| ▲ | bjt12345 an hour ago | ||||||||||||||||
Surely there's better technological solutions for encrypting block data in the cloud with lower risks of service ensh*tification? | |||||||||||||||||
| ▲ | somat 4 minutes ago | parent | next [-] | ||||||||||||||||
luks on an iscsi drive Joking of course, but I am playing around with a similar setup, I should try it over the actual internet and see how much it sucks. Now I am arguing with myself if you would want to run it over an encrypted tunnel. Theoretically no, but drive encryption is not really designed to protect data in transit who knows what sidechannel data would leak, so maybe... and the tunnel probably has better authentication than iscsi | |||||||||||||||||
| ▲ | jszymborski an hour ago | parent | prev [-] | ||||||||||||||||
The state of things isn't great IMHO. Im not sure I trust any of EncFS, CryFS, and gocryptfs. Many leak metadata and/or have serious security concerns. | |||||||||||||||||
| |||||||||||||||||