A necessary evil?

Perhaps I am a purist, perhaps I am mad. But everytime Groove extends the boundaries of Groove outside the core product out to the "real world" something inside me says "hold up". I had this feeling when Groove's integration points with Microsoft Office were announced, And when that extended to Email with Outlook - again shivers went down my spine. This is not an anti-MS thing - it is purely about the purety of the product. It is a matter of people are so used to doing things in Word - they just do it, regardless of whether it is the right thing.

And so we come to GFS - Groove File (or is it Folder) Sharing. My beef about this starts with the question "is data inside Groove secure?". Groove's claim here is that Groove data is secure both "on disk" and "across the wire".

Clearly when using normal Groove Files tool both statements are true. However when using GFS only the latter is possible. Your files are just stored on disk in native format. So unless you take extra precautions outside Groove and encrypt your disk - then GFS files are wide open.

And bear in mind that Groove is a sharing tool. So it is not only important to understand your own attitude to security - it is also important to ensure that ANYONE you share GFS data with has to uphold your standards, at least. This means you have to be confident that others are encrypting their disks.

So currently GFS runs a whopping big coach and horses through Groove's security model and any novice using GFS might think, "hey, this is ok." And of course it isn't.

My second point is that there is a performance hit. This is because all GFS data to be shared must be both encrypted and decrypted on each transfer - that is at each endpoint. This must, by definition, be a very inefficient process - to encrypt at one end - and decrypt at the other. This process must happen for each and every file between each pair of endpoints. So if you share a GFS with 5 people and they are all dropping files in then the encrypt/decrypt process is happening 5 times on each computer.

Any file stored in the files tool encrypts when initially stored, and only decrypted when read, not when transferred.

posted by Andy Swarbrick/PopG at 8:52