What is Reddit's opinion of Cryptomator?

From 3.5 billion Reddit comments

I use cryptomator https://cryptomator.org it’s open source and free (except mobile version which costs 8$) you can first encrypt and upload your files and folders on almost any cloud service you like. only thing they will see is random symbols.

Might be worth mentioning that as an alternative to Google Drive, most cloud storage providers can probably be used as long as you encrypt the files yourself before uploading them to the cloud with software such as for example Cryptomator

https://disroot.org

Disroot not only provides a Nextcloud instance, but also a host of other services, like mail, etherpad/calc, a pastebin like service, access to a matrix server and a diaspora pod, taiga (project management) ...

The service is reliable, you can try their free 4GB plan. As with all the cloud providers, try to encrypt your files on your own before uploading, or use something like cryptomator.

May I recommend Cryptomator. It encrypts all of your files but unlike other options like Veracrypt it isn't one big chunk of data that requires the entirety of the encrypted volume to be uploaded again anytime there is a change. Each file is within it's own encrypted container so you only have to sync the file(s) that change. Check it out, it's free and open source.

Use this on all of your Plex media in your Google Drive and nobody but you will be able to determine what is in there.

You can use any cloud by simply encrypting your data.But, there's always a chance that an unethical provider will block your account because they can't see what you're storing with them.

Check this: https://cryptomator.org/

Yes, Mail content and attachments are encrypted and decrypted completely client-sided using PGP via OpenPGPjs. It sure is safer/more private than dropbox. For usability however I would rather suggest creating an encrypted container with VeraCrypt and upload it to Dropbox or take a look at Cryptomator and use it with a cloud service.

Why not use something like Cryptomator.

It's a online vault, the data is encrypted on your device. AES256 encryption, and only uploads changes.

Cryptomator apps are available for linux, windows, mac, android and ios.

You can use your own encryption with the likes of https://cryptomator.org/ or https://www.cryfs.org/ for cloud stores, that way you fully control the key locally not depending upon anybody else to encrypt for you. No need to wait. You can even aggregate multiple cloud stores for even more storage and encrypt it yourself this way too.

If you aren't the only one with the encryption key, it isn't secure. Better to encrypt before you upload using something like

Cryptomator - desktop apps open source, mobile apps closed

or

Boxcryptor - closed source, more polished

For the truly paranoid you might add in CryptoMator. That way everything is protected if your account is compromised and even google doesnt know the contents.

Other than that -- Google Drive content is not going to show up on an employee screening.

You could use tools like cryptomator which provides transparent file encryption. It’s free on the desktop but both the iOS and Android versions cost. I’ve used it in the past to take advantage of Google’s 15 GB of free cloud storage without allowing them “access” to my files. I’ve never used it on mobile though.

If you are closed source, you won’t look as compelling as Cryptomator , which is related to encrypted cloud storage services on the website .

In addition to that:

If you don't want the cloud service employees to misuse your personal data or post your naked pictures on Facebook, the data can be easily and automatically encrypted beforehand, e.g. with:

https://cryptomator.org

MEGA, or even better, Tresorit (as it's Swiss-based).

But if you encrypt your files yourself with Cryptomator, any cloud provider works. Depending on how trusting you are, encrypting yourself is a better choice. Going with an E2EE & zero-knowledge provider would also still be a good choice for an extra layer of security.

I switched to Syncthing -- you can run the same sync folder if you symlink a Syncthing directory to where Dropbox expects to find its folder (if you have at least one machine that is extfs).

Also moved to Cryptomator when I migrated to Syncthing (in case you want to the dual service sync thing and maintain privacy).

Mega is not the best but still more private than others. You should encrypt your files with cryptomator or veracrypt or boxcryptor with every cloud drive. You can also try disroot and woelkli

If you don't want to self-host, you can use something like Cryptomator with any of the major cloud services (Google Drive, Dropbox, OneDrive). It's a pretty simple app that encrypts files before uploading them to a cloud storage service.

https://cryptomator.org/

Veracrypt will work very well. However be aware that it creates a single container for all your documents that usually requires the entire container to be reuploaded after changing only a single document . Depending on your requirements something like cryptomator which encrypts each file separately might be a better choice. And if you're looking mainly to encrypt text with maybe some attached files, you can look into Standard Notes. Both of these products are Open Source.

If you are using it for cloud storage services Cryptomator will be easiest. It's FOSS (MIT), and it doesn't cost anything. Veracrypt will encrypt the whole directory, so will leave you in the nasty situation of having to re-upload the whole 100GB whenever you change a file. Cryptomator encrypts files individually, so does not have this problem.

