Complete Privacy; feature request

Wuala could enforce that you can only be signed in from one computer at a time.

Wuala wouldn't make it any easier. Someone could just as easily email, use flash drives, setup SSH tunneling, setup an FTP etc. ( Delete or Edit)

Wuala could potentially just append a function of my password to each file that I want to be completely private before computing the hash.

This should solve the problem with very little effort ( Delete or Edit)

Jeah, but as said... it's against the idea of encrypting the same files the same way, it could still be used to find out that you're accessing/storing a specific file and wouldn't help but hinder much! If you just want to store music - just do it! Your own rips are legal and the hash of those is unknown to anyone but you, and if you used "decentralized backup copies" - well jsut change the ID3 Tags or something, this should give the files another hash too... ( Delete or Edit)

Sorry Deathbob but you're wrong. The Wuala team already knows which users are storing some of the same files by just looking at the hash values. The Wuala team could easily compare the hash values of all of your privately stored files with all the hash values of the publicly stored files of everyone else. Chances are, since there's almost 17,000,000 files stored, the Wuala team already knows about all of the "illegal" files that everyone is storing. ( Delete or Edit)

Even though all your files are encrypted, the Wuala team doesn't even need to try decrypting your files because they already have the digital fingerprints (hash) of all your stored files. Lets say that you are privately storing an illegal video but someone else is storing the same video and has made it publicly available, even though the Wuala team doesn't know what you are storing, they will see that the digital fingerprint is the same for your private file and for the publicly available "illegal" file.

No brute force or any intensive calculations are required for them to find out all the possibly illegal files that you are "backing up". ( Delete or Edit)

I thought the order and piece hashes was encrypted. But if that isn't true and the pieces arn't encrypted because a private and public file can use the same pieces. Where the hell are they using the private/public key? ( Delete or Edit)

The problem doesn't lie with the encryption methods, the problem comes solely from the decision to use the hash (SHA) to generate the key. Because of this, Wuala can determine if the file that you are uploading (or storing) is identical to another file in the system even though it's encrypted. Wuala can't see what exactly it is that you're storing but it would know whether it is identical to another file. On the other hand, if your private file is identical to another file that is publicly available then they would know exactly what you are storing.

The biggest advantage to this is that it saves Wuala ALOT of space because many people are storing the same files. The disadvantage is that the Wuala team could store a list of digital fingerprints for illegal files (this could easily be provided by 3rd party companies) and everytime that you upload (or share) a file that has the same fingerprint as one found in the "Black List" then they would know exactly which files you are dealing with and that you might be involved in illegal activities. This could raise red flags and have your actions monitored by authorities ( Delete or Edit)

Well, I hope that e.g. child porn can be monitored that way, but maybe it should be clarified that an "attack" like this is possible but won't be used until there's a crime involved that would mean more than x years in jail in switzerland? (like relakks.com are handling their logs...) If someone really is concerned about this, there are _very_ easy ways to circumvent something like that (add a byte...) but a tool like that would mean a major loss of trust in caleido. ( Delete or Edit)

People that are involved with child porn surely take extra measures to protect themselves but I'm talking about the average user that wants to backup their music or DVD collection in a convenient manner. It is actually illegal to backup your purchased DVDs in many US states (see post bellow).

This doesn't mean that I don't trust Caleido, they publicly admitted in the privacy policy that they would gladly hand over private information to authorities when requested. If they feel like it or if they think that too much illegal activity is taking place, authorities could easily demand a list of all the users with all the digital fingerprints of all the files stored and also what sharing is taking place. ( Delete or Edit)

Well, I'm glad this is not the case in this country I'm in... So how should Caleido find out that User XYZ is from US-State ABC but User ZYX is from another country and not doing anything illegal there and just backing up a DVD? By IP? That can be easily "faked" (TOR, Proxy, VPN provider...). Authorities can demand, yes but I'm happy if Caleido would give out my IP - I'll surely walk straight to the Swiss embassy and go sue their a$$! >:-/

Now really, there are sensitive data and I'm sure they know how to protect those! ( Delete or Edit)

I completely agree with you Bugreport but this is just one of those cases where hard working citizens like yourself can be taken advantage of by the authorities. Most people (like myself) won't even be able to afford the lawer fees to defend myself ( Delete or Edit)

Well, actually all "authorities" (more likely: copyright owners - it's not like they aren't afraid to sue their own customers...) would get is my IP adress... and this is where it stops since it's not easy here to get the real name behind the IP. It's differrent somewhere else though, I know...

