jump to navigation

Keeping your computers in sync December 7, 2010

Posted by rm42 in Computers, Gadgets, Products.
trackback

We like data

If you are like me, you have several computers or devices that you use to access your data at different times during the day. I personally have a PC that we use mostly for multimedia stuff (video, music, pictures, etc.) in the living room. It also has a database of the movies we own or that we have recorded in our VHS tapes collection (don’t laugh). However, from time to time I do like to access other personal or business data from it. I have another computer in our home office and I like to have access to all my data from here too. Likewise from my laptop. At work I like to have access to some of my data as well. Oh, and it is nice to have access to all that from my phone as well.

The problem is

Of course, the problem is that once you modify the data residing on any one of the machines, the other machines now need to get updated. But that is easier said than done. What if you haven’t used one of those devices for a while? In the mean time, you have edited a spread sheet, added a few pictures, deleted a few songs and added a few others. How are you going to remember what needs to be updated?

Well, there are several programs that one can use to try and get a hold on this madness. For example, Linux has the venerable rsync program and its variants (like grsync, krsync, QtRsync, etc.). On Windows you can use SyncToy. This can work. However, it can be tedious. Also, the possibility exists of you making a mistake and loosing some data. (Believe me, I know.) Is there a better way? Well, of course, there always is.

One way to do this would be to have all your data on a single location that is always available online. When you need something you simply open it directly from your remote device. Of course this has several advantages, but also, several disadvantages. For example, trying to browse your photos or playing your music that way can be very inconvenient. What if you are trying to access the data from somewhere that has a very slow connection or no connection at all? There has to be a better way. Well, of course, there always is. ;)

Enter Dropbox

Dropbox

A better way that I have been enjoying recently is using an online service called Dropbox. The beauty of Dropbox, is that your data remains local on all your devices. But, when you make a change, any change, the service ensures that all your other devices get updated automatically. It is very easy to use and it works on Linux as well as on Windows. You do have to have a small program installed on each of the machines that you want to have it working on. The program is available on PCLinuxOS right off the repository. On both Linux and Windows the program is very light on resources and sits quietly on your task bar tray. There is also a program available for the Nokia N900, DropN900, that works very well.

Thanks to Dropbox, I don’t have to worry about keeping my Keepass database in sync when I add a new password. The book I am working on, as well as all the research I do for it, is always in sync no matter what device I use to edit it. Also, there are several other nice features I enjoy from Dropbox. For example, if on your Photos directory you make a new folder with, say, your last vacation photos, sharing them with all your family becomes very easy. All you have to do is log in to your Dropbox account and go to http://www.dropbox.com/photos. You will see the folder you created there. Click on it, and besides being able to view the photos right there, a link is provided for you so that you can just send it to whoever you want to. They will be able to see your photos right there or download the full size images! I tell you, this is very much so, a better way to keep your data in sync.

To trust or not to trust

The only problem is, do you trust the people in Dropbox to respect your privacy? Well, I don’t trust them completely, but I do trust them enough to share some of my non-sensitive data through them and to have their client program run on my computers. What would it take for me to trust them completely? Well, I don’t think it is possible. But, I am very happy their service exists and I do hope that they work hard to keep earning the little or much trust that I do have on them. How about you?

PS:

If you want more privacy, you may want to try using TrueCrypt in conjunction with Dropbox. TrueCrypt is a free, open source, cross platform, application that allows you to encrypt disks, partitions, and/or containers. A container is basically a file that you can mount as a virtual disk. TrueCrypt is on the PCLinuxOS repositories, but it is a slightly older version than the one on the TrueCrypt website. But that is not a problem as long as you create the encrypted container in PCLinuxOS. I have tested the round trip of the container and its data this way and it works well.

Also, on PCLinuxOS you will need to add yourself to the sudoers file. That is very easy to do. Just open up the terminal as root and type “visudo”. Somewhere down the file, type this (if your username is rm42)

rm42 ALL=NOPASSWD:/usr/bin/truecrypt

I am making a series of smallish container files of about 50 MB each where I plan to store my more sensitive data. I hope this helps.

Comments»

1. Sean Sutton - December 8, 2010

This looks like an excellent way to do what I have struggled to do for years. I use too many systems and have major issues with data not matching when changing between machines.
Many thanks for this info.

rm42 - December 8, 2010

Sean,

I’m glad you found the information useful. And thank you very much for stopping by and leaving your comment. Gratitude is a rare thing these days. ;)

2. Emil Beli - December 8, 2010

Well, I used that solution before. I am still using dropbox, but not for the case you mentioned. I use it as a pile of files that I need on computers, quickly.