Unencrypted ...

It's fine to keep them in the cloud if you upload them pre-encrypted with a strong password, which you can do either with something like 7zip encryption or something like Cryptomator. Or you can pay for Spideroak for a more automated locally encrypted cloud solution

I would stick to the 3-2-1 backup method to avoid ransomware, theft etc… but for cloud storage take a look at Cryptomator or Boxcryptor which does individual file encryption.

https://cryptomator.org https://www.boxcryptor.com/en/

Encrypting yourself is great, Google won't know what's being stored! I use Rclone now as well, but as I was starting out I thought it was too complicated, so I begun with Cryptomator. It's a great place to start, but rclone is something definetely worth learning though.

All of them do it with content uploaded to the cloud. This has been the case for years. It's always been a bad idea to upload anything to the cloud you're not cool with other people seeing at some point. This includes iCloud, I'm sure we all remember the fappening a few years ago, which was the result of an iCloud leak.

Protip: if you wanna use common cloud storage but don't want it readable by the company you're storing it with, use Cryptomator. It will encrypt your files and then upload the encrypted contents instead of the actual files themselves. Viola.

Use Bitwarden. It just completed a security audit by Cure53, and is 100% open source.

Also, try using a Cryptomator vault in your Dropbox.

I use Cryptomator for that kind of purpose as it encrypts each file individually.

It's free (except for the Android app) and open-source, go have a look.

EDIT: Veracrypt is probably your best bet in that regard, but the major problem with doing it that way is that you have to reupload the entire container when you change a single file.

I wouldn't trust either of them. Microsoft has been avoiding questions like "are you able to decrypt a Bitlocker drive?" from the media, and HDD vendors could be just as malicious and/or incompetent when it comes to this stuff, so I don't expect them to get it right. It's like trusting a router vendor to give you a highly secure router firmware. It just isn't going to happen.

Use VeraCrypt if you want full drive encryption. As an alternative (if you don't have tens of Gigs that need to be encrypted), I would suggest using Cryptomator to encrypt the files locally before you sync them to a cloud storage provider like Drive, Dropbox or OneNote.

Blog Post: https://cryptomator.org/blog/2021/06/30/ios-2.0-beta/

Twitter Update: https://twitter.com/cryptomator/status/1410132402857467905?s=21

Github Repository: https://github.com/cryptomator/ios

Looks like it's a good one stop solution if that's precisely what you need.

I'm somewhat nerdier and would use the tools I already use and store data on any free cloud using Cryptomator, kinda the same experience imho.

On a computer you can always use the web version. I'm pretty sure it can't scan what it's not supposed to.

Remember, you can always use some tool like Cryptomator. Though, that wouldn't be useful for sharing files.

1. Cryptomator explains its security architecture. There has also been a pentesting audit.
   
2. There are desktop apps for macOS, Windows, and Linux. Even if you lose your phone, you still have access to your files, provided you store your password elsewhere.

What most would suggest is probably a rented server running nextcloud. You can also give Cryptomator a try and stick with Google Drive. Or Boxcryptor.

Cryptomator has been audited, which is of course not a guarantee that there aren’t any bugs.

The difference however is that I can chose to keep my private key private. Cryptomator doesn’t care where it stores the encrypted files, so if I just wanted to store encrypted files on a network share, or even a USB drive, that option exists, without having to upload my private key to their servers.

With version 1.6, I can even chose to keep my private key out of the vault.

Anyway, I evaluated my options for a long time before deciding on Cryptomator, and for me it was the best choice. That doesn’t mean it’s the best choice for everybody else, and if Boxcryptor fits your needs, then by all means stick with it. None of them are bad products.

My opinion is that you can't know if MEGA is honest about their privacy policy (did you verify it?). So if you want to be on the safe side and not regret it years later, encrypt your files locally using cryptomator before uploading them.

Yep, I use a mixture of Nextcloud (via Pi at home) and Dropbox (via Cryptomator).

Also super cheap to run Nextcloud on VPS such as Digital Ocean. Destination Linux has a referral link for 2 months / $100 trial at do.co/dln

You should always have a backup of the stuff you can't replace. Even if you store it in some cloud, optionally with Cryptomator. What if you lose your device or your SSD fails?

When you install Windows via Bootcamp, you have to install it on a partition the Bootcamp wizard created.

If you select the wrong partition or the shrinking of your current partition fails, you might lose your data.

