[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Glacier Storage
On 02/23/15 05:28, John Gamble wrote:
>> Understood. And for this, the best solution is probably to use something
>> other than Tarsnap. Given that you're going to upload them once and never
>> touch them again (hopefully) there are lots of tools which will do the job
>> for you -- removing the need for deduplication makes everything much simpler.
>
> Can you suggest what other service might be useful in this situation? I'm
> curious to know, as it might be something I'd want to look into at some point.
If I was going to put "cold" data into Glacier, I would probably encrypt it
using scrypt and then upload it directly. I think the AWS Console even lets
you do this from a web browser.
The key issue here is that when you take deduplication out of the picture,
you can encrypt and upload separately; which means that as long as you do
the encryption using a good tool, the tool you use to upload your data doesn't
need to be written with any awareness of security or cryptography.
--
Colin Percival
Security Officer Emeritus, FreeBSD | The power to serve
Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid