Ubuntu One needs cloud encryption like LastPass does it

Martin Albisetti beuno at ubuntu.com
Thu Mar 22 19:32:09 UTC 2012

On Thu, Mar 22, 2012 at 3:41 PM, Jason Todd <jtodd929 at hotmail.com> wrote:
> I wanted to leave a note expressing my hopes that if Ubuntu One ever gets
> encryption capabilities, that the encryption be implemented in the same way
> that LASTPASS does it (http://lastpass.com). Which is that the data is all
> encrypted on the user's machine before it goes into the cloud, and the user
> is the only who has the key to decrypt the data. This kind of encryption
> setup would be safe & secure and would lead me to trust the Ubuntu One cloud
> services.

...but then you wouldn't be able to interact with your data beyond
your own computers.
Ubuntu One's focus is to make it more convenient, access your files
from anywhere (including the website), stream your own music, share
your files, and well, more to come in that direction.
You can either have "very secure" or "convenient", and there's
services catering to both. We believe that if you really want to keep
your data safe, than you can encrypt it yourself, so it'll get
uploaded encrypted (at the expense of it being inconvenient to decrypt
to use it). DejaDup does this for you by default in Ubuntu, and backs
up, safely and securely to Ubuntu One.
As for the general consumer, they are attracted towards cloud services
for the convenience (this is not an opinion, this is research).
Both things are real uses cases, but in many cases mutually exclusive.


More information about the Ubuntu-devel-discuss mailing list