Author

Topic: Anonymous persistent data without local storage (Read 174 times)

newbie
Activity: 7
Merit: 0
February 02, 2023, 09:36:48 PM
#8
A year later, I still use a backup on paper. I don't trust any online solution 100%. Many online storage providers means remembering many accounts and making it more difficult.

--Knight Hider
Which doesn't make your data safe, since our brains are visible to satellites flying at Earth orbit. There are military satellites of governmental intelligence agencies, and if you don't want them to know your keys, it is better to use some mix of hardware solutions, cause everything you see with eyes and press with keyboard, is compromised by default, since we are able to do MRI scans in general. Honestly, I am looking for a solution too.
member
Activity: 239
Merit: 59
a young loner on a crusade
A year later, I still use a backup on paper. I don't trust any online solution 100%. Many online storage providers means remembering many accounts and making it more difficult.

--Knight Hider
legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
I need tips to store a small amount of data online without ever losing it.

Since we're talking about data stored online, there's possibility the data will be removed or can't be accessed. Whatever method you chose to store your data, you should store it on more than 1 place.

1) Create Tails Linux bootable USB stick

Since OP mentioned he need plausible deniability under any circumstances, i should mention this part of Tails documentation.

Tails makes it clear that you are using Tor and probably Tails

Everything you do on the Internet from Tails goes through the Tor network.

Tor and Tails don't protect you by making you look like any random Internet user, but by making all Tor and Tails users look the same. It becomes impossible to know who is who among them.

  • Your Internet service provider (ISP) and local network can see that you connect to the Tor network. They still cannot know what sites you visit. To hide that you connect to Tor, you can use ?Tor bridges.
legendary
Activity: 3038
Merit: 2162
What sort of plausible deniability are you looking for in online storage? If authorities will know your online accounts, they will be able to ask the storage providers to give your data, and after that they will be pressuring you to decrypt it. So, same situation as finding your local storage.

So, use throwaway emails and privacy tools like TOR when registering on sites that provide storage, and do a lot of online backups, because there's no guarantee that all these providers will be around in 10-20 years or that they won't lose your files.
hero member
Activity: 910
Merit: 5935
not your keys, not your coins!
I read some paranoid stuff such as Wi-Fi antennas' removal and said to join.
You're always welcome to join me on my paranoiac thought escapades, my friend! Grin

How can you be so sure that it'll remain infeasible forever? I mean, yeah, those clouds can't read the content, but that may be just temporary.
That's an interesting (even though probably off-)topic. From what we know today about today's (computers) and tomorrow's (quantum) technology, symmetric crypto is still completely safe for quite a while (until we get something even more advanced than quantum computers).
As for having an easy way to carry both private and public key without remembering long strings neither weak passwords, check Booknemonic. Just generate your mnemonics and write them down on a paper.
I didn't know this existed, pretty nifty stuff! It will land in my bookmarks, thanks.. Smiley
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
I read some paranoid stuff such as Wi-Fi antennas' removal and said to join.

6) Then transfer the encrypted file to an online machine e.g. via a USB stick, and upload to as many clouds, online storage providers, email servers etc. as you possibly can.
Hehe, this reminds me of an old saying.

Yes, you, justifiably, feel like you're sharing information that can't ever be read by anyone. By that assumption, you're safe to even message the whole world about the encrypted message. But, how can you be so sure that it'll remain infeasible forever? I mean, yeah, those clouds can't read the content, but that may be just temporary.

It may remain as is in terms of feasibility to break the encryption scheme, but what if it doesn't? What if after many years, these texts you've hidden from everyone could be read? Wouldn't you wish to have never shared them?

I've deepened it, but the way I see it is that saving the encrypted text in all these clouds is like denying science controversy which is what has brought us to the current science progress. So, in my opinion, since we've rejected these absolute attitudes long time now, I'd just save the txt on my hard drives and sleep easy.

(Assuming the content is very sensitive!)



As for having an easy way to carry both private and public key without remembering long strings neither weak passwords, check Booknemonic. Just generate your mnemonics and write them down on a paper.
hero member
Activity: 910
Merit: 5935
not your keys, not your coins!
If you want all your accounts and data to be secured with one single key that you only keep in memory (I advise HEAVILY against this!!), it's quite simple:

1) Create Tails Linux bootable USB stick
2) Boot a computer from that, maybe take out all the drives before and remove Wi-Fi antenna as well
3) Now you have an air-gapped computer, good good
4) Create an encrypted text file on this computer:
Code:
$ vim -x filename.txt
5) Enter all passwords and private keys and save it.
6) Then transfer the encrypted file to an online machine e.g. via a USB stick, and upload to as many clouds, online storage providers, email servers etc. as you possibly can.

DO NOT DO THIS. You can and will forget the password. Or you will decrypt the file on an online, compromised machine and all passwords and private keys will be accessible in clear text.

This is where HSM's come into play. These can be clunky big crypto-coprocessors, but also smartcards, U2F keys and Bitcoin hardware wallets. Only issue is the plausible deniability aspect. In case you're really in the 1-in-a-million scenario that your government is super authoritarian and corrupt and checks your home all the time and shit, you actually don't have many options other than doing what I described above; basically storing the master key to everything in your memory.
member
Activity: 239
Merit: 59
a young loner on a crusade
I need tips to store a small amount of data online without ever losing it.
My goal is to have access to my accounts without persistent local storage or paper notes.

Currently, I have private keys and account details written down. I want plausible deniability under any circumstances, which means no local storage. I can remember complicated passwords or 12 words but not everything. I need one key to derive them all. How can I do this?

--Knight Hider
Jump to: