[bigiain]

Assume "the cloud" is always untrustworthy, and act accordingly.

Sync encrypted filesystems to the cloud. EncFS has some known issues, but for a lot of my stuff, where it's "write once read many times" it still seems to be OK from an encryption point of view - though it inevitably leaks file size information. On the other hand, it does play very nicely with Dropbox/GoogleDrive/BTSync - although for the sufficiently paranoid you need to consider the risk of the Dropbox/GoogleDive/BTSync binary running on your device having access to the unencrypted local partition... Using rsync or some open source sync tool might mitigate that somewhat (but I suspect if you've got data which you suspect an attacker might subvert Google or Dropbox to get access to, you _really_ shouldn't be trying to work out how to protect that data on someone else's storage - buy your own hard drives and deal with multiple copies and geographically separate duplicates yourself)

(because remember, there is no "cloud" there is only "other people's computers")