Securing documents in cloud

Discussion in 'privacy technology' started by rpk2006, Aug 22, 2016.

  1. rpk2006

    rpk2006 Registered Member

    Joined:
    Jan 29, 2003
    Posts:
    35
    Location:
    India
    As of now I am storing documents like scanned IDs, job certificates and letters and other critical documents on Google Drive. Some are encrypted but few are unencrypted.

    I want to use one more cloud service which not only encrypts during transfer but also keeps documents encrypted in the cloud.

    I evaluated hubiC and Mega.nz. Mega looks secure as the key remains with the user however there is a lot of doubt related to it. Few posts even say it might close soon.

    I want to know two cloud storage services which are secure and going to last.
     
  2. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,051
    I use JungleDisk which is a subsidiary of Rackspace. There TOS is tight.
     
  3. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,597
    If you want an opinion shared by many experienced users here it would be this: ALWAYS encrypt everything on your local machine (GPG, VeraCrypt, etc....) before sending it to the cloud. YOU control the encryption software and then you can send your stuff anywhere with impunity!! Why hand any other person/company the control over the encryption scheme in any way?

    You used the word "Google" in your post, and for that I want to scream my point at you. Just sayin
     
  4. rpk2006

    rpk2006 Registered Member

    Joined:
    Jan 29, 2003
    Posts:
    35
    Location:
    India
    How about using a combination of boxcryptor or Viivo and cloud service which encrypts data at rest? But both use AES-256, so an encrypted file will again get encrypted in the cloud.
     
  5. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,150
    Location:
    UK
    As well as the issue of trust in any cloud service client software, I'd recommend operating the cloud service from a completely distinct virtual machine, and copy your locally encrypted files to that when ready. That way, any dodgy software contamination/backdoor on the VM has a much harder time of it, because it will not be able to see your local file system, unless it can break the vm isolation.
     
  6. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,597
    Well spoken my friend!!

    OP,

    There is nothing wrong with nesting dual or more encryption schemes. Many users do that, but just realize that one solid protocol, which you exclusively control, is unbreakable by any reasonable scenario. That said; I have used pgp encrypted files inside encrypted volumes in the past. Its all good!


    Just a hunch, but I am betting a few of those Hollywood "beauties" wish they had read this thread before sending their pics to their Apple cloud. Just one real world example on display to add gravity to this thread.
     
Loading...