Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

FWIW: tarsnap is also rsync for cloud storage and Colin (guy who founded and runs tarsnap) also has won a putnam award for his work in mathematics and crypto.

http://www.tarsnap.com/



>> Colin (guy who founded and runs tarsnap) also has won a putnam award for his work in mathematics and crypto.

Colin won the Putnam as an undergraduate student. The Putnam award is not a mathematics research award like the Fields Medal or the Abel Prize. It's a mathematics competition. As such, Colin didn't win the award for any particular work.

It's still quite impressive though. I would say Colin's work developing scrypt has more applicability to cryptography than his Putnam award.


Sorry you're entirely right. I just can't get over how unbelievably amazing this is: https://news.ycombinator.com/item?id=35079

One of the best comebacks in HN history.


Thanks for the reference. Interesting to see Drew Houston popping in because he was just starting getdropbox.com


...and SNAP! pg was dead right. Didn't read that thread at the time. Thank you.


Oh man, I remember that thread when it happened. That was something else.

A glorious exchange.


I don't think they're comparable. Rclone is rsync for a variety of cloud storages while tarsnap is rsync for the tarsnap service.

That's like saying the Google Drive client or the Dropbox client are "rsync for cloud storage" just because they incrementally add changes to a cloud service.


I thought tarsnap is completely different in that it is in a way its own cloud storage that uses S3 as the backend?

As in it encrypts your files, dedups and puts them on S3?


Wouldn't you have to de-dupe prior to encryption? Sorry if I'm being pedantic. I would just not expect anything to deduplicate once it's encrypted.


Why not? Encrypting two identical files with the same key gives you two identical encrypted files.


>two identical encrypted files.

Good practice for file encryption is to pad some random bytes to the start of a file. This makes known cyphertext attacks much harder.

So encrypting identical files should result in different files and also slightly different length files.


How about if a single byte changes? Now the encrypted output looks 100% unique, and you have to treat it as an entirely new file. You lose the ability to do diffs on a file by file basis or proper deduplication across all files.


That's defeating the purpose of encrypting them.

If you don't CBC, wherever is on the cloud side will have two files with one block off. Let's assume the file is a txt file. For smaller cipher block sizes, it is becoming very easy to guess your encryption key.

Tldr, you want any attacker to lose any diff ability on your encrypted data.


That depends on how you're storing the files. I was really just trying to highlight that for deduplication across files you need to deduplicate before you encrypt.


Guess the encryption key? That shouldn't be possible, even if you use something as terrible as ECB.


+1 Been using tarsnap for over a year now and couldn't be happier.


Unfortunately, tarsnap is not free software. :/


Free as in beer or freedom?

FWIW, the client is open source: https://github.com/Tarsnap/tarsnap


It's visible-source, not open source. https://github.com/Tarsnap/tarsnap/blob/master/COPYING


It is not free as in freedom, and it's not even "open source". The license does not allow modification, nor use outside using it for tarsnap's backup service.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: