[OpenAFS] Linux OpenAFS & EncFS?
Troy Benjegerdes
hozer@hozed.org
Thu, 20 Feb 2014 13:14:44 -0600
On Mon, Feb 17, 2014 at 04:07:08PM -0800, Russ Allbery wrote:
> Jeffrey Hutzelman <jhutz@cmu.edu> writes:
> > On Mon, 2014-02-17 at 13:11 -0600, Troy Benjegerdes wrote:
>
> >> So $10k for design, and $100k for implementation sufficient to protect
> >> a small business's data worth between $250k, and $1M.
>
> > No, that's not what Jeff said. What he said was that doing the design
> > and analysis work required to come up with an estimate could cost $10k.
> > I happen to think that's a bit high, but then, I'm not volunteering to
> > do it.
>
> Generating these sorts of numbers are all about what assumptions you want
> to make, but if you assume 50% overhead from whatever organization has to
> do the work to write the contract, deal with all the legal issues, route
> the money to people, maintain office space or benefits or whatnot, and so
> forth, and then figure you want three people thinking hard about this and
> those people make around $75 an hour, $10K pays for about 20 hours for
> each of those three people.
>
> That's not out of the realm of possibility. We've collectively spent far
> more than that on the rxgk specification, although I suspect much of that
> time was uncompensated or written off as some variety of overhead by a lot
> of different institutions.
I remember hearing lots of arguments that getting rid of DES keys would take
tens or hundreds of thousands of dollars, and that 'developers need to eat'
etc etc.
Then one day an exploit was announced, and all of a sudden we got
http://www.openafs.org/pages/security/how-to-rekey.txt
I need to eat too, but I'd rather focus on marketing and identifying who
exactly the customer base is that's going to pay for AFS file encryption, and
IPv6, and disconnected operation, and give them a free teaser of working
code than whining about how it's how hard to get the current customers to
buy stuff.
Who's the new customer base? How do we educate all the new bitcoin-based
businesses on the benefits of AFS for running a production grade distributed
filesystem to support cryptocurrency trading? These guys literally make money
and if you can take payment in the money they make, you can cut half the
overhead costs out.
----------------------------------------------------------------------------
Troy Benjegerdes 'da hozer' hozer@hozed.org
7 elements earth::water::air::fire::mind::spirit::soul grid.coop
Never pick a fight with someone who buys ink by the barrel,
nor try buy a hacker who makes money by the megahash