[drivingmenuts]

So, the Magpie creator no longer trusts cloud providers, yet the software stores data on github. You know that record scratch sound? I think I just heard that.

Yes, I know one could configure one's own github repo and make it accessible, etc. I know that cloud storage is about as reliable as that shaky cousin who's always borrowing "a few bucks for beer, man."

It seems like everyone is attacking the wrong problem. The problem is not the client, that's just a UI/UX issue that's never going to be resolved because, hey, I hate what you like and vice-versa.

Can someone please create a more reliable back-end so we can stop saying things like "I hate cloud providers"? I hate them, too, but I'm not going to redesign the part where the problem ain't.

[charlesthomas]

Magpie source is hosted on Github, because it's open source - it's public. There is no requirement that the git repo you use to store your data be on Github. The git repo for Magpie and the git repo for the data you access through Magpie are not intended to be the same.

[ChuckMcM]

I think you missed the part where Magpie can put its repo anywhere, (even on your local machine). But to your point about 'fixing the problem', that problem is already addressed, but not packaged particularly well.

There are already enough 'cloud' providers to provide the necessary diversity, and there is already enough crypto to provide the necessary security. What there isn't is an adapter layer that puts those two together in a way that lets folks like the Author build their favorite UI on top of it.

One such architecture might be a git server on a machine at one's home, which uses fuse to create a replicated secure backend across S3, some VPS, Dropbox, and what ever. Giving the git server on the machine a 'file system view' while creating a replicated and encrypted block back end using a variety of cloud providers.

You could do that with a VPS in the cloud as well, but it has some exposure to infrastructure seizure or damage. By hosting it at 'home' you trade some slightly stronger legal protections for the limitations of your home internet connection.

[wtetzner]

It's backed by a git repo. I didn't read anywhere on there that it stores the repo on github.

[deeteecee]

just a small question here but essentially it would only a local repo? i don't know too much about git but if you don't store it on the cloud, how would you transfer it from computer A to B? (using a repo and not copying folders over)

[sosborn]

You can host the repo on any accessible server. Github is an option, but so it a VPS under your control and not open to the public.

[orthecreedence]

The problem is the client. With a client that does proper encryption, you could store your data on one of the huge TV screens in Times Square and have complete privacy.

A server should just be a dumb, transparent container. Whether it's Github or some custom-made "super secure" server doesn't matter. The real magic happens in the client.

[aikah]

the problem is where should the client store encryption keys?if one has multiple client on multiple devices,how one does manage all of them?(that's just a question,thanks).

[orthecreedence]

A key generated from a username/passphrase will work fine. Generally you'd use a key derivation function (eg PBKDF2) which turns your auth information into a 32-byte (256 bit) cryptographic "master key." Assuming you can remember your passphrase, then you can easily re-generate your key when you "log in" from any machine.