Let's start off by saying I like Dropbox. It's awesome. While I have moral issues with dropbox sharing my data with the NSA, I don't have a large issue with the NSA actually getting my data because I've done nothing majorly wrong, and the files on dropbox won't incriminate me.

However there are some documents that I'd like to keep backups of, usually financial data, and keep them securely on the cloud.

I already keep my passwords stores on dropbox because it's damn convenient, but I keep them encrypted via keepass. I'd like to do the same with actual files, but I'm not sure the best method to do this so as to prevent even dropbox from reading my files.

I also use Copy and Tencent Weiyun for backup of other data, so I'm flexible with other hosts. I haven't tried using mega at all because I don't like the interface, but maybe mega is the best option since it's had a history of breaking the law and actually encrypts files what seems like properly?

Personally,I use copy(.com), mainly because you can get much more space than on dropbox. I got 45GB ATM. No idea how secure it is though.

For security you could upload your important stuff in a password protected zip file.128 char long password is way be too hard to crack even for NSA in any reasonable time frame.

I just now had an idea. You could try using an encrypted drive stored on your cloud service. I imagine it would be a nasty business to constantly sync such a drive any larger than a few hundred megabytes, as well as issues with syncing a drive that is mounted... So I imagine this is too problematic.

I've read that MEGA doesn't have particularly tight security given problems with how they decided to implement the overall security, although I would reckon that they wouldn't want anything to do with the NSA.

Well I think I'll do the zip file for my financial documents (they're not that big and I can add files to zip easily) but yeah using an encrypted drive seems difficult. I prefer dropbox to copy simply because you can actually run websites off of it and direct link files. Copy and Tencent don't allow this. I don't have an issue with space as Tencent Weiyun gives me 10 TB. It's got an auto upload image feature, a sync client up to 4 GiB (files larger can be manually uploaded via a chrome extension) so I have all of my ISO images going up there just in case my HDD dies. Thinking of putting my movie collection up there too but that's a later date.

7zip has a nifty encryption feature.

Since we're talking about financial data here it's always good to have it in triplicate, and to have one of those locations off site. Honestly nothing wrong with a little sneaker net if you can manage it, get a safe deposit box at a bank and keep a flash drive in there.

If it's connected to the internet (or a network that connects to the internet, or a wireless network), it can not and will be totally "safe". If you are paranoid of the NSA or other spying agencies, it's already too late because they already worked with most major digital storage manufacturers to be able to look at what they want, when they want. Two-way pattern encryption adds difficulty and time to decryption, but is not perfect. Given increases in computing power, it becomes less safe over time. (Perhaps not if data is not compromised and wiped and re-encrypted with stronger/more complex methods. You, of course, ever vigilant about your safety and privacy concerns, already do this with your own data and/or actively research what any storage provider you do business with does with regards to encryption.) One-time pad encryption is theoretically safe if used correctly, but limited to the storage space it is created with, assuming you could safely set it up at the destination site without interception, which is not happening over the internet or in the cloud.

For the truly paranoid, you would have to use only a computer and storage media that is not connected and will not EVER connect to the internet. Then you could run a flash drive to that and store the flash drive offsite. Perhaps you could use unbreakable one-time pad encryption. (decrypting it is one-to-many, so without the key, you would map to the set of all possible messages and could not know the original material) But, of course, you would have to get the files into your offline computer in the first place...

TL;DR: Do the basics and don't worry to much, or be prepared to get really serious for actual protection. Good luck.

Post has been edited 6 time(s), last time on Apr 19 2015, 4:47 pm by Mini Moose 2707.

For instance, I can recommend AxCrypt for actually hiding file contents. This is a good free piece of software that encrypts your whole file: http://www.axantum.com/AxCrypt/.

Isn't that basically just saying to use a long, unguessable key you keep secret?

I still use TrueCrypt for symmetric encryption of storage files. It was as safe as safe can be (if you trust the safety of its encryption algorithms) until something mysterious happened to its dev team. People have been working to audit it for months and no one has found a backdoor yet. I'm sure similar competitors are probably roughly equivalent. Any of them should provide any security you should need (i.e. good enough unless you're involved in government-level espionage, and I don't think you'd be here asking about tradecraft if that were the case). I don't consider any of this to be NSA-proof; the only way to keep something hidden from the NSA is to not even let them know it exists.

As a side note, while one-time pads offer perfect security, they are more or less meaningless when it comes to file storage. If something is encrypted with a one time pad, it also has a message length key which you need to store securely, and if you could do that you wouldn't need to encrypt the plaintext in the first place.

Just use an encryption key that takes far too long to brute force and doesn't have known mathematical weaknesses. The NSA's not magic, they went of their way to make sure encryption keys stayed short enough for them to crack brute-force style by getting onto standards boards and such, have a primo spot on the internet backbone (making lots of neat tricks possible), and attempt to get backdoors into new technology and software (cell providers not too long ago fought (and won) against giving the gov't a backdoor in phones). </too lazy to source>

But yeah, encryption that has no chance of being brute-forced is how you can keep your secrets secret; if you have a secret secret worth secreting away from secret stealers

The difference is that the password is as long as the file. If the password is as long as the file, it's really just a cypher, and since you have the cypher kept completely secret and every bit is randomized, it's impossible to brute-force because there's no way to verify that your guess is correct and your guesses will have the possibility of turning into any file of similar size.

That's what I meant with long and unguessable. There's no practical difference between a 2048 Bit key and one that's however long your file is.

I get that there's a technical difference, but what I'm saying is that the difference is inconsequential in practice.

In the case of 70 years down the line, when quantum computers will be over a quadrillion times faster than today, It's unlikely that significantly many passwords will be secure without multi-factor authentication. But I don't think I care about my tax return from 70 years ago. In case I did, it's good to know of these things.

I agree encryption is strong, but if your data has ever been written to any device that can be connected to the Internet through any number of links, chances are the keys have too, and now you're relying on the fact that every aspect of the installation is equally secure. It might be, but chances are there is a backdoor or mistake somewhere. After all, do your device use habits really preclude being hacked, at that level? And even if they can't break your encryption, you're still vulnerable to rubber hose cryptanalysis. It was mostly a tangent since I don't think anyone here is actually trying to hide from targeted NSA intelligence gathering attempts, but my point being that few things are actually that secure.


It really depends where your bar is. A one-time pad is literally impossible to break without the key, whereas a "strong" symmetric cipher in the modern context could be broken in the future, either by faster computers, technological advances (quantum computation), or mathematical advances (we don't actually know that factoring isn't in P).

10 years. I'm assuming whatever information hasn't been cracked by then won't be of much use anymore because it's lost its relevance. This is an estimate for most cases and obviously there are exceptions.

Perhaps the correct answer is "whatever the statute of limitations is for what you're hiding"

Technically, yes. But that's not a useful answer to someone who has no idea how key lengths scale in regards of security against brute forcing relative the the computing power available to the attacker.

We can only guess the time it will take to crack near the statute of limitations.