Hi.

I hope it's only half off-topic: I am about to move more of my stuff over to Dropbox because sharing databases and manuscripts via USB sticks and keeping things up-to-date is getting more and more cumbersome.
So: What do you use to encrypt your content in the Cloud? I use mainly Dropbox across Windows, iOS and Mac OS X.

Or do you use a "private cloud"? If so: Which software?

Thanks, Franz

Dropbox hasn't got a very good rep for encryption. For business purposes, we use Soonr.com. For personal purposes, I tend to use OneDrive and (yes, you may laugh) iCloud (which will shortly become a more Dropbox-like service, with a proper Windows client). Google Drive I no longer trust, unfortunately. There are other options, however: Box has just strengthened their encryption and security.

Dropbox itself does not encrypt the content of the folders.
I was asking about services such as Boxcryptor (btw a German company, I could even visit them, they`re about 1 hour away) or Cloudfogger or Truecrypt in combination with DB (though that does not work on my iPad).

Thanks, Franz

LOL
I could also visit the Cloudfogger team - they're 2 hours away.

Funny, the 2 encryption solutions for Dropbox were developed by German companies.

I have used Boxcryptor for almost 2 years and I recommend it highly.

Boxcryptor is very secure because it does all encryption on the client -- your passphrase is never transmitted over the network. Of course, this means that if you forget your passphrase you lose all of your data. So don't do that :)
I also love bc because it has an ipad client. So all of my work documents are available seamlessly on my ipad and my laptop.
Finally, I have never had sync issues or server access problems like I seem to have with all other cloud clients I've tried, and I've tried a lot, most recently sugarsync and onedrive, both of which had constant, nasty sync and access issues.

One thing I forgot - boxcryptor released a new version (2.0) sometime in the past year. I can't recall why, but when I researched it I decided not to upgrade - so there might be something better about the old v1.5 boxcryptor that I'm still using.

Sorry one more thing about bc: you can use dropbox versioning with boxcryptor. So if I want to roll back a change to a file, I can go to dropbox and restore an earlier version (I think it keeps 5 versions) and boxcryptor will simply decrypt the restored version with no problem. I was very surprised to find this works.

Thanks Dan, sounds promising. Just what I wanted to hear :-D

Boxcryptor does look very cool. We've never had any issues with Soonr.com, mind you, which also does 256-bit encryption (of everything), secure file access over web URLs, full-text searches and has clients for most platforms. But it doesn't do the Cloud aggregation thing.

Boxcryptor is German, too, which is a definite advantage in terms of serious attitude to privacy. Although Soonr does have European servers (originally a Danish or Norwegian product, I think?).

Soonr is very business-focused, however, which makes it a lot more expensive (starts at ca. 10 EUR a month for one user). On the other hand, Boxcryptor isn't actually providing any storage, just the encryption, so you're limited to whatever your storage is in Dropbox, Box, OneDrive or whatever. For your 10 EUR a month, you're getting one whole terabyte from Soonr. Which is a lot of storage. Oh, and there's a 10% discount if you pay for a year up front. And you can brand your Soonr website, too, which is quite cool.

For more info on Soonr, see https://eu.soonr.com/2/forms/new/account/payment2/signup.jsp?XGVNWW_1a=OYRM-KWP8-RRKC-RW1S-NMLO&fromSignup=true&gotoTrial=false&planId=&couponCode=&action=SIGNUP

For an example of a branded Soonr website, see https://eu.soonr.com/2/filelink/rnvy-njydeq-wdvozxkq (no password required)

(More info: I've posted up the 'Designing a Personal Knowledgebase' web page in PDF format, just as an example of a 'public link' in Soonr. You'll see that it's displayed as a sequence of pages, and can be opened directly in the browser as well as downloaded. That applies to any document stored in Soonr, including e.g. MS Office docs - Soonr has its own built-in viewers).

Just to make clear: I have no affiliation with Soonr whatsoever, but we've been using it for several years now and have no complaints whatsoever.

I'll give Boxcryptor a try. It allows me to encrypt files and folders selectively - not all files need to be secured.
I'll keep you informed.

Franz

MadaboutDana wrote:

For your 10 EUR a month, you're getting one whole terabyte from Soonr.
Which is a lot of storage.

Indeed; by the way, this is what you get now from Dropbox too
https://www.dropbox.com/pro?oqa=pro_announce_hp

I was sure that they would drop their price per Gbyte after Google Drive announced its new prices earlier this year; interestingly, instead of actually dropping the subscription price, they increased the space.

Re encryption, I have personally relied on Nomadesk (Belgian) and Wuala (Swiss) for sensitive info, but Boxcryptor sounds like a convenient solution because one can limit the number of clients running in their PC.

On the one hand, impressed by the expansion of Dropbox services.

On the other, would point out that they are still ineluctably US-based.

And they have Hilary Clinton as a director (just saying!).

In short, you would have to pry my credit card from my cold, dead hand before you could persuade me to give Dropbox my money... ;-)

MadaboutDana wrote:

On the one hand, impressed by the expansion of Dropbox services.
On the other, would point out that they are still ineluctably US-based.
And they have Hilary Clinton as a director (just saying!).
In short, you would have to pry my credit card from my cold, dead hand
before you could persuade me to give Dropbox my money... ;-)

So, what machines and software do you use? Apple = US company, Devontechnologies = half German, half US-American, Omni = US-American, Microsoft, Google, Facebook, ...

