this post was submitted on 18 Nov 2023
1 points (100.0% liked)

Data Hoarder

168 readers
1 users here now

We are digital librarians. Among us are represented the various reasons to keep data -- legal requirements, competitive requirements, uncertainty of permanence of cloud services, distaste for transmitting your data externally (e.g. government or corporate espionage), cultural and familial archivists, internet collapse preppers, and people who do it themselves so they're sure it's done right. Everyone has their reasons for curating the data they have decided to keep (either forever or For A Damn Long Time (tm) ). Along the way we have sought out like-minded individuals to exchange strategies, war stories, and cautionary tales of failures.

founded 1 year ago
MODERATORS
[email protected]
1
Best options for storing private adult/sensitive content? (alien.top)
submitted 11 months ago by [email protected] to c/[email protected]
4 comments fedilink hide all child comments
 

Without getting too into the specifics, I shoot content for 'creators' as well as shoot my own content for/with my partner. I also maintain a substantial archive for my photography side-hustle, which is ever growing.

All the videos/photos are all stored on my 16tb home server. While I'm not too fussed with the storage sizes at the moment, I'm more concerned about protecting both the models/my partner (and myself) against any form of hack, or even burglary.

I'm paranoid that if someone physically steals my server, they will gain access to a bunch of sensitive information, and I'm paranoid that if someone gains access to some sort of cloud storage I am looking at purchasing.

I currently have Backblaze unlimited backup which is great, but it's also quite a chore to go through to find content to download. To me, it's more of a total backup solution. I was wondering if it's worth maintaining the backblaze as a backup solution, while getting some sort of cloud storage (I've been looking at filen/pcloud) meaning me and my partner can access and quickly view the content we make, making organisation/posting far, far easier.

Does anyone encrypt locally? (Is that a thing? I'm fully new to this), so if someone physically had my server, they wouldn't be able to get it. As well as have some sort of sync solution/cloud storage that allows me to access the storage folder in explorer (and on mobile devices), making life easy for me.

Cheers!

top 4 comments
sorted by: hot top controversial new old
[–] [email protected] 1 points 11 months ago

Multiple copies, multiple locations. All encrypted.

[–] [email protected] 1 points 11 months ago

I personally believe every scrap of data should be encrypted. Doesn't matter if it's NSFW or an archive of the weather report. Everyone should be encrypting their hard drives so they're easier to securely erase when you need to decommission them. Aside from forgetting the password, there's virtually no downside to you at all.

Veracrypt, FileVault (or APFS encrypted storage) and BitLocker, are all perfectly solid encryption options. I'm not up on my Linux options.

To back up to the cloud, use a tool that allows you to manage the encryption locally, like Rclone, Duplicacy or Arq Backup. Never upload anything unencrypted to the cloud and never keep any unencrypted hard drives around.

This has been my strategy. Keep my encrypted data at home and upload it in encrypted form to the cloud.

[–] [email protected] 1 points 11 months ago

Linux has Luks which is very effective, all my machines are encrypted using Linux LUKS, I don't really ever use Windows for encryption I know bitlocker exists but I've read articles on how people can still get access to the drives.

To keep people off certain folders, drives, you would need to setup user or group permissions. I do this in Linux as well, only I have access to the 18+ stuff.

Hardware wise you can find enterprise drives that have encryption built into it. I know some WDC drives have it.

Here is an link to WDC drives that have AES-256 encryption built into it: WDC Drives I would expect them to cost a bit more, but if you really need the protection I would build a machine with Linux as the main OS, and then configure the drives under luks with passwords, hell even a passkey file using random 2048 string can be configured. Run Windows under Virtual Machines, I have a 10/11 VM that can read/write to the drives, but you still need a password to open the VM's.

I'm sure there is a solution for you. Just like I've found one for me.

[–] [email protected] 1 points 11 months ago

I would like to offer my services as an offsite backup source.

openssl can do encryption on a file basis. So you could write a looping script that would encrypt each file recusively. Then you can unencrypt each file as needed. Or a reverse loops that would unencrypt the bunch.