Let's start off by saying I like Dropbox. It's awesome. While I have moral issues with dropbox sharing my data with the NSA, I don't have a large issue with the NSA actually getting my data because I've done nothing majorly wrong, and the files on dropbox won't incriminate me.
However there are some documents that I'd like to keep backups of, usually financial data, and keep them securely on the cloud.
I already keep my passwords stores on dropbox because it's damn convenient, but I keep them encrypted via keepass. I'd like to do the same with actual files, but I'm not sure the best method to do this so as to prevent even dropbox from reading my files.
I also use Copy and Tencent Weiyun for backup of other data, so I'm flexible with other hosts. I haven't tried using mega at all because I don't like the interface, but maybe mega is the best option since it's had a history of breaking the law and actually encrypts files what seems like properly?
"Parliamentary inquiry, Mr. Chairman - do we have to call the Gentleman a gentleman if he's not one?"
We can't explain the universe, just describe it; and we don't know whether our theories are true, we just know they're not wrong. >Harald Lesch
Personally,I use copy(.com), mainly because you can get much more space than on dropbox. I got 45GB ATM. No idea how secure it is though.
For security you could upload your important stuff in a password protected zip file.128 char long password is way be too hard to crack even for NSA in any reasonable time frame.
I just now had an idea. You could try using an encrypted drive stored on your cloud service. I imagine it would be a nasty business to constantly sync such a drive any larger than a few hundred megabytes, as well as issues with syncing a drive that is mounted... So I imagine this is too problematic.
I've read that MEGA doesn't have particularly tight security given problems with how they decided to implement the overall security, although I would reckon that they wouldn't want anything to do with the NSA.
Well I think I'll do the zip file for my financial documents (they're not that big and I can add files to zip easily) but yeah using an encrypted drive seems difficult. I prefer dropbox to copy simply because you can actually run websites off of it and direct link files. Copy and Tencent don't allow this. I don't have an issue with space as Tencent Weiyun gives me 10 TB. It's got an auto upload image feature, a sync client up to 4 GiB (files larger can be manually uploaded via a chrome extension) so I have all of my ISO images going up there just in case my HDD dies. Thinking of putting my movie collection up there too but that's a later date.
"Parliamentary inquiry, Mr. Chairman - do we have to call the Gentleman a gentleman if he's not one?"
7zip has a nifty encryption feature.
Since we're talking about financial data here it's always good to have it in triplicate, and to have one of those locations off site. Honestly nothing wrong with a little sneaker net
if you can manage it, get a safe deposit box at a bank and keep a flash drive in there.
If it's connected to the internet (or a network that connects to the internet, or a wireless network), it can not and will be totally "safe". If you are paranoid of the NSA or other spying agencies, it's already too late because
they already worked with most major digital storage manufacturers to be able to look at what they want, when they want. Two-way pattern encryption adds difficulty and time to decryption, but is not perfect. Given increases in computing power, it becomes less safe over time. (Perhaps not if data is not compromised and wiped and re-encrypted with stronger/more complex methods. You, of course, ever vigilant about your safety and privacy concerns, already do this with your own data and/or actively research what any storage provider you do business with does with regards to encryption.)
One-time pad encryption is theoretically safe if used correctly, but limited to the storage space it is created with, assuming you could safely set it up at the destination site without interception, which is not happening over the internet or in the cloud.
For the truly paranoid, you would have to use only a computer and storage media that is not connected and will not EVER connect to the internet. Then you could run a flash drive to that and store the flash drive offsite. Perhaps you could use unbreakable
one-time pad encryption. (decrypting it is one-to-many, so without the key, you would map to the set of all possible messages and could not know the original material) But, of course, you would have to get the files into your offline computer in the first place...
TL;DR: Do the basics and don't worry to much, or be prepared to get really serious for actual protection. Good luck.
Post has been edited 6 time(s), last time on Apr 19 2015, 4:47 pm by Mini Moose 2707.
For instance, I can recommend AxCrypt for actually hiding file contents. This is a good free piece of software that encrypts your whole file:
http://www.axantum.com/AxCrypt/.
Some.
We can't explain the universe, just describe it; and we don't know whether our theories are true, we just know they're not wrong. >Harald Lesch
One-time pad encryption is theoretically safe if used correctly
Isn't that basically just saying to use a long, unguessable key you keep secret?
the only way to keep something hidden from the NSA is to not even let them know it exists.
Just use an encryption key that takes far too long to brute force and doesn't have known mathematical weaknesses. The NSA's not magic, they went of their way to make sure encryption keys stayed short enough for them to crack brute-force style by getting onto standards boards and such, have a primo spot on the internet backbone (making lots of neat tricks possible), and attempt to get backdoors into new technology and software (cell providers not too long ago fought (and won) against giving the gov't a backdoor in phones). </too lazy to source>
But yeah, encryption that has no chance of being brute-forced is how you can keep your secrets secret; if you have a secret secret worth secreting away from secret stealers
TheNitesWhoSay - Clan Aura -
githubReached the top of StarCraft theory crafting 2:12 AM CST, August 2nd, 2014.
One-time pad encryption is theoretically safe if used correctly
Isn't that basically just saying to use a long, unguessable key you keep secret?
The difference is that the password is as long as the file. If the password is as long as the file, it's really just a cypher, and since you have the cypher kept completely secret and every bit is randomized, it's impossible to brute-force because there's no way to verify that your guess is correct and your guesses will have the possibility of turning into any file of similar size.
"Parliamentary inquiry, Mr. Chairman - do we have to call the Gentleman a gentleman if he's not one?"
We can't explain the universe, just describe it; and we don't know whether our theories are true, we just know they're not wrong. >Harald Lesch
That's what I meant with long and unguessable. There's no practical difference between a 2048 Bit key and one that's however long your file is.
I get that there's a technical difference, but what I'm saying is that the difference is inconsequential in practice.
In the case of 70 years down the line, when quantum computers will be over a quadrillion times faster than today, It's unlikely that significantly many passwords will be secure without multi-factor authentication. But I don't think I care about my tax return from 70 years ago. In case I did, it's good to know of these things.
"Parliamentary inquiry, Mr. Chairman - do we have to call the Gentleman a gentleman if he's not one?"
We can't explain the universe, just describe it; and we don't know whether our theories are true, we just know they're not wrong. >Harald Lesch
[color=#b5b5ff]It really depends where your bar is.
10 years. I'm assuming whatever information hasn't been cracked by then won't be of much use anymore because it's lost its relevance. This is an estimate for most cases and obviously there are exceptions.
We can't explain the universe, just describe it; and we don't know whether our theories are true, we just know they're not wrong. >Harald Lesch
Perhaps the correct answer is "whatever the statute of limitations is for what you're hiding" Technically, yes. But that's not a useful answer to someone who has no idea how key lengths scale in regards of security against brute forcing relative the the computing power available to the attacker.
Perhaps the correct answer is "whatever the statute of limitations is for what you're hiding" Technically, yes. But that's not a useful answer to someone who has no idea how key lengths scale in regards of security against brute forcing relative the the computing power available to the attacker.
We can only guess the time it will take to crack near the statute of limitations.
"Parliamentary inquiry, Mr. Chairman - do we have to call the Gentleman a gentleman if he's not one?"