Like everyone else cryptoanarchists want their data to be secure against random drive failures or boating accidents. Although compfortably simple, local backups sometimes don’t cut it. Data might be too hot to store in your physical location, you might want to protect your data against fire, or you might want to compfortably backup remote servers. This is where offsite cloud storage comes in.

The “crypto” in “cryptoanarchist” means “hidden”. We want our data to be “hidden”, especially when it leaves our physical control. This breaks down to two things:

  1. We want to strongly encrypt our data
  2. We want to decouple (even encrypted) data from our identity

Therefore, the following are must haves for any offsite cloud storage solution:

  1. Locally encrypted: Data must be strongly encrypted on our device
  2. Open Source Client: Client software must be open source
  3. Secure transmission: Data should be transmitted across the web securely
  4. Open standards: Storage provider should employ open standards to reduce complexity
  5. Geo-redundancy: Storage provider should provide way to backup data in multiple locations
  6. Trustworthy provider: Provider should earn user trust, for example through warrant canaries and system transparency
  7. Anonymous Account: Account should be set up without revealing personal information
  8. Bandwidth efficiency: No need to clog up your network or use precious hosting bandwidth for redundant transmission of data

A combination of duplicity and rsync.net achieve all these goals:

  1. Locally encrypted: Use the --encrypt-key key-id duplicity option with a RSA4096 key for time-tested GPG encryption
  2. Open Source Client: Use duplicity
  3. Secure transmission: Use duplicity with your own ssh key
  4. Open standards: rsync.net gives you an empty UNIX filesystem hosted on a ZFS filesystem.
  5. Geo-redundancy: rsync.net offers geo-redundant cloud storage where you choose the primary location and they automatically replicate your data each night to a secondary site, giving you an extra, geographically disparate copy of your data.
  6. Trustworthy provider: rsync.net has a warrant canary, public PGP keys, and a page where they explain their backend.
  7. Anonymous Account: Sign up with an anon email and head over to coinsbee.com to purchase a $50 prepaid credit card (and pay with lightning). That will give you five months of storage. You can always change your credit card information along the way to a new coinsbee card if you want to keep your account for longer than five months.
  8. Bandwidth efficiency: Use duplicity with the rsync:// destination for bandwidth-efficient rsync usage

Note: Nautilus supports sftp:// “Locations”, so rsync.net should be supported in most GNU/Linux distribution out of the box. Don’t forget to locally encrypt your data though before copying it over.

Resources