How to prevent/monitor/detect data theft via .sia files?
-
Theft of large data sets is becoming a major headache for a lot of companies that deal with personal data. There seems to be a new case of XX million social security records / card numbers / AshleyMadison accounts etc stolen every month or so.
Data theft may be detected and tracked simply by analyzing network traffic. The relatively unprotected status of the content in the
/renterdirectory, however, enables a hacker to get away with a lot of data with a very small footprint, as gigabytes of data are now represented by tiny .sia files. Furthermore, Sia users are not able to monitor or analyze distribution of their own data as this occurs on the Sia network. It will be harder to prosecute which will increase the incentive for hackers to target Sia users.I'm thinking this could perhaps be a deal-breaker for any company with sensitive data. If I'm right here, some options to fix this could be:
- disable 'sharing' per file so that only the owner wallet can download (perhaps even as a default?)
- enable some statistics of file downloads
-
We could encrypt and password-protect the siafile directory.
Definitely some form of detection for theft/access of the siafiles would be nice, though I'm not sure it's possible. Any sort of state we add to track that kind of thing could be reverted by the attacker.
I'm glad you brought this up, it hasn't really been on our radar yet. Detection might be difficult, but we can at least make it difficult to steal the files even if you have access to the machine. We'll have to think about it more, but it's not anything we can implement in the next 2 months.
Maybe in 3-5 months though, I think this is a pretty high-priority item. I'd hate to see Sia data get stolen.