For lawyer fees - there are insurances who cover that, I'm sure! ( Delete or Edit)

Authorities could easily demand the identity of the user of a specific IP address from your internet service provider. ( Delete or Edit)

Public files are still encrypted, only the keys are made public. To test this theory, upload a large file and keep it private, log into Wuala from another house and make the file public, sign out of your Wuala profile and you will notice that the file is immediately available. If it wouldn't be encrypted anymore then the file would need to be decrypted and uploaded again to all the people that are storing those fragments. ( Delete or Edit)

Public fiels are encrypted as well, only the keys are available to anyone. Caleido can put a file back to private if it's abused for example. ( Delete or Edit)

In some countries, it is illegal to make a backup of your music that you purchased. In many US states, it is illegal to make a backup of a purchased DVD unless it is backed up into a "machine" that can only be used for viewing the movie but won't be able to be used for sharing or redistributing in any way shape or form.

To make my files unique, Wuala could implement this requested feature. ( Delete or Edit)

Caleido is not housed in the US... so they won't have to install spy-hardware on their servers and also not follow the DCMA. If this is really an issue four you, just change some meta data on your files or something - randomly tempering with data is not a "good thing" (tm) - especially for storage providers. You could however write scripts that add a few random bytes at the end of a file before it's uploaded and that deletes those bytes after you downloaded the file. However this is against Wuala's featureset and won't be implemented into the official client I hope. ( Delete or Edit)

Wuala is already "tampering" with the stored data by fragmenting it and encrypting it but as long as they can restore the original file then that's all that matters.

Why do you hope that this won't be implemented? There is no disadvantage for the users with this feature. Any files that are listed as completely private can never be shared with anyone. You don't have to make your files completely private. This won't help pedophiles at all because their files are already unique. We're not talking about extra encryption, I'm just requesting that they don't use the exact hash for some of my files. ( Delete or Edit)

I understand that it's difficult (but not really hard as explained in the privacy policy) for other users to determine my files. What I'm getting at is that the Wuala team can easily find out all of the possibly illegal files that you are storing.

"if you know the contents why are you trying to crack it?"

Lets say that I have the copyright for 10,000 movies, I would just provide Wuala the digital fingerprints of my 10,000 movies and with this I can find out all the users that are storing any of my copyrighted movies so that I can take everyone to court. Does this make sense? ( Delete or Edit)

yes - it makes. But let me say: Wuala is descriped as an "online Harddrive". Illegal content is not allowed in the policies. I think we _must_ live with this. By the way, it is not soo easy to find illegal content with the hash. You can do this with the most scene-releases of movies and such things. But to say it again - if you want to have an upload really privat, just be sure that the file is unique. No one can have a hash of a avi.movie you copied out of a dvd by yourself (as an example). And the filenames are also encrypted as long as file are not puplic. So there will be no way for anyone to find such a file (as I see this). It will be safe - as long as you do not share it in groups and people you do not know can download it or can see the filename... ( Delete or Edit)

If the file isn't shared, it will never be questioned. It is assumed you have the rights to keep stuff yourself. ( Delete or Edit)

The US borders will actually start checking people's ipods for illegal songs even though they're used only for personal listening.

Laws change all the time (for the worse). Your country could start invading your privacy just like the U.S. currently does. The stuff that the US government gets away with now was unthinkable just 10 years ago. Other countries (such as England) are headed in the same direction.

I like to have the peace of mind that I can keep a backup of my personal music collection.