All Office 365 Education tiers includes eDiscovery

>You can use eDiscovery tools in Microsoft 365 to search for content in Exchange Online mailboxes, Microsoft 365 Groups, Microsoft Teams, SharePoint Online and OneDrive for Business sites, and Skype for Business conversations, and Yammer teams.

IOW, everything you write and save can and will be used against you. You can use solutions like Cryptomator but it doesn't take a genius to guess your 900 GB encrypted container is filled with "research" material.

Google Drive is secure, but not encrypted. You can use Cryptomator.org (free, open source) to create encrypted disks and store it on Google Drive. If you a comfortable with CLI, rclone.org is a great software, too. BTW, these two works on other cloud storage solutions, too.

I know everyone here probably already knows but for thoes that do not, Cryptormator is open source and is essentially an encrypted containor that encrypts files before they are uploaded to the cloud. You could use this with any cloud provider and they cannot see your files

Some people use https://cryptomator.org/ (paid Android app). I haven't used that personally. If you are on Android you can use EDS Lite to create encrypted container (where you save your files) and then upload it to cloud. Only available on Play Store though but you can use YalpStore to access it https://github.com/sovworks/edslite On computer you can use 7-zip or Veracrypt.

It also depends on your threat model. If you already use trustworthy encrypted cloud storage then you might don't need to encrypt your files.

There was a glitch a few months ago that resulted in Google refusing to let people access or share random documents because of a "ToS violation". If they're going as far as to scan the contents of a document on your Google drive, I'd bet they're doing the same for your media files to.

If you want to store em, create an archive and encrypt it with 7-Zip, or if you want something more open-source, you can try Cryptomator. Of course, this stops you being able to stream them, so I don't know how useful you'd find that.

Something to checkout before leaving Google Drive would be Cryptomator. Client-side encryption vs relying on the provider. Maybe not ideal because you'd still be supporting Google by using G Drive but worth a look nonetheless.

Yet another snake-oil 'cloud/browser encryption' vendor.

It suffers from the same issue all similar snake-oil suffers from: there is no way to verify their claims.

Yes, the code is 'open source', but in order to verify that it does what it does you'd need to make sure it hasn't been tampered with every single time you load it in your browser--at which point it's far less hassle to use something like cryptomator.

It is foolish to trust your encryption to some browser code that's downloaded remotely every time--the hoops to jump through to check its validity every single time far outweigh its ostensible advantages.

Instead of Veracrypt, I'll recommend Cryptomator. The idea behind it is very similar, it's an encrypting file system with a container. However, the container is a folder, not a single file, and every file is encrypted individually within it, which is a much better fit for cloud storage. With Veracrypt you have to fiddle to both have the right container size AND make sure that it's small enough that re-uploading the whole thing every single time you make a change to one of the files inside the container won't be a pain.

I know people use something like this. It was suggested a while back in another sub. Here you are!

Edit: I will suggest veracrypt though, but Cryptomator looks good. Need a little info on their security though.

You could use Cryptomator to encrypt the folder. You can add their F-Droid repo to F-Droid.

Then also install Cryptomator on your computer. And use syncthing to sync.

Between those: pCloud, easily.

They have seemingly every single feature people tend to look for on here.
I didn't use them at first, then I couldn't help but notice how seemingly every single time somebody would be looking for certain features on here, pCloud had it.

Since then, it's been a bit funny seeing people stress over <this provider> and <that provider>, while pCloud has just continued to work, absolutely flawlessly for me, with every single thing I've ever needed. I've used a bunch of different services, yet pCloud is the one I recommend the most. It makes itself the easiest to recommend.

If you plan on uploading questionable files (like torrents, etc) then just pair it with Cryptomator (insanely easy to use) and put those files in what it calls 'Vaults' – then bam, you're set.

FYI Cryptomator 2 (the upcoming version) is open source. However, you still have to pay a couple of euros for it - I guess the developers need to pay their bills.

Till now I have not found a native way to do this, a .nomedia file is not respected.

For this I use Cryptomator, a password protected container specially made for cloud.

Since it is encrypted nextcloud cannot access it, use it for log in secrets and documents.

Se mastichi l'inglese ti consiglio di dare uno sguardo all' area dedicata alla codifica dei file su privacytools.io.

Personalmente non archivierei dei dati bancari in nessun cloud, ma se proprio vuoi/devi, ti consiglio di usare Cryptomator così da unire con un solo software sia il bisogno di codificare i file sia di archiviarli in un cloud.