Hm. BTW, I never paid a cent to Dropbox, I have 18.5 GByte for free. But I wouldn't mind paying them. The offer a decent service.

I thought it was Condoleezza Rice?

You're right, it is Condoleezzzza.

And yes, Franz, I'm overstating it shamefully, entirely for comedic effect. But the decision of the US courts to insist that Microsoft should hand over data held in Ireland has, I think, thrown a shadow over 100% US-owned services. What bothers me even more about that is the failure by the Irish government to make any kind of statement along the lines of 'hold on, that would be illegal under Irish law'. No, they're too dependent on American goodwill to dare to do that.

I would love to see a European computer maker come out with a convincing hardware and software platform. So far, no dice. But as far as the Cloud is concerned, we do still have options - in fact, we have some very good ones. Hence my (frivolous) remark.

Cheers,
Bill

So: I am using Boxcryptor to encrypt a few folders in my Dropbox. Everything works smoothly so far (though I cannot say how save it really is, though AES has a good reputation).
I however recommend to read/view the tutorial thoroughly before installing. I didn't. And sat there cursing because things didn't work as I had expected - finally realising that everything was fine. I had just missed one point (described in the online help). Shame on me.

Hi Franz

I have used Owncloud and Seafile, two self-hosted Dropbox alternatives. In the end, I found Seafile more robust and since I was mostly interested in file syncing and not so much calendars etc, I kept using the latter. The project originated in China, but it is open-source and has a large international group of developers and users.
It runs on a Mac mini but there are also ready-made solutions to host it on a Raspberry Pi.

In looking back, I never had such a trouble-free solution for keeping files in sync. If the 500GB of storage space will ever be limiting, I can increase it further for the price of a new hard drive. Once I got it running, I have only looked at it if I wanted to.

Best regards
P


Franz Grieser wrote:

Hi.

I hope it's only half off-topic: I am about to move more of my stuff
over to Dropbox because sharing databases and manuscripts via USB sticks
and keeping things up-to-date is getting more and more cumbersome.
So: What do you use to encrypt your content in the Cloud? I use mainly
Dropbox across Windows, iOS and Mac OS X.

Or do you use a "private cloud"? If so: Which software?

Thanks, Franz

Thanks, Prion.
Ownclowd is still on my list "give it a try when you have more time". For now, I will stick with Dropbox as it is supported by all OSses and apps I use.

Prion wrote:

In the end, I found Seafile more robust and since I was mostly
interested in file syncing and not so much calendars etc, I kept using
the latter. The project originated in China, but it is open-source and
has a large international group of developers and users.
It runs on a Mac mini but there are also ready-made solutions to host it
on a Raspberry Pi.

Thanks for the heads up on Seafile. I have this 'vision' of a micro power mobile office run by a photovoltaic panel, and a Raspberry Pi file server fits brilliantly in the picture :-)

I see that the server software is available for Linux and Windows; how did you make it run on a Mac Mini?
http://seafile.com/en/download/

Both Seafile and Owncloud run smoothly in a virtualized Linux environment. I tested two Linux distros, Ubuntu and Mint, in combination with Virtualbox. It takes a little time to set up everything but smooth sailing since then in my case.
I am looking forward to setting up a similar system using Raspberry Pi for someone else, which promises to be even simpler.
Prion

Also worth mentioning is the very good and increasingly speedy BitTorrent Sync. This isn't very well known, but effectively gives you your own private Dropbox-like service between multiple machines. It's cross-platform, and also has mobile clients. It uses direct peer-to-peer transmission methods, and includes built-in encryption. And it's completely free.

Despite the name 'BitTorrent', it isn't a file sharing service as such (although it can be used as one). It's a very quick, very simple synchronisation utility. It's worth reading the technical specs at http://getsync.com/tech-specs

Cheers,
Bill

Actually, it's worth reading the latest blog update on BitTorrent Sync - the latest version has added some very powerful features, and is compatible with an increasingly wide range of NAS devices. It's becoming a very viable private alternative to Dropbox and other Cloud-based services.

Blog entry at: http://blog.bittorrent.com/2014/08/26/introducing-bittorrent-sync-1-4-an-easier-way-to-share-large-files/

Sorry, thinking a little sporadically - apologies for multiple entries.

I should mention that I use BT Sync to share data between my various devices (four at the last count); I've watched it progressively improve over the last 12 months or so to become a very fast, very convenient solution, which runs entirely independently of third-party servers - that's the key point. It's totally private (although there is an option to use a 'tracker' server to streamline P2P discovery; peer to peer is what it's all about).

The latest version has made it much easier to share my data with other people. I haven't used it much yet, but will be testing it out in the near future.

It should be noted that BitTorrent Sync refuses to document their encryption protocol despite numerous requests from security researchers. This is a red flag. Closed source encryption, post-Snowden, has become untenable. Beyond the question of competent implementation, unsubstantiated claims of privacy can even function as a honeypot -- case in point Skype.

An open alternative to BitTorrent Sync, suggested by security guru Steve Gibson, is synchthing at www.syncthing.net

Thanks for that tip – interesting point. Foolishly, I hadn't realised BitTorrent Sync was so closed. I shall do a little more research (syncthing looks pretty cool but still rather underdeveloped).