Seems to me that SpiderOak does much better job at it. Why?
1. you can select doirectories and/or files from various directories
2. it’s compressed
3. it’s encrypted.

(will not mention backup features etc etc).

This is releasing you from using just one storage space (dropbox folder), but just whichever you are generally used to.

rm42 - December 8, 2010

Emil,

I hadn’t heard about SpiderOak. I’ll check it out. Thanks for sharing.

3. popsredaktor - December 8, 2010

it is very difficult to know what sort of information you give away to such companies like Google, Dropbox and rest. Somehow i tend to trust to Open Source solutions (not sure why, never bothered to ask myself this question). The way the data’s being handled by the third party is of main concern, most important to me in particular is the way it is being stored.

Take TOR for example, you’d use it because your ip would be just a piece of data stream with no apparent connection to your person. I’d like to see this being implemented in data storage on servers of “cloud computing” providers. I’d happily use this service knowing that my data is a meaningless garble of data to everyone but myself.

Another thing I’d like to be able to do is to be able to store programme data remotely. For example, instead of moving 250MB of Firefox settings via Dropbox, I’d like to store that data somewhere else and have access to it whenever I want. Perhaps this is too difficult to implement.

Good article though. Thanks.

Cheerio,

p.

rm42 - December 8, 2010

One thing you can do is encrypt the data you share through Dropbox. Come to think of it let me go off and do that now. ;)

4. popsredaktor - December 8, 2010

perhaps, but then you get into the problem of incompatibility in decryption and extra pieces of software. besides, you can call it paranoia, whether the secret is in a secure box or not I’d still prefer not to give the secret away :)

rm42 - December 8, 2010

OK. I just installed TrueCrypt on my Windows machine. TrueCrypt is a free, open source, cross platform, application that allows you to encrypt disks partitions or containers. A container is basically a file that you can mount as a virtual disk. I created a 100 MB container on my Dropbox folder and placed a file on it. I probably should have gone with a smaller container because my network slowed down quite a bit. (Or maybe the NSA is tapping my connection to see what all this encrypted data traffic is all about. ;)) Any way. Now I am installing TrueCrypt on my PCLinuxOS machine. Unfortunately, I have quite a few updates to install and with this slow network it will be a while. But, I don’t think I will have trouble opening the container from Linux. I will let you know.

Update: Bummer, the current version on PCLinuxOS is 6.3, while the version I installed on Windows is 7.0. That means that I need to either downgrade my Windows install or have the guys at PCLOS update their TrueCrypt package. I think I will do that latter.
By the way, I did ended up reducing the size of the container. I think I will create a series of smaller containers, say 30 MB each, to have my sensitive data on. I think this will work nicely.

5. Al rossman - December 8, 2010

with respect to SpiderOak, we have used the service for over a year to sync/backup 8 computers [kids at college, home, work, etc.] Very powerful and flexible service. However, when it comes to stability and “just works” operation, it isn’t even in the same league as DropBox. Dropbox has proven “set it and forget it”, drop dead simple. Very, very important when the computers are remotely located.

6. emk - December 8, 2010

@rm42
I’ve been thinking hard of Dropbox with encryption lately.

My problem with syncing through Dropbox is 1. encryption and 2. I don’t want to give my entire home directory over to Dropbox. Which means that I still have to move files around manually after Dropbox syncs.

So maybe I’ll just use rsync and cron.

P.S Multimedia computer in the livingroom huh? I feel for you, I have the same setup, mine runs mythtv (spottily these days) sits next to the TV!

emk

7. popsredaktor - December 8, 2010

Please do post the results.

Still for your average user the word “crypt” may cause unnecessary panic. I’d think someone out there is coding to implement server-side encryption. I’d go as far to say that the next company to implement such protocols will reap all the rewards.
For the most part the IT industry (or rather the userland community) is moving towards the “ease of use”. Ubuntu is a prime example, even though they are doing a terrible job of it.

@emk: good point about the simplest of all the solutions. rsync indeed!

p.

8. JB - December 8, 2010

Loosing data is not a problem. If my data gets loose, I just grab a wrench and tighten it again.

Losing data, on the other hand, would be bad.

9. rm42 - December 8, 2010

Alright, I got TrueCrypt to work on Windows and PCLinuxOS. There are two things you need to do for it to be smooth.
1) Create the encrypted container in PCLinuxOS. This is because the version of TrueCrypt on PCLinuxOS at the moment is not the latest. I have tested the round trip this way and it works well.