To answer your question: yes, Google can see the file names. You could switch to an encrypted cloud provider like Nextcloud, or, if you need to stay with Google, check out Cryptomator

Cryptomator! It's a FOSS encryption desktop software but unfortunately its mobile client is not fully open source (only the encryption part) and they charge a fee for it. I don't mind paying it but it bothers me that they only allow us to buy either with card or PayPal. Not sure what are the laws against for you to resell it but it seems that it is difficult for them to do so: https://github.com/cryptomator/android/issues/276

Backblaze is your best bet for the price. Just encrypt it. That way, Backblaze doesn't know what your storing.

Cryptomator seems to offer a good solution for doing this. It allows you to setup encrypted folders, which you then can upload to backblaze.

iOS: not implemented yet, on the roadmap https://github.com/cryptomator/cryptomator-ios/issues/73

Android: not implemented yet https://github.com/cryptomator/android/issues/41

Latest Roadmap: https://cryptomator.org/blog/2020/11/20/roadmap/

I saved the files to my own dropbox. I also saved the key.

I have not yet decrypted the files, but will do so later today. It looks like the mod used https://cryptomator.org/ to accomplish it. That's an open source software, but I haven't used it before. Will check it out.

Thanks /u/zero-value for this.

As there is now a documentation how to add a new cloud provider maybe there is soon someone contributing SFTP like someone else is currently working on S3.

As mentioned in the roadmap Document Provider (accessing the content of the vault using third-party apps) is the next feature which will be implemented.

• Encrypted USB Stick/HDD? Veracrypt
• Password Manager? r/KeePass
• Cloud Encryption? Cryptomater
• Maps? OSMAnd.
• Don't forget r/PrepperFileshare

Nope.
Reading around a bit there is some general skepticism, though it's largely because of how new they are. Over in r/datahoarder somebody speculated if they're what's called a "summer host" (basically, a company that pops up > usually offers a nice deal > then a few months later disappears into the night with your money and no more service to show).

If you run their whois they barely popped up in ~June out of nowhere (so... 2 months ago).

Nonetheless, their pricing is not really competitive.

Moreover and as to your questions, they do claim to be a zero-knowledge provider which along with their claimed AES-256 bit encryption would be excellent and really about all you'd need to have if you're looking for file security.

Now, even if a service wasn't zero-knowledge (or really, even very secure), you could basically just do it yourself rather easily by using something like Cryptomator.

When your files are locked away in this manner, the file host or anybody that breached (or even demanded files from) them would not be able to read your files, because not only do they have zero way to get your password (they're zero-knowledge), but they also don't know your encryption key. Only you do, and there's no way for them to even get it on their end.

• So even if the company was hacked, any data they attempted to scoop from you would be utterly useless as it'd just be a jumbled mess of nonsense that is completely unreadable (it'd take some ridiculous number of years for even very powerful computers to crack it to make it readable).

I think Cryptomator is what you're looking for.

Edit: check this thread out. TLDR: NextCloud (self-hosted) for ultimate privacy, Tesorit and Sync for decent paid options. Cryptomator used with any cloud provider for a decent, but high-risk, high-reward setup.

Espero que isso não seja um problema para ninguém aqui, mas de qualquer forma serve para acabar com as dúvidas de quem acha que as coisas na nuvem estão protegidas e são privadas. Ainda, hoje é a pedofilia mas e amanhã?

Microsoft e Google também fazem essa análise e inclusive já denunciaram (ativamente, não por simples colaboração com investigações) casos nesse sentido.

Obviamente isso é feito por meio de algoritmos, não é um Zé contratado que fica lá analisando a nuvem da galera (apesar de que acredito que isso seria possível).

Eu uso o OneDrive (no pacote do Office365 Home) porque os preços são realmente imbatíveis, mas tô aproveitando que tô reestruturando meu sistema aqui pra adicionar o Cryptomator pra intermediar esse processo. O que ele faz é basicamente criptografar automaticamente o que é enviado para a nuvem, de modo que na nuvem propriamente dita os arquivos ficam criptografados e consequentemente inutilizáveis para quem quer que os acesse (inclusive a gestora da nuvem). Pelo que entendi ao invés de usar o app do OneDrive (ou Google Drive, Dropbox, etc.) você usa o app do próprio Cryptomator, que já exibe as coisas descriptografadas.

Alias, acho que a criptografia tem se mostrado cada vez mais necessária e certamente veremos ela sendo cada vez mais e mais usada e recomendada (bem como repudiada por governos).

If I understand the situation properly, then Cryptomator sounds like it might serve your use case.

https://cryptomator.org/

(Sadly, it would seem that the Android app is only partially open source, and costs a pretty penny on the Google Play Store.)