Is it too much for me to ask that my personal backup be quept completely private without the inconvenience of encrypting everything myself? ( Delete or Edit)

I think in the moment you start putting files into the internet no company can guarantie you that you can save content and no one will be able to find out what it is for all time. If you want to be sure that your backups are as save as possible, put them in an (encrypted and passwordprotected) archive before uploading. Think you will have the best security that is possible in that way, except make a local backup and using only computers that are not connected to an network. ( Delete or Edit)

Why make it so hard, just write a X or other marking on the boat where you dropped the safe (or remember the exact location where you dropped it e.g. 3 meters after the lifeboat) and if you want to get it back later, just jump on that exact place over board! ( Delete or Edit)

But what happens if I want to store 100 of these lockboxes in 100 separate locations. I still need to store the locations somewhere so that I don't forget where to find my treasures and then I still need to back up my list of locations. I just want to be able to store some of my files in complete privacy.

How do I stop anyone else from stealing my lockboxes?

Doesn't anyone else want complete privacy? ( Delete or Edit)

My request has nothing to do with how my files are encrypted. I understand that all encryption can be cracked with enough resources. All I am asking is for my files to actually BE encrypted. What good does encryption do if everyone knows what I'm encrypting?

Let's say that you are storing "The Matrix" and I know that Wuala encrypts your files but what good is any encryption if they can just look and see what I'm storing without having to try decrypting or cracking the encryption? I won't explain this again because it has already been explained (above) several times how this can be done.

ps. To find out what "possibly illegal" files you are storing requires very little effort on Wuala's part. ( Delete or Edit)

So you want to store illegal files with known content in Wuala?!
Just to make that clear to you:
- If you upload something that is NOT legal in your country, you are not allowed to do so
- If you do upload something, that is publicly known (such as files from a DVD for example) but it's not illegal to posess then what's your problem anyway?

If you still want to backup your collection of DVDs but are afraid someone might sue you for it, just reencode the DVD, rip it into an ISO, pack it with a zip-program... anything that changes even a single bit of a file changes it's hash and makes it completely anonymous! What exactly is your problem man?! ( Delete or Edit)

It seems like I have to keep repeating myself. There is no problem, there's no reason for getting upset or defensive. It's only natural that anyone would be annoyed if they have to keep repeating themselves.

If you don't know the answer then it's ok to just not respond. I explained before that making a backup of your purchased DVD is illegal in most states so even if it's legal where I am, what would stop them from changing the laws? Personally I don't even live in the US but the laws of most countries are headed that way. I also explained before that I didn't want to jump through hoops just to ensure my privacy when this could easily be done. I also explained before that I wanted to store a backup of my music collection but I don't want my account to raise red flags.

Suggesting that I modify each one of my thousands of songs (or every movie that I store) so that it's unique is a silly idea and you yourself know that.

So finally, why should I go through all the hassle of encrypting / reencoding / zipping all my files when there are other backup services that will ensure my privacy without all the hassle? I know that many users would feel the same way. ( Delete or Edit)

It's really easy to modify thousands of files automatically... for file in dir myfolder do echo abc >> %file ... could be refined I guess, but is a real no-brainer in batch!
I don't think other companies would ensure your privacy as well, if you do something illegal! Checksums hopefully get calculated on other file hosters too, to ensure file integrity.

Again: Finding a file because you know it's checksum is NOT a PRIVACY issue! It's not an issue, because if you do something illegal, you deserve to be found, if you don't, noone will care.

Btw: It's not even sure, that Caleido themselves can say for sure if an account stores the file with the hash ABC123, you can only find out if a _computer_ stores the file or fragments of it, wich are both encrypted and inacessible to anyone but people allowed to do so! Maybe we need some clarification on that, I'll try to find some answers. ( Delete or Edit)

I'll address all of your topics independently:

In regards to a batch process, we're talking about the average joe user that doesn't know how to do this. Secondly, modifying the filename doesn't make it unique, this is just metadata so your files would still be identified. And finally, this is just an unnecessary annoyance when Wuala could easily take care of the problem with only a small and easy modification.