2)On PCLinuxOS you will need to add yourself to the sudoers file. That is very easy to do. Just open up the terminal as root and type “visudo”. somewhere down the file, type this(if your username is rm42)

rm42 ALL=NOPASSWD:/usr/bin/truecrypt

With a 30 MB file the update is quite fast. I think I will try a bit larger file.

10. rm42 - December 8, 2010

In case any one is wondering, there is a TrueCrypt client program for the N900 (also at version 6.3):

http://maemo.org/packages/view/truecrypt/
:)

11. popsredaktor - December 8, 2010

@rm42: it is good to hear that such a workaround is possible. Yet the version conflict is a fact here.

If i run Debian Sarge then I can’t go further than v4.3 (i think) and if you are an admin then it presents a security vulnerability or featureless software at least.

Still, there is plenty of room for lots of improvement and innovation in remote file storage.

lively discussion lads! keep it up.

p.

12. Karl - December 9, 2010

Wuala is a simple way to solve the sharing challenge and it automatically encrypts the data shared as well so you don’t have worry about whether you trust the owners or not. Also you can either buy or trade storage to get much more than the usual small size available. I currently have 50GB of available space at no charge.

Vilbjørn - December 9, 2010

I too find Wuala (http://wuala.com) a viable solution, and the technology used fascinates me: storing the data redundantly in a worldwide grid.
Besides storing the encrypted data on Wuala’s own servers, the data is scattered in tiny, encrypted peaces among those users, who have traded storage.
You trade storage by offering Wuala access to a certain amount of disc space on your system, and in return you get an equivalent amount of free storage space.
Thus I have 101 GB storage space at Wuala (standard 1 GB plus 100 GB traded on a my system connected 24/7) for free.
Wuala allows me to backup my files, sync between different machines and systems, sharing with selected Wuala users after my choice.
Wuala can be used with Linux, MacOS and Windows, but as it is fairly new, the system has some limitations (as far as I have found out no sync facility on eg Android, Maemo), but hopefully this will be implemented over time.
Disclaimer: I have no affiliation whatsover with Wuala.com, I’m just a satisfied user.

rm42 - December 9, 2010

Thanks for the tip. I’ll play with Wuala on a spare machine to get a feel for it. It is good to know.

13. popsredaktor - December 9, 2010

I guess i stand corrected. Thanks for the link.

“””storage that can be accessed from anywhere and at any time, even when your computer is offline””””, i can see how it’s possible, but that is, ladies and gentlemen, making the impossible possible.
P2P encrypted sharing? exactly what I meant when talking about tor. Yet it is too easy to pick the pitfalls in someone’s implementation. I retire.

Does the company operate under Open Core? that would be interesting to know.

p.

Vilbjørn - December 9, 2010

@popsredaktor:

” “””storage that can be accessed from anywhere and at any time, even when your computer is offline””””, i can see how it’s possible, but that is, ladies and gentlemen, making the impossible possible. ”

Depends on how you read it, I think. To me it means that I can access my storage even if offline, but of course I can’t sync it until online (as opposed to strict cloud storage, where I can only access my files if online).

” P2P encrypted sharing? ”

As far as I understand it, thats not the way Wuala works. Data is encrypted on my own system with a key, that is only on my computer, and in this way only encrypted data will leave my computer and get stored elsewhere; nobody else knows my key, not even Wuala. My login on Wuala is with a password, that only my Wuala program knows as well; the program then authenticates against the Wuala server on its own.

I seem to remember that there has been some talk on the Wuala forum about opening up (part of) the code.

I’m not natively English speaking, so maybe I’ve missed something.

14. rm42 - December 9, 2010

Wuala looks interesting. However, for Linux, they only offer support for Debian derivatives. That leaves a whole lot of PCLinuxOS, Fedora, SUSE, Gentoo, etc., users left out. To say the least of Maemo and Android.

Update: Actually, the PClinuxOS repositories have Wuala there already. Wow, I never cease to be amazed by the PClinuxOS folks!

Vilbjørn - December 9, 2010

… as has Arch Linux :-)

BTW rm42 – I didn’t tell in my previous posts, that I much appreciate your article – thanks.

