds your personal stuff there

Windows Home Server (2, Funny)

Call Me Black Cloud (616282) | about 4 years ago | (#33166022)

I recommend Windows Home Server. Of course, it integrates perfectly with your Windows machines (since you're running Outlook you have at least one) and is the best backup and recovery solution I've been able to find for home use (you can roll back individual files). You can have folders mirrored on different drives, and you can control who has access to what folders.

Additionally, through the magic of dynamic DNS you can access your files through the Internet. You get a subdomain off homeserver.com which allows you to check the status of the server, upload or download photos, and if you have expensive enough versions of Windows on your machines at home you can control them via Remote Access.

I've used other NAS solutions for years at home, and I don't regret switching to WHS at all. FYI, I built my own server and installed WHS myself - I didn't buy one off the shelf, though you certainly could if you're not into building computers.

SpiderOak.com (1, Informative)

Anonymous Coward | about 4 years ago | (#33166036)

I use spideroak.com as it is convenient, multiplatform, synchronizes across machines, provides a backup and is secure through encryption on my local machine - and it is free.

Why write it in the first place? (1)

mattwrock (1630159) | about 4 years ago | (#33166042)

I would understand if you were keeping for posterity, but why write if you don't want it known? If they are private thoughts, keep them in your head. I believe everybody has some kind of wild, crazy idea that they don't want to share. That's why mine is in my head. Someday, when I don't have to worry about what others think about me to make money, I might share. These thoughts that you write would be very valuable to your family and others in the future. Historical correspondence has been a great way to understand WHY people did what they did. I suggest you leave it there.

Don't be so naiive. (0)

Anonymous Coward | about 4 years ago | (#33166054)

You have zero privacy at work. Don't do anything embarrassing on their computers.

Wuala (0)

Anonymous Coward | about 4 years ago | (#33166060)

You can also try Wuala ( www.wuala.com ).
It's encrypted :)

Good God, only use work email for work! (2, Insightful)

stevegee58 (1179505) | about 4 years ago | (#33166066)

I only exchange emails with my wife and friends using my gmail account.

Clean house in your work email and stop doing that.

E-Mail = Hello World! (1)

bluhatter (583867) | about 4 years ago | (#33166068)

General rule of thumb: Never send anything in E-Mail that you don't want to appear on the front page of a newspaper the next day.

E-Mail is stored unencrypted on several servers along its path, and due to some weird legislation is required to be stored that way for several years ( in case authorities "need to know" what you said ). Also, any one of those server's administrators could be bored and have bad ethical standards.

If you are sending unencrypted personal E-Mail from work, there is no doubt that your employers can and probably do read some of your mail.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>