How does TeamDrive work ?

[aka]

hello,
For Cloud services, privacy, trust and transparency has become more crucial as the revelations about the US government Prism program and US companies' involvement, pops out almost everyday.
So where can I find comprehensive yet understandable (I don't work in IT) explanations on how TeamDrive works ? The information on your website is a little bit too basic even for me
Btw, would it be wise to make this information accessible from your website to whoever is interested in (let's see that as a huge opportunity for european crypted cloud services) ?
I've read somewhere on your website, that you're using Amazon Web Services (servers) to backup the data. Aren't you concerned, along with the Prism program, by the fact that AWS has won a huge contract to build the CIA's cloud (*), the CIA becoming its bigger client ?
Why do you need AWS anyway (like I said I'm no IT) ?
Thanks for you answers


(*[url] is off for me ) : http://www.theregister.co.uk/2013/03/19/aws_allegedly_helps_cia_build_spook_cloud/

[aka]

Is there anyone from TeamDrive on this TeamDrive forum ?
As far as privacy is concerned, I don't think silence can be an option for a supposedly secure and private cloud service.
I tried to find a really (it is to say non US, among others) secure and private cloud service with evolved features, and so far yours could be one of the best, even though I'm not found of having to share spaces instead of just folders or files from a space, but I'm quite concerned about TeamDrive using AWS to backup data in Europe.

There is an other option called Bajoo (french ; using their own servers in France ; client side encrypted files with a key you choose and different from your account pw), but their mac client is not ready yet and their iOS app is still missing an upload feature. But if I was using a windows PC I would have chosen it.

[Kenneth]

http://www.teamdrive.com/security.html

Is that also too basic? You've probably read that already but the site is pretty transparent about how the security works and there are articles that have been written about how TD works as well.

http://www.tecchannel.de/storage/backup/2040777/cloud_storage_teamdrive_versus_owncloud_ein_security_vergleich/

[aka]

Hi Kenneth, thanks for your answer.
Ok "basic" was not the right word, let's say "incomplete and scattered" to be precise.
On the first link you gave for instance : we don't how the encrypting key is created (randomly, from our account password...), nothing is mentioned about the fact that TD uses AWS to back up our data (we have to find this out somewhere else), how and even why.

Sorry but this kind of informations have become crucial to trust cloud services whose key feature is privacy, don't you think ?
And that's actually my 2 concerns right now, even if I know that for AWS we can't be sure of anything...
But maybe you are planning to change for an other cloud provider, preferably european ?

For the second link, I don't speak german... yet!
The Google translation in french is not even french but what I can still read from the english translation is too general.

[Kenneth]

In what sense are things "incomplete and scattered" and "too general"? If the encryption key was always created the same way, for everyone, then I think it would be quite easy to crack. That's exactly what we, and our users, are NOT looking for.

The data is encrypted at rest and can only be encrypted by your client because you, the user, have the keys (this is also on our site). So if the data were compromised they are not able to be decrypted according to current technology. If you lost your keys and could not restore your data from our servers we would not be able to retrieve it for you because we do not have the keys, YOU have the keys.

It is also not hidden that our data is stored with AWS. You yourself said you read that on the website. It is also not hidden that you have a choice to store you data on AWS servers in the US or AWS servers in Europe. The user makes this choice. A key component of what people who wish to store data in the cloud are looking for is security of their data, no matter where it is stored. Like you may have also read, TeamDrive uses 256-bit AES encryption to encrypt your data. The data is encrypted before it leaves your client and is only decrypted by your client when it comes back to your client. No matter where you store the data, the data is encrypted. If you use our servers, a WebDAV server, the TeamDrive Personal Server, etc., the encryption comes from the client itself. The user maintains controls of the keys, another reason why we have not implemented a web interface to access your data via a browser. Currently, for that to be possible your key would have to reside somewhere on the server and that is something we do not want. We do not want access to the keys for your data. The user is held responsible for the security of his/her encryption keys. So when we speak about encryption keys on our website, where the data is being backed up is irrelevant (at that moment) because no matter where the data is stored the encryption is the same. If you setup a TeamDrive Personal Server using your flash drive (exaggerated example) the data will be encrypted on the flash drive and you would have a flash drive with encrypted data blobs on it.

If you wouldn't like your data to be hosted in a cloud because you feel it has a chance of being compromised we also over the TeamDrive Personal Server where you host your own data and can configure it yourself to have access to it from where you may be. You are in control of your data because you host it yourself and it never syncs with our servers.

You can try setting up a TeamDrive Personal Server at your house, it's fairly simple and straight forward, just to test. When you setup the server you can go into the server's folder and see how everything looks while it rests on the server and you can of course try to open it. You'll just see encrypted blobs of data.

The information in the article is pretty much what's on our website but it compares our product to another provider.