cloud based software and true cyber security
< Next Topic | Back to topic list | Previous Topic >
Posted by Tiggerlou
May 23, 2022 at 03:37 PM
Who would you trust in terms of saving sensitive personal documents?
I’ve got Dynalist (preferred because it’s a true outliner), Evernote, Word, and OneNote. Everybody says they are serious about protecting the security of private data. But who do you really trust in this list?
Would you trust Dynalist?
I also have some documents in LibreOffice. They’re saved to my computer, so nobody can see those documents but me. Those files are backed up in the cloud, but they’re not accessible on mobile devices.
Looking forward to the sage advice from this forum. Always grateful for that!
Posted by Amontillado
May 23, 2022 at 06:47 PM
It kills my creativity to think someone might read my half-baked ideas. My “cloud” is an encrypted thumb drive, Devonthink’s synchronize to a local data store, and Chronosync for everything outside of DT.
That’s not a good philosophy for making use of a tablet. I prefer a laptop, so it’s not an additional burden to stay off of cloud services.
Posted by tberni
May 23, 2022 at 07:35 PM
I am also very interested in the opinions of fellow forum members who know about this subject.
Posted by satis
May 23, 2022 at 10:12 PM
If data is truly sensitive but you want it accesible and syncable in the cloud you should probably *only* choose apps whose data is end-to-end encrypted so no intermediary candecrypt it. There are very few such apps because of the complexity and cost (as well as lack of demand). Day One lets you select journals to be e2ee, and there are a few notes apps like Joplin and Standard Notes that offere2ee, but they cost $35-$60/yr to be used with their cloud services. 1Password also offers syncable Secure Notes, which can be in text or Markdown, as part of the app’s subscription price. (I think they offer a limit of 1Gb storage.)
You can encrypt individual Apple Notes as well and they are e2ee. Pricing is whatever your iClould storage tier is (free and up).
For all other apps data can be accessible under court order (or possible malicious internal employees) using keys held by cloud stoage companies. If you merely encrypt files locally then upload them to the cloud, any cloud storage service will offer identical security since they cannot decrypt your files. But this is de facto backup since you cannot utilize those files without downloading and also means you need to constantly re-update locally, re-encrypt, then re-upload to save that copy to the cloud.
PrivacyGuide has a good list of secure clould services, while also describing their limitations in security and usability: https://www.privacyguides.org/cloud/
If you’re asking about the difference between iCloud, Box, Dropbox, Google and OneDrive, I’d say they’re roughly equal. Your data is safe from others but not from subpoenas or malicious employees (though internal security procedures would likely catch those individuals). Personal files, non-legal work product, etc may be sensitive but not crucially so, and I have no problem throwing it into Dropbox or iCloud or Google One or Microsoft OneDrive.
I personally use locked 1Password and Apple Notes for my most secure personal data (drivers license, copies of passport, insurance, health, financial data) that I want synced to my phone, and I have e2ee journals in Day One for daily journal writing. Really sensitive data that doesn’t need to be synced stays locally on my computer, where it is automatically encrypted by macOS.
Posted by Pierre Paul Landry
May 24, 2022 at 12:00 AM
satis wrote:
>> (...) and there are a few notes apps like Joplin and Standard Notes that offere2ee, but they cost $35-$60/yr to be used with their cloud services (...)
AFAIK, Standard Notes’ free plan has E2E encryption. This is what I use for my most sensitive information that I want accessible across all devices
For the rest, it goes in InfoQube (Dropbox synced) with a sub-set synced to Evernote (so it is available on mobile devices)
An always-on PC + TeamViewer has also been used in the past (on trips) to have full access to my PC while on the road
Pierre Paul Landry