I'm a bit curious, honestly. Why do you immediately say "no, thanks" to iCloud or OneDrive, but accept Google Drive as a possibility?

Here's the thing: data on a cloud drive is only as private as it is safely encrypted. I would suggest doing so, for example with a tool like Cryptomator, whether you use a free service, you pay for it or you host something yourself.

That leaves meta-data collection about you and this is not really a fact one can get rid of entirely. The best way would be to disassociate yourself as much as possible from the cloud sync and make any such collected data useless. The practical application would be: don't use any of the desktop clients from a cloud sync provider, use a different VPN exit node if possible and if the chosen storage is a free one, use a cloud account that's not connected to any of your other online traces.

I also agree with Mint as a recommendation. I think your transition will be relatively pain free. I've been using desktop linux as my only OS now for about 15 years and it has reached maturity. Also, most day to day things are done in a browser now so the barrier to moving is lower IMO.

You can try it as a boot from USB stick or in a virtual machine to test the waters first if you like.

On your use cases: > Firefox/Firefox Developer (in the process of getting rid of Chrome for good)

Firefox and Chrome are both available for Linux

> Wordpress

You'll just use your chosen browser for this

> Youtube

You'll just use your chosen browser for this

> MS (2010) Word, Excel

This is likely to be your only (minor) pain point. I've been using desktop linux for a long time now. Libreoffice is good but it rarely creates documents that open exactly the same in word in my experience. If you need to be sure how something's going to look for the end reader, you can export to PDF. I also use google docs occasionally.

> Cryptomator

Linux version exists - https://cryptomator.org/downloads/#linuxDownload

I would recommend the PPA version if you're using mint.

> 4 cloud-sync apps: Dropbox, Backup and Sync from Google, Sync, and pCloud

Not overly familiar with pcloud / sync but the others work fine with linux

> Skype

Linux version exists. Also web.skype.com (good, but not as good)

> Calibre E-book Management

Linux version exists

>Zhorn Stickies

>Microsoft OneNote

>MPC-HC for movies

Not really familiar with these.

> Windows Media Player for music

A variety of options exist. I use spotify myself so I haven't looked at them in a while.

> VPN (for the new laptop)

All the major providers have either Linux apps or support OpenVPN

> PayPal, online banking, etc.

All flawless in linux.

Good luck with the move!

I suggest you take a look at Cryptomator (https://cryptomator.org/), encryption och files stored at cloud providers of your choice. A little buggy at the moment read-only files won't easily be deleted, first you have to remove the read only flag on all files in the Cryptomator vault folder.

There is no “local copy” per se. It’s opened in the cache and will open in which app you need. If that app saves the file to the local file system then yes.

Check this out:

https://cryptomator.org/security/advice/

Cryptomator is an open source file encryption software that supports syncing with various cloud services, iCloud Drive included. You can access the encrypted files via the Cryptomator app on your phone, and via an encrypted file container (which mounts itself as a virtual network drive) on your Mac/PC/Linux machine. It encrypts on the file level, rather than the container level, so a change to a single file does not require the entire container be re-uploaded to iCloud Drive to be synced.

That may be your best bet, since as far as I know, iCloud Drive does not support password protecting folders.

That was a great read - thanks! Would you say that AES-256 is "enough"? I'm worried about potential advances in computing + the fact that some cloud providers have been accused of holding on to deleted files. If I were to use anything other than Veracrypt to encrypt my cloud files, it would definitely be Cryptomator. Here's a link to their security architecture for reference. The software lacks the customization you get with Veracrypt, but maybe this isn't so bad.

Cryptomator on your local machine or phone, then use Dropbox or Google etc. Assuming AES256 is secure and that the encryption program is sound (it's FOSS), then your data is safe from prying eyes. Veracrypt and Dropbox is also a good solution as only the changed "chunks" of your big vault file are synced by Dropbox, not the whole thing.

You could use GnuPG . But Cryptomator is better designe for this purpose. Boxcrypter is an option too, but it's proprietary software.

Für Backups auf Android gibt es viele Wege. Guck mal auf dem Handy unter Einstellungen nach "Konten" und da unter "Google". Dort siehst Du, welche Daten automatisch mit Google abgeglichen werden. Zum Beispiel Adressen, Kalender, App-Daten usw. Wenn das aktiviert ist, dann ist das meiste auf Deinem Handy schon in der Google-Cloud. Das ist standardmäßig so eingestellt.

Fotos könnten auch dazugehören. Die kannst Du mit Google Fotos ebenfalls in der Cloud sichern.

