[tahoe-dev] TWN42
Patrick R McDonald
marlowe at antagonism.org
Sun Mar 3 13:33:58 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================
Tahoe-LAFS Weekly News, issue number 42, March 3 2013
=====================================================
Welcome to the Tahoe-LAFS Weekly News (TWN). Tahoe-LAFS_ is a secure,
distributed storage system. `View TWN on the web`_ *or* `subscribe to TWN`_.
If you would like to view the "new and improved" TWN, complete with pictures;
please take a `look`_.
.. _Tahoe-LAFS: https://tahoe-lafs.org
.. _View TWN on the web: https://tahoe-lafs.org/trac/tahoe-lafs/wiki/TahoeLAFSWeeklyNews
.. _subscribe to TWN: https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-lafs-weekly-news
.. _look: https://tahoe-lafs.org/~marlowe/TWN42.html
Announcement and News
=====================
Least Authority Enterprise Mentioned in Wired
- ---------------------------------------------
Wired `mentioned`_ `Least Authority Enterprises`_ |LAE| in its article
on `Crypton`_. Crypton is an effort by `SpiderOak`_ |SpiderOak| to
"make it trivial for any developer to add encryption to an application
— even if the developer doesn’t have extensive experience with such
things" [`0`_]. The article references Least Authority making it easy
for users to encrypt the data users store on Amazon's S3.
Congratulations to the Least Authority team for this mention.
.. _`mentioned`: http://www.wired.com/wiredenterprise/2013/03/crypton/
.. _`Least Authority Enterprises`: https://leastauthority.com
.. _`Crypton`: https://crypton.io/
.. _`Spideroak`: https://spideroak.com/
.. _`0`: http://www.wired.com/wiredenterprise/2013/03/crypton/
.. |LAE| image:: LAE.png
:height: 35
:alt: Least Authority Enterprises
:target: https://leastauthority.com
.. |SpiderOak| image:: spideroak.jpg
:height: 35
:alt: SpiderOak
:target: https://www.spideroak.com
Weekly Dev Chat Meeting Notes
=============================
Below are Zooko's `meeting minutes`_ from the `Weekly Dev Chat`_.
In attendance: Zooko, Andrew, Iraklis, David-Sarah, Anna, Amber,
Rohit, Oleksandr, Samuel
Topic: Message-Locked Encryption, convergent encryption
Discussion: Wide-ranging survey of possible future compression and
encryption schemes; segment-level deduplication, segment permutation
and dummy-segment-insertion (sort of like Oblivious RAM?),
content-determined+variable-length segmentation (like bup and
backshift), Amber's idea of a novel way to do that sort of
segmentation besides using a rolling hash, pre-image-resistant rolling
hashes, Ristenpart et al.'s "Randomized Convergent Encryption",
probably more stuff.
Next week will be a "Nuts And Bolts" meeting. It will be at 16:00 UTC
(8:00 Pacific) so that Brian can attend before going to work. The
topic will be "Let's close a bunch of tickets for Tahoe-LAFS v1.10
now, while we're on this videoconference together".
.. _`meeting minutes`:
https://tahoe-lafs.org/pipermail/tahoe-dev/2013-February/008063.html
.. _`Weekly Dev Chat`:
https://tahoe-lafs.org/trac/tahoe-lafs/wiki/WeeklyMeeting
- From the tahoe-dev Mailing List
===============================
Secure OS for Running Tahoe
- ---------------------------
Simon Forman `inquired about a secure operating system`_ for running
Tahoe-LAFS. Patrick McDonald recommended Simon construct a threat model
for the information he wished to protect and then find an OS which
meets or exceeds that threat model. Greg Troxel provided a `solid
case for NetBSD`_ as the secure OS. P S `offered Qubes OS`_ as a
possibility particularly for handling multiple threat models.
.. _`inquired about a secure operating system`:
https://tahoe-lafs.org/pipermail/tahoe-dev/2013-February/008037.html
.. _`solid case for NetBSD`:
https://tahoe-lafs.org/pipermail/tahoe-dev/2013-February/008040.html
.. _`offered Qubes OS`:
https://tahoe-lafs.org/pipermail/tahoe-dev/2013-February/008045.html
What Tahoe-LAFS Reveal to an Attacker
- -------------------------------------
Inspired by the above thread, Patrick `asked what information Tahoe-LAFS
would reveal to someone with root`_. Kevin Reid provided an informative
`synopsis of the possibilities`_. In light of redundant array of
independent clouds becoming more a reality, Patrick asked,
"How do we protect ourselves against attacks from service providers who
have full root access on one or more of our storage nodes?" [`1`_]
Ed Kapitein provided the idea of mounting home directories on a chosen
cryptoloop and mount .tahoe directories over SSHFS from a machine which
you do trust. Zooko provided an `excellent summation`_ of what we need
to do.
