wiki:FAQ

Version 11 (modified by secorp, at 2010-02-11T01:24:23Z) (diff)

adding question/answer about skipping the encryption phase

Q: What is special about Tahoe-LAFS? Why should anyone care about it instead of other distributed storage systems?

A: Tahoe-LAFS is the first Free Software/Open? Source storage technology which offers provider-independent security. Provider-independent security means that the integrity and confidentiality of your files is guaranteed by mathematics computed on the client side, and is independent of the servers, which may be owned and operated by someone else. To learn more, read our one-page explanation.

Q: Oh, so I should be interested in Tahoe-LAFS only if I'm working on some sort of high-security project?

A: No, no! Unlike most systems Tahoe-LAFS doesn't require you to manage an added layer of hassle in order to gain security. Instead the security properties are baked into the system in such a way that you usually don't even notice that they are there. Even if you don't care about protecting your files from someone spying on them or corrupting them, you might still like to use Tahoe-LAFS because it is an extremely robust and efficient "cloud storage" system in which your files are erasure-coded and distributed across separate servers.

Q: "Erasure-coding"? What's that?

A: You know how with RAID-5 you can lose any one drive and still recover? And there is also something called RAID-6 where you can lose any two drives and still recover. Erasure coding is the generalization of this pattern: you get to configure it for how many drives you could lose and still recover. Tahoe-LAFS is typically configured to upload each file to 10 different drives, where you can lose any 7 of them and still recover the entire file. This gives radically better reliability than typical RAID setups, at a cost of only 3.3 times the storage space that a single copy takes.

Q: Is there a way to disable the encryption phase and just use the encoding on the actual content? Won't that save a lot of CPU cycles?

A: There isn't currently a way to disable or skip the encryption phase, but if you watch the status page on your local tahoe-lafs node for uploads, you'll see that the encryption time is orders (yes, plural) of magnitude smaller than the upload time, so there isn't much performance to be gained by skipping the encryption. We prefer 'secure by default', so without a compelling reason to allow insecure operation, our plan is to leave encryption turned on all the time.

Q: Where should I look for current documentation about Tahoe's protocols?

A: http://allmydata.org/source/tahoe/trunk/docs/architecture.txt

Q: Does Tahoe-LAFS work on embedded devices such as a PogoPlug or an OpenWRT router?

A: Probably! François Deppierraz contributes a buildbot which shows that Tahoe-LAFS builds and all the unit tests pass on his QNAP TS-109 NAS box running under Debian Lenny. There seems to be a lot of interest in this sort of deployment -- someone joins the mailing list and asks about this approximately every month (see the archives). Zandr Milewski reported that it took him only an hour to build, install, and test Tahoe-LAFS on a PogoPlug.

Q: Does Tahoe-LAFS work on Windows?

A: Yes. There are two ways to do it: either (a) Get the installer from allmydata.com. This installer installs Tahoe-LAFS, a Windows virtual drive backed by Tahoe-LAFS, and a backup client that runs on Windows. It is configured to use the allmydata.com production grid. Allmydata.com charges a monthly fee for the use of their grid (see http://allmydata.com for details), or you can edit the configuration file to point it to a different grid. or else (b) Follow these instructions to build on Windows: InstallOnWindows?.