Gave me the idea to combine DropBox + Wuala to sync N900/Maemo – a somewhat clumsy solution if possible, but never the less a solution. And in this way there would be something to tease the folks over at Wuala :-) maybe it could make them speed up the development of a Maemo version.

rm42 - December 9, 2010

I installed Wuala on a spare PCLinuxOS machine I have. It looks good. A Maemo/Meego version would be incredible! :)

15. rm42 - December 9, 2010

Just to clarify a point about Wuala. When installing it on a second machine, the only thing required to access one’s data is the password. That means that the key is on their server. That means that the only thing they, or any one, would need to do to access your data is to use a brute force attack on your account to crack your password and they are in. Therefore using Dropbox + TrueCrypt is more secure than just Wuala, as long as you don’t share your key with anyone. Am I missing something?

(Of course you can always use TrueCrypt in conjunction with Wuala for double protection. ;))

Vilbjørn - December 9, 2010

Well, on the wuala forums it looks otherwise:

” Yes, you can test passwords at all. But lets do some simple mathematics:
The server responds to our authentifcation with a delay of 1 second and only allows one connection per authentification. If you test a-zA-Z0-9 and use a really weak password of let’s say 4 characters, you need about 5 and a half year on average. You know, a password of only four characters is somewhat weak, that this is not wuala’s issue. And as you know, with every additional character the time you need will grow exponentially. With a password of only 6 characters you need about 21k years, not solvable anymore.
In addition, I think (hope, guess) wuala is using some intrusion detecting, which is at the simplest point fail2ban on the auth-log. This makes even weak passwords of 3 or 4 characters strong/not solvable.
I hope you know, you can’t log into wuala without server authentification, therefore there is no chance to make a “normal” brute force attack locally on some distributed networks. ”

http://forum.wuala.com/viewtopic.php?f=34&t=972&sid=dc4d5b6ef60a2d1ec384b62fc9eb54a0

I haven’t checked the maths, so don’t know if its correct. But it looks plausible to me.

rm42 - December 10, 2010

That sounds good for those outside Wuala. But, what about Wuala administrators? Not that I have any reason to distrust them. Just talking theoretically.

16. TheGooch - December 18, 2010

I like the the Dropbox with Truecrypt solution, but the most secure way of setting it up is also the least user friendly. You can either:
1) Locate the DropBox folder inside of your Truecrypt drive
2) Locate the Truecrypt drive file inside of your DropBox folder.

With #1, the files are encrypted on the drive, so they are safe if your drive gets stolen, but they are un-encrypted on the Dropbox server, so they are not safe if someone gets access to your DropBox account.

With #2 the files are always encrypted, but Dropbox an only back them up when the Truecrypt drive is not mounted. If you use the files often, they will be very inconvenient. Another minus is if you need an important file while away from home ( say a birth certificate while in a foreign country to replace your stolen passport ), it will be a lot more work to retrieve that document.

So, #1 makes is easy to access your documents, and changes are backed up to Dropbox as soon as you modify/add/delete them, but you must trust DropBox with you files.

#2, much more secure, but your data is backed up much more slowly, and is difficult to retrieve. When you are not located near a computer that stores your data.

My analysis is based on 10GB of files in a 10G or larger TrueCrypt drive.

rm42 - December 18, 2010

Your analysis is accurate. I ended up using the second method you mentioned, but only for my sensitive data. Other stuff is out there in Dropbox unencrypted. This is boring stuff that I doubt any one at Dropbox would be interested in reading any way. On my N900 I have a set of scripts, each one accessible from its own shortcut, that mounts the appropriate TrueCrypt container and opens the File Manager. As soon as the File Manager is closed the drive is unmounted. The only hassle is when I want to copy a file from one of the containers to a PC connected through USB, as I have to copy the file out of the container before connecting the device to the PC. But that is only a problem when connecting my N900 to other people’s computers since my computers already have the files.

VWrestle97 - April 21, 2011

I find your approach to combining TrueCrypt and Dropbox interesting. I am a fellow N900 user and I was wondering if you have your script posted anywhere and maybe the steps you took to create the TrueCrypt drive file inside of your DropBox folder? This infomation would be very helpful as I am a newbee.

Thanks.

rm42 - April 24, 2011

I just use a small three line bash script. This is what it looks like:

/usr/bin/truecrypt --protect-hidden=no -k=/home/user/MyDocs/path_to_truecrypt_key_if_using_one /media/mmc1/Files/DropN900/Container0 /media/container0

ossofilemanager

/usr/bin/truecrypt --dismount /media/container0

Modify it as needed to fit the name of your container and the paths that you are using. Save it in a file with any name you want. Make it executable (you may not be able to do that in the FAT filesystem of the removable media card though). Copy it to /usr/bin/ so that you can call it from any where. And you are done.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: