[Tfug] Thumb drive sizes

unixmito at SDF.ORG unixmito at SDF.ORG
Thu Oct 25 06:15:29 MST 2012


Now that I know that sneaker-net is an intentional choice (Sometimes My
live connection goes down and it's consequential) I still believe that
differential/incremental snapshots of what ever *needs* to be reflected on
both machines is one of the better ways to tier the data between the two
machines.

I have a similar set up where each file on the "sneaker-net" drive has
it's MD5/SHA-128 is taken and placed into a small SQLite database located
on a seperate partition on the drive and then it's modified time is placed
into the same database. Then the file is encrypted with GPG and the
signature is verified on either ends, depending if the file is originating
from computer A to computer B, C, D, or E in what ever necessary
permutation is required.

The entire transaction is then recorded internally in the database. After
everything is said and done, any physical transfer doesn't expose any of
the files or even it's Metadata (found in the SQLite DB) to unauthorized
eyes should the thumb drive fall victim to theft or happenstance.



> Hi,
>
> On 10/24/2012 9:57 PM, unixmito at SDF.ORG wrote:
>> How about syncing the files by using rsync, or other similar archiving
>> tools.
>
> The point of the SneakerNet is to ensure there is never a live
> connection between the "two" machines at the ends of the exchange.
> I.e., so exactly and *only* the bytes being "hand carried" between
> the machines are allowed to migrate thusly.
>
>> Differential backs ups can keep the clutter down. If it is simply
>> sneaker-net, most archiving tools know how to do incremental and
>> differential backups. I find it that it is also a matter of discipline,
>> also.
>
> It's not a matter of backups.  It's a "safe" protocol for limiting
> the contact machines can have with each other.
>
> E.g., if I compose a report/correspondence on Machine A and transfer
> that by some "live" connection to Machine B (or, "The Internet"),
> then that other machine (or, "The Internet") potentially has access
> to Machine A during the transfer.
>
> If, OTOH, I copy the report/correspondence onto some physical
> medium (e.g., flash drive) and then carry that medium to the
> destination machine, there is nothing the destination machine
> can do to the originating machine.  The quality/security of the
> destination machine can not compromise the originating machine.
>
> I.e., the *only* data leaving the originating machine is the
> data that I physically transfer.  And, nothing can creep *onto*
> the originating machine *in* that transfer process.
>
> (When it comes to "work" and "personal" data, I don't rely on
> firewalls, antivirus software, The Latest Updates, etc.  Instead,
> I just don't let machines talk to each other without *me* acting
> as the physical intermediary, censoring each transaction).
>
> --don
>
> _______________________________________________
> Tucson Free Unix Group - tfug at tfug.org
> Subscription Options:
> http://www.tfug.org/mailman/listinfo/tfug_tfug.org
>






More information about the tfug mailing list