In regards to legality issues, 99% of people do illegal activities but most are not aware of it. You are actually involved in illegal activity just by clicking on a link while browsing the internet (because this has been patented). I'm not referring to intentional illegal activities, a company in the US (Real Networks) has just been taken to court for making a program that allows you to back up a DVD even though it can only be played back by the same computer that backed it up (due to encryption). Even though it might be legal in your country to store a backup of your music collection now, how do you know that it won't be illegal 5 years from now? A response about sueing their *** ** **** is not a valid response. If you have any children then they are most likely breaking the law as well (It is illegal for anyone to swing sideways on a swing). Luckily for us, most laws are not enforced but they could be if they wanted to.

There is nothing wrong with checksums or any hashing techniques and they are infact required to ensure file integrity. Let's say that you have 2 identical files that are encrypted with 2 different passwords into file1 and file2. The hash or checksum of file1 and file2 will definatelly be different, Wuala purposely used the hash of the actual file (instead of the encrypted file) so that 2 identical files would immediately be noticed (so that they can save space)

Again: --> making stupid comments about deserving to be found etc are totally uncalled for so lets keep everything professional. Feel free to read my previous posts about this issue since it has already been taken care of.

It is a fact that Caleido does see if you are storing a file with hash ABC123 since they are storing the metadata for all files on their own servers. The problem that exists right now is that (with some effort) other users are able to determine if you are storing certain files as well but this information is already readily available to Caleido. ( Delete or Edit)

Metadata is encrypted with your private key so I don't think they can see which files you own... this command-line would change the contents of a file, not the file name AND storing each file seperately is something that is against the initial design of Wuala - so I guess the "small and easy modification" would have to be done by you. It wastes bandwidth and space for nearly no actual improvement of anything. If cleartext-hashes are stored somewhere (you assume Caleido has them) it won't matter how the files are encrypted since it still would be easy to track the file down to your account.

And this would still be only of use to make it easier to share files that are publicly known - I don't care if something's patented or whatever! If it only helps to cover up illegal or shady activities for the cost of bandwidht + space this is certanily a feature some people would like to see, but that is NOT likely to happen any time in the official client - you still don't say WHY it should be there besides helping copiright infringers, you only say that you feel concerned that someone might find out about illegal activities. ( Delete or Edit)

I agree that Metadata is encrypted, I was just showing you how Caleido can see if you are storing a file with hash ABC123.

Bugreport: "If cleartext-hashes are stored somewhere (you assume Caleido has them) it won't matter how the files are encrypted since it still would be easy to track the file down to your account"

If the hash is computed from a unique file (by adding a random byte before computing the hash or similar) then it doesn't matter if they can see that I'm storing a file with the given hash code because that code would be meaningless to everyone except myself.

You keep jumping back to the idea of "someone finding out about illegal activities" so I'm going to spell this out for you so that you understand and hopefully I won't have to explain this again:

I don't live in the U.S. It is legal for me in my country to store a backup of my music collection. The authorities in my country even publicly stated that they will not go after people that download illegal content (just before you start getting excited again, let me make it clear that I don't intend to store illegal content) but they will instead only go after those that upload and share illegal content. So, my goal is to store a backup of my music collection that I rightfully own without having to worry that the laws might change and all of a sudden I would be flagged as being involved in illegal activities. A response similar to "if it's not illegal then just do it" is not a valid response due to the reasons already mentioned.

The problem also lies with the fact that Wuala makes it really really easy to share my legal content with friends so I would have to prove that I never shared it otherwise I would be suspected of illegal activities. Making a file completely private also ensures that I can't share it with anyone. ( Delete or Edit)

You don't show that they can find out that I store the file with the Hash ABC123 - you just say they store this on their servers and I told you that meta data is encrypted with your private key as well. Please say again _how_ Caleido finds out that I store a file with the cleartext hash ABC123... Maybe I overlooked it but I really don't see it. ( Delete or Edit)

Sure, I'll try to explain as best as I can. First of all, your initial question was whether or not Caleido can determine if an account stores a file with hash ABC123 so no mention was made about how the hash was actually stored or whether it was stored as cleartext. So the question is: "Given hash ABC123, can Caleido verify if I'm storing this file?"

Caleido mentioned that the metadata (and also small files) are stored on their servers. Because of this fact, we can deduce that Caleido stores a relation that relates the metadata (even though encrypted) to the actual file that is stored on the network and also that Wuala has a means to identify which account the metadata belongs to.

Caleido also mentioned that they determine if the file that is uploaded is identical to a file that is already stored in the network using the following explanation: "files with identical content will be encrypted the same way".

So to make a long story short, Wuala can determine if a given file is identical to a file already stored on the network and by using the above mentioned relation, Wuala can determine the metadata connected to that file and using the metadata it can determine which acct is storing that file.

Of course Wuala probably uses a much more direct route but based on only what can be deduced with 100% certainty using the information that we're given, this is just a proof to show how my answer was correct. ( Delete or Edit)

Well, the owner of a file is set in the meta data I think - so it would be possible to ask the server if a file with the hash ABC123 is already in the network _but_ that the server has no Idea who has access to those fragments. In the metadata only the keys to the individual fragments would have to be stored and this information is encrypted. Anyone could access any fragment in the network I guess but only if you have the ability to decrypt a given file with the keys in your metadata you can access it.

I guess it all comes down to: Files and metadata do NOT have to be tied and so even though files are encrypted always the same way, metadata is not (Username+Password=RSA key) and metadata is not attached to any file but something different that just gives you information how to decrypt a file. If you can't access the metadata (which noone besides the original owner can if RSA is implemented correctly) you can only say for sure who owns which file, if you can decrypt the metadata - which is the case if you can access a file in Wuala too.

However, this is how I would implement something like that, not neccessarily how it's done in Wuala - I'll try to bug the devs on that issue a bit more! ;-) ( Delete or Edit)

The server definately knows if a file belongs to you even though it can't decrypt the metadata. The reason why the server knows is twofold:

1. The server needs to be able to reliably determine how much storage you've used.

2. For effiency, It would be very innefficient to have to decrypt the metadata in order to know which file it's attached to. As a programmer, let me reasure you that I can guarantee you that the Wuala servers have an efficient means of relating the metadata to the actual file. I wouldn't be surprised if they used the hash value as the key to locating the metadata.

This is my last post in this topic as my request was intended to be read by the Wuala developers and clearly I am just wasting my time here. ( Delete or Edit)

If you want this feature, use OFF, the Owner free filesystem.

Without the exact html-Link to a file there's no way to even know that anyone stored anything there and for an anonymous filesharing client it's quite fast as well.

Wuala is far sufficiently secure for private unique files with unknown content. Everything beyond that also often falls in legally gray areas btw... ( Delete or Edit)

I'm not asking for extra security, I'm just asking for the level of security that Wuala promises. Average Joe that stumbles upon Wuala reads "your files are encrypted using 128 Bit AES bla bla bla" and is happy with that but once you understand the inner workings of the system then you realize that you have been mislead. Wuala claims that "not even we can see what you're storing" but this is only true for unique files.

As long as I'm not sharing my files with anyone else, I should have the right to some privacy of what I'm actually storing. ( Delete or Edit)

Well, guess what, if I can compute a hash of a file, I DO ALREADY HAVE ACESS TO THAT FILE! Got that? It's not "private" anymore and almost certanly never was private!

Yes, this can be problematic if you break laws and stuff but well... really not my problem and Wuala surely shoudn't make it easier for people to break laws, right? ( Delete or Edit)

Bugreport, I'm going to stop wasting my breath so I'm not even going to explain why you're wrong. I have already covered all of these topics that you brought up. Feel free to read my previous posts. ( Delete or Edit)