I don't know what you mean by "erasure-coded". I am only talking about storing something the size of a private key - say, 2K - on three other laptops. Your own private key would be 2K and you would, on average, have 3 other keys - a grand total of 8K average. Not going to break the back of even the most limited modern storage.<br>
<br>But considering the complexity of implementing key-part-management (mostly on the restore side of the equation), I think that brute-forceable password encryption of the backed-up private key is the better idea. The automated brute-forcing script should be written for the XO, not for the server (although of course porting it would be easy). When creating your password, it should even give you a pregenerated default random password. <br>
<br>If you just broke your XO and forgot (or never wrote down) your password, a few more hours of cracking once you get your new XO is a minor nuisance. And yet this simple step would cut down privacy invasions by orders of magnitude, IMO.<br>
<br><div class="gmail_quote">On Tue, Feb 19, 2008 at 2:36 PM, Ivan Krstiæ <<a href="mailto:krstic@solarsail.hcs.harvard.edu">krstic@solarsail.hcs.harvard.edu</a>> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div class="Ih2E3d">On Feb 19, 2008, at 3:32 PM, Jameson Chema Quinn wrote:<br>
> That's a separate issue - at the simplest, you just store the<br>
> encryption key on the first backup and only manually thereafter; a<br>
> more complicated scheme, for implementing later, would break it into<br>
> 5 parts of which any 3 would suffice, and store the same 2 parts on<br>
> all the backups<br>
<br>
</div>Collaborative erasure-coded backups are not a good idea for devices<br>
with very limited storage, except in special cases.<br>
<font color="#888888"><br>
--<br>
Ivan Krstiæ <<a href="mailto:krstic@solarsail.hcs.harvard.edu">krstic@solarsail.hcs.harvard.edu</a>> | <a href="http://radian.org" target="_blank">http://radian.org</a><br>
</font><div><div></div><div class="Wj3C7c"><br>
_______________________________________________<br>
Sugar mailing list<br>
<a href="mailto:Sugar@lists.laptop.org">Sugar@lists.laptop.org</a><br>
<a href="http://lists.laptop.org/listinfo/sugar" target="_blank">http://lists.laptop.org/listinfo/sugar</a><br>
</div></div></blockquote></div><br>