Als nächsten Schritt musst Du erstmal klären, ob Du Dich mit dem Google-Konto, das dort hinterlegt ist, auch im Browser anmelden kannst: Sprich, ob Du Dich an das richtige Passwort erinnerst. Was bringt Dir das Google-Backup, wenn Du nicht herankommst? ;-)

Sollte das nicht klappen oder wenn Du die Google-Cloud aus Datenschutzgründen nicht magst, gibt es unzählige andere Möglichkeiten. Auf dem SGS7 z.B. mit MicroSD-Karte ohne Cloud. Es gibt aber auch viele Apps, die Deine Daten vor dem Upload in die Cloud verschlüsseln. Zum Beipspiel den Cryptomator. Und es gibt von Samsung Windows- und Mac-Software für Backups. Und, und, und.

Und dann gibt es noch den geheimen Spezial-Trick.

1) unfortunately i really need Excel :( (but the virtualized windows should be enough, i don't have really huge data).

5) Officetime: it's at time tracker and and a database. I can switch between projects and it tracks the time i use on each project. There are online alternatives but i prefer a local app so i can track time even when offline (eg: an airport or a train). Since i'm a "lone wolf" i need to be accountable in order to manage my time :)

6) Ampps: i just run it locally! it's useful to have a "wrapped" development environment (apache, mariadb, php, python) and i can easily switch php versions with just a click on the panel.

18) Boxcryptor: i may have found a better and more cross-system alternative! https://cryptomator.org/

22) Mailplane: i should ask the developers if there is a linux alternative...

24) Actually i just need "miniconda" for my small scripts. It should work flawlessy in linux https://conda.io/docs/glossary.html#miniconda-glossary

I started using cryptomator https://cryptomator.org some months ago. Works also very smoothly with cloud storage. Didn't have any issues yet. I will give it some more time, more testing and more reviews and might put all my stuff in it.

Anyone using this as well?

Another really cool option is Cryptomator one advantage it has over tools like Veracrypt is that it isn't all stored in one huge block file. Each file lives in it's own encrypted container so if you're using it with a cloud storage service that syncs with your computer you don't have to re-upload the entire encrypted volume, just the encrypted file that was added or changed. It's all open source, and is available for Window, Mac, Linux, iOS, & Android.

You could just use Google Drive or Dropbox with Cryptomator, that way all your stuff is encrypted before it is stored on the cloud. Another (slightly less easier) solution could be to make a Veracrypt container and upload that to the cloud.

I would suggest using Cryptomator instead of VeraCrypt for convenience. Nothing against VeraCrypt, it's a powerful tool, but if you change one file you need to upload the whole container. And since the Container size is fixed you always have to upload more than you actually need. The usecase of veracrypt is just a different one. It's not meant for the cloud. Cryptomator is.

Check out cryptomator. The software creates a vitual "vault" that encrypts everything and stores it on a local drive or share (think: dropbox sync folder). You run the software to decrypt the vault and it mounts as a new local disk.

EDIT: All encryption/decryption is done on the fly as you read/write files on the new disk

If anyone is looking for any alternatives, Sync is an encrypted cloud provider in Canada and Cryptomator lets you easily encrypt data with existing providers (OneDrive, Google Drive, etc.)

Or cryptomator https://cryptomator.org if you are encrypting any cloud drive directory (Google Drive, Dropbox, and the like) all files are encrypted in their own individual container so if one file changes you only need to upload the corresponding encrypted container instead of having to upload the entire truecrypt/veracrypt volume.

BTW, truecrypt hasn't been in development for a good while now but the fork of that project, veracrypt is still going strong.

I don't think there is a single "best". There are probably a few services that could satisfy your privacy requirements, and if you encrypt locally using something like Cryptomator before uploading (and not upload the key of course) then just about anything would do. Even so I shy away from supporting services that are not privacy friendly

I like SpiderOak; everything about it seems privacy friendly. It doesn't hurt that it has been recommended by both Ed Snowden and the EFF

It will be challenging to find a good service that provides quality, redundant, always-on backup server resources for free, and without monetizing on your data somehow (especially since you don't want to provide storage yourself). You must also be careful of too-good-to-be-true offers because companies have been known to go out of business and take user data with them.