.. _`asked what information Tahoe-LAFS would reveal to someone with
root`:
https://tahoe-lafs.org/pipermail/tahoe-dev/2013-February/008041.html
.. _`synopsis of the possibilities`:
https://tahoe-lafs.org/pipermail/tahoe-dev/2013-February/008042.html
.. _`1`:
https://tahoe-lafs.org/pipermail/tahoe-dev/2013-February/008055.html
.. _`excellent summation`:
https://tahoe-lafs.org/pipermail/tahoe-dev/2013-February/008060.html
Glowing Quotes
==============
Tahoe-LAFS on Twitter
=====================
"This week's Tahoe-LAFS Weekly Dev Chat was a heady mix of
encryption+compression+deduplication ideas.
http://identi.ca/url/75340004" [`2`_]
"I really hope the scientists who attended this week's Tahoe-LAFS Dev
Chat to invent new crypto show up at next week's to review Python code."
[`3`_]
"Greg Troxel makes good arguments for NetBSD being a good secure
platform for Tahoe-LAFS: http://identi.ca/url/75296362 (also aliens)"
[`4`_]
.. _`2`: https://twitter.com/zooko/status/307190054823014401
.. _`3`: https://twitter.com/zooko/status/307190931948462080
.. _`4`: https://twitter.com/zooko/status/305568012663140352
Patches Needing Review of the Week
==================================
There are five (5) ticket still needing review for 1.10.0:
* `#1679`_: Nondeterministic NoSharesError for direct CHK download in
1.8.3 and 1.9.1
* `#1713`_: redesigned welcome page
* `#1159`_: stop using .tac files: make it possible to change appname,
Python package-directory name, perhaps other names
* `#166`_: command line order is problematic
* `#1539`_: stop putting pkg_resources.require() into .tac files
There are six (6) tickets still needing review of 1.11.0:
* `#1818`_: leasedb: track leases in a sqlite database, not inside
* shares
* `#1265`_: New Visualizer is insufficiently labelled/documented (plus
* layout problem)
* `#1864`_: turn off the AUTOINCREMENT feature in our use of sqlite?
* `#1411`_: sftp server does not accept pubkey auth
* `#1807`_: cleanup: HUMAN_RE regexes in uri.py are never used
* `#1382`_: immutable peer selection refactoring and enhancements
.. _`#1679`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1679
.. _`#1713`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1713
.. _`#1159`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1159
.. _`#166`: https//tahoe-lafs.org/trac/tahoe-lafs/ticket/166
.. _`#1539`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1539
.. _`#1818`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1818
.. _`#1265`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1265
.. _`#1864`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1864
.. _`#1411`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1411
.. _`#1807`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1807
.. _`#1382`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1382
- ----
*The Tahoe-LAFS Weekly News is published once a week by The Tahoe-LAFS*
*Software Foundation, President and Treasurer: Peter Secor* |peter|
*. Scribes: Patrick "marlowe" McDonald* |marlowe| *, Zooko
Wilcox-O'Hearn* |zooko| *, Editor Emeritus: Zooko.* `View TWN on the
web`_ *or* `subscribe to TWN`_ *. Send your news stories to*
`marlowe at antagonism.org`_ *— submission deadline: Friday night.*
.. _marlowe at antagonism.org: mailto:marlowe at antagonism.org
.. |peter| image:: psecor.jpg
:height: 35
:alt: peter
:target: http://tahoe-lafs.org/trac/tahoe-lafs/wiki/AboutUs
.. |marlowe| image:: marlowe-x75-bw.jpg
:height: 35
:alt: marlowe
:target: http://tahoe-lafs.org/trac/tahoe-lafs/wiki/AboutUs
.. |zooko| image:: zooko.png
:height: 35
:alt: zooko
:target: http://tahoe-lafs.org/trac/tahoe-lafs/wiki/AboutUs
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQIcBAEBCAAGBQJRM1FGAAoJEAT4nRyi0elyfcwP/2MxsMSGhsRQovOhjF5HjUy2
3JVS8PsdX2Qq/VCHBWP7pns5u5IUIBoWR42lLMq2/biCOpuAashTTj6Ud9wi555s
BkX8fEUGGCT7HXGS4c2xW+Cyg8EGNn5rf2tAQ31ezGdcjR+nB4Ycr5wJl0/17MsO
oVPFwN5RkSmCQYefrgbeZL8U1tlwGVBMAtQ1nQ7tVNHVRxv9fXV08W0iy/LjHm0X
uFDv6s7cwZggNmkbYGWk9/D5JzDtTInalK+i34jktOO050WCQYAZOwnpno2XNKof
pDMMZASgnmAsf4iKnfMCoaiGjwUMW7GbgFbk77+h4eTYBKYM1vjenNqmgfyf52AK
gkvLqb5zKromJroy8wOi018DuFjI+lPzXIlv9g1L3v5bZEm7siaYWEZKDxfDTQnZ
D/b1V+lG1+Zx6eIMO/HGz8qA4CH+i1k35PuXi+tfmd+KjvrcgD1iB7xcg66eKYQC
9YmCsl9OHrsmqgNy+Ywt0ilRpwmT50PWvHMQKYPkrlOCQoW32dKWYEZcWbNbuvfF
48xxfLS0BBffwFqJ1i+azi2OE7oYydd+YKDWqBdyZE1FsLGIUrkDFUM2oe5sZLxA
YDzJZu3izIQYvgQxF2HGdGtRRJjDaLqf+js80TT0Ir2Ayi0RfWXvnnEq4N2tUJrD
CRT+tarpvizUvxkXPdes
=fd8U
-----END PGP SIGNATURE-----
More information about the tahoe-dev
mailing list