Hacker News new | ask | show | jobs
by Pyramids 4751 days ago
If you're concerned about your personal data, and not so much about targeted attacks against you, I'd say stay with Dropbox and just use EncFS.

You can do this on Linux (and presumably OS X, as well) fairly easily.

On Windows, there is a single-developer port of EncFS, which from what I've heard works fairly well: http://members.ferrara.linux.it/freddy77/encfs.html

A quick search turns up a guide which (at first glance) seems fairly comprehensive on how to set this up if you're unfamiliar with the way EncFS works: http://www.howtogeek.com/121737/how-to-encrypt-cloud-storage...

With that said, if you're worried about any highly confidential data, potential for watermarking attacks or plausible deniability, this is not the right solution for you.

If you're looking for a way to protect your data from dragnet surveillance, your provider, or low-level law enforcement interception, this is a great drop-in solution.
3 comments
okamiueru 4750 days ago
Playing the devils advocate here. What would stop the dropbox service from being able to collect the private keys on the user's computer?
link
Pyramids 4750 days ago
Nothing. That's a risk you take when using any proprietary software, however.

I'd say the real world risk of this is (fairly) low, however if you're legitimately worried about it, you can use EncFS over a network share or FUSE file system, to your own systems. In which case you'd be using entirely open source software.

If you're that worried about security though, you'd probably be better off using a container based encryption method, anyway, as it wouldn't leak timestamps, file sizes and other data which could be sensitive. EncFS has some known issues with metadata leaking, but it's a decent solution for most general use cases.

link
kyle_t 4751 days ago
Thumbs up to this. Been using the EncFS windows port for roughly a year with Google Drive with no issues. I was previously using TrueCrypt but the lack of differential sync was a killer on my TrueCrypt containers.
link
phxql 4751 days ago
For Windows users: BoyCryptor 1.x is fully compatible with EncFS and features a GUI.
link
nodata 4751 days ago
BoxCryptor is most definitely not fully compatible with EncFS - it doesn't even support the default filename encoding option that encfs uses.
link
phxql 4751 days ago
Some older version supports that. Maybe they changed their license model, but it definitely had support for that in the past.
link
nodata 4750 days ago
Yes, it was supported back when they used encfs, but now they've switched to their own internal rewrite which broke compatibility.
link
phxql 4750 days ago
Ah, didn't know that. Thanks for the information!
link