If you have to and don't need more than 15GB, you could use Google Drive (I wouldn't but I can pay for my solution so if you can't...) so long as you encrypt your files locally with Cryptomator or some similar software

You can use any cloud storage service if you encrypt your data first. Using Cryptomator, you can create an encrypted vault that you upload to your preferred cloud service, uploading your files into that vault which are encrypted/decrypted on the fly. It's free on desktop and has a $5 mobile app so you can access your data on your devices. Sounds like what you're looking for.

https://cryptomator.org/

If you use something like Dropbox, absolutely use Cryptomator in addition to it by the way: https://cryptomator.org/

It's very easy to use and gives you much better privacy and security, and it works for every cloud storage service.

Edit: And it's of course also free and open source.

> Obviously I could Veracrypt whole folders and files and still upload them to Dropbox, but that would kill access from my iPhone, and just overall usability.

Perhaps you could try Boxcryptor or Cryptomator. They're similar to VeraCrypt in that they encrypt/decrypt files on the fly in a virtual drive, but instead of storing everything in a single container file they encrypt each file individually (the encrypted files would be in your synced Dropbox folder or wherever else you like). They both have mobile apps for iOS, though I don't know how good those apps are (I use Android where the Boxcryptor app is pretty good and the Cryptomator one is still a bare bone alpha/beta).

Cryptomator is free and open source whereas Boxcryptor is closed source and quite limited if you don't pay the subscription fee. If I were you I'd give Cryptomator a try and see if the iOS app is decent.

sale's over guys, it lasted 24h.

the app is legit and cross-platform; if you head on the website, you can grab the Win/MacOS/Linux app for free and give it a go. on Android the app is currently in open beta, so you can just search for it on the Play store and join for free.

• some background for those who are interested

• official youtube channel

Yes. There are a few ways:

1. Use 7zip and set a password before uploading

2. If you want this automated + filename encryption, there are things like Cryptomator (https://cryptomator.org/) and BoxCryptor (https://www.boxcryptor.com/en)

3. While not exactly a substitute, you might want to look into things like distribute file systems (e.g. IPFS https://ipfs.io/) if you don't trust large cloud providers

> how good is cryptomator

I am not aware of code audits having taken place but you can read about the security architecture here

> is there anything better or is that just the only free option?

You could look at veracrypt / ciphershed which are forks of Truecrypt.

> and last question, do you recommend one free storage site more than other or is there just not much of a difference?

I don't use any so could not make a reliable recommendation

What about hosting a cloud server on rented hardware? However, you should encrpyt your files locally and afterwards upload them to the cloud. There are tools which can do this on-the-fly. Have a look at cryptomator

if you wish to stay in the "apple ecosystem" but want to add a bit of privacy to cloud activities, I would suggest Boxcryptor or Cryptomator, which is open source. Hope this helps!

https://www.boxcryptor.com

https://cryptomator.org/

If you don't need mobile access (i.e. through an Android/iPhone/WP/etc. app), just use something like Google Drive and encrypt everything before uploading (e.g. using Cryptomator or CryptSync). If you definitely need mobile access, Boxcryptor is an option, as they have apps, although it is closed source.

Im not qutie sure why nobody on here recomends cryptomater, which is a Open Source, client-side AES encryption for cloud files. In theory everything you send to your cloud should be encrtped with this software.

https://cryptomator.org/

hi, I'm one of the guys behind Cryptomator. Checking for updates happens when showing the "Welcome" screen. When quitting the app it should not call home. Where did you download your copy from? Can you try intercepting the traffic, e.g. using Burp Suite? The only online communication allowed is a GET request on https://cryptomator.org/downloads/latestVersion.json.

If you are using Google Drive you can encrypt your files before uploading them via cryptomator.

Or just use a service like Filen or IceDrive which encrypts the cloud storage, Also they have a free 10gb cloud storage for free to test if it suits for you.

I see you can access the files.

First thing to do is to create backups.

Google drive + Microsoft onedrive alone gives you 20gb of free cloud storage.

Store copies of your most important files there

If you're worried about privacy you can encrypt the files before storing them. Cryptomator is a great software for this.

I think your best strategy is to start at PerfectMediaServer and read the various “howto” articles.

> my drives faulting due to loose cables

This was also partly what drove me to Synology. Next time I might go for a TrueNAS box from IXSystems, though for now my Synology does all I need (which is only storage).

> Does your snapraid/MergerFS set-up use a Cache drive?

In short, not by default, but there is nothing stopping you from setting up bcache in front of it.

> I use my server for file storage, Media storage, and to store images / data which I run Machine Learning on

I’ve split those up into multiple services.

I host files/documents/photos in the public cloud (iCloud, OneDrive, Google drive, etc), and make local backups. I use Cryptomator for end to end encryption where privacy is needed.

Consumer cloud file services mostly store your data with multiple levels of redundancy, both on individual data centers but also on multiple data centers. The probability of the public cloud losing my data is a fraction of the probability of my local server blowing up. The main concern is loss of access, which is why I backup locally.

I use Azure for ML (mostly object detection / classification). They have a free tier that neatly matches what I want to use it for.

As for media storage, that currently goes on my Synology along with backups of cloud data, and I’m quite happy to just stuff that box in the corner for half a decade and only look at it when a disk dies or there’s a software update.

I'm planning to find a cloud storage service with the Files integration on iOS and use Panda instead of Bear. That way I'll be able to write with Panda on my Apple devices and access my notes on my Linux computer (though I'll need to use another editor but that's not a big deal).

FYI, the cloud storage solution I'm considering are : iCloud (if I find a way to use it on Linux) + Cryptomator, Dropbox + Cryptomator and Tresorit.

Please note that I have no idea if it makes your data any more secure. I don’t know how they made it in, but reducing your attack surface is always a good idea, and by removing DSM from QuickConnect, you’ve excluded any vulnerability in that from being expedited over QuickConnect.

There could of course be vulnerabilities in any of the exposed file services, and a VPN is probably the right answer.

Also note that it is NOT possible to restrict QuickConnect to a single country. QuickConnect is global, so you might be safer just turning it off and use the dynamic dns option to connect over regular internet, though you cannot limit DSM exposure that way.

I think the general consensus is that, if you must expose NAS services to the internet, you should do so through Virtual DSM

I faced a similar issue a few years ago, and I simply gave up hosting a NAS with external services available, and instead setup a virtual machine with Nextcloud that mounted the Synology storage and exposed that through Nextcloud. Similarly with Piwigo for photos.

These days I’ve completely turned off my NAS, and only use it for the occasional bi monthly backup. Everything else is in the cloud, either secured by rclone (for media storage in Google drive or jottacloud), or Cryptomator for personal cloud storage (OneDrive or iCloud). I then make a local backup as well as a remote backup (to another cloud)

Because of the high energy costs in Denmark, a Google workspace subscription with unlimited storage is only €3 more per month than the power consumption of a 4 bay Synology, so I “save” the hardware costs every month.

I have all my data available at all times, without having to worry about data loss, hardware malfunction, vulnerabilities or anything like that, and it’s still private as it is end to end encrypted.

My compromise for keeping most of the convenience of Google Drive but, increasing privacy DropBox (grade of C vs Google grade of E) combined with Cryptomator.

> My question is, how do I do that transparently? For example, if I use Rclone for the encryption, how would I access the data outside of Rclone (e.g. on a mobile device)? Or if Rclone's encryption store gets corrupted or w.e.?

rclone can't, but Cryptomator can: https://cryptomator.org/downloads/

> Please note that Skynet has 2x or 3x redundancy which is across 20 or 30 different data centres with erasure coding and I think automatic file repairing, Google Drive has redundancy and a very high reliability

I can’t speak for Skynet, but with Google you only get the redundancy on paid accounts.

If you want privacy in the cloud, you could use Cryptomator which provides transparent encryption of your files. I use it on Google Drive, OneDrive and iCloud, and it works well. It works on Windows, Mac and Linux, as well as iOS and Android.

As I was reading through your post, it seemed like pCloud would be an exact solution (especially since you want to be able to work with the files as if they were on your computer, but without them actually taking up space on your computer).
... but then I got to your copyright/torrent stuff.

If you have that stuff, you could still use pCloud, just get Cryptomator and put those types of files in what it calls a "Vault" – what this does is zero-knowledge encrypts them, so that nobody has even the slightest clue what your files are, except you.

Cryptomator is super easy to use, but if you have questions, feel free to message me.
I've timed it before, and it only takes me about 10 seconds to create a Vault from scratch.. that's how easy it is to use.

Hard drives failing is actually what got me into cloud storage initially as well, so I definitely understand where you're coming from. It just seemed like such BS that you could not even touch the drive, but then out of nowhere it just stops reading one day.

I'm using the Dropbox 2TB plan + Cryptomator (https://cryptomator.org/). I have a local instance of NextCloud I manually start, backup, and shutdown for my phone with all the data files stored in the Cryptomator drive.

I haven't found a good solution for syncing photos with easy access from my phone. Just learned to live without unfortunately.

I'm using GrapheneOS which has built in NextCloud backups. Not sure what the iOS experience would be. Also rarely access the Cryptomator drive my phone so cannot comment what the experience is for frequent remote access.

My goal is easy data loss prevention over easy access.