Main Area and Open Discussion > General Software Discussion

Cloud-storage - safe & secure? Consider Wuala (it's encrypted as well).

<< < (2/12) > >>

Deozaan:
SpiderOak also does client-side encryption. FYI.

IainB:
Interesting. It looks as though we have here - so far, from the above comments - at least three (3) client-side encryption cloud-storage services:

* 1. Wuala (per IainB)
* 2. Carbonite (per @db90h)
* 3. SpiderOak (per @Deozaan)
About Wuala: (as far as I have been able to establish by this point)

* Has a client application that encrypts/decrypts the data synced/sent to/from the cloud-storage. The files as stored on the local drive are encrypted, then sent in encrypted form between client and cloud-storage.
* The data on your local drive is presented by the client application in a proprietary file explorer window. (I have not yet established where it is stored logically on the disk in C:\Users\[USER]\AppData\Local\Wuala)
* The proprietary file explorer window shows/holds folders and files in the same structure as held on the cloud-storage.
* You can read and edit the files in the proprietary file explorer window, which are encrypted/decrypted for the local editing application.
* Installing the client application necessitates a system reboot.
* The first time you run the client application, it asks for your user account details, or whether you want to set up a user account.
* If you want to set up a user account, then the client application walks you through user account setup.
* The application takes/uses whatever string you give it as an account PASSWORD at setup. I presume that it is related to the encryption key somehow. (You can change the PASSWORD subsequently, if you wish.)
* You are warned that if you lose/forget the PASSWORD, then you have lost all your data also (unrecoverable), as the PASSWORD is not stored or known in the cloud-storage side.
* The client application asks you to set a memory-nudging note in case you forget the PASSWORD. (The note is stored.)
* The client application can store the PASSWORD if you select that as an option, otherwise you have to type it in every time you start up the client application. (I think I prefer the latter, for security.) The application does not tell you what the PASSWORD is.
* The client application can be started manually or by default as a Windows startup.I suspect that law enforcement is actively engaged in trying to deter these cloud storage services from offering true client side encryption, as it makes their jobs a bit harder in some cases.
-db90h (April 28, 2012, 03:13 PM)
--- End quote ---
Yes, probably so. Wouldn't surprise me one bit.     :huh:

phitsc:
One annoyance with at least Wuala and Spideroak is that their mobile clients for Android and iOS do not support uploading into the cloud yet.

J-Mac:
One annoyance with at least Wuala and Spideroak is that their mobile clients for Android and iOS do not support uploading into the cloud yet.
-phitsc (April 29, 2012, 04:46 PM)
--- End quote ---

Not sure that you could encrypt files on Android or iOS. And neither platform is proving to be very secure. That might be a readon why they are struggling to add the feature. Just a guess.   :)

Jim

IainB:
The Snowden leaks and revelations about wholesale NSA surveillance have made a mockery of what we might have imagined to be true about the security/confidentiality/privacy of our personal Cloud-based data, services and telecommunications in general.
The abrupt closure of secure and encrypted email service providers Lavabit and then Silent Circle should provide more than sufficient justification for us all to worry about our own personal safety from threats from the State.

On 2013-08-15, Google announced: Google Cloud Storage now provides server-side encryption

I am underwhelmed by this and do not understand why Google chose to announce this at all, it seems so pointless. Maybe they were told to, to allay people's fears? Whatever the motivation, the unspoken implication seems to be that your data will be safe from access by others - e.g., (say) criminals - but that definitely doesn't preclude US State-approved surveillance of all that is yours.

Wuala and the few others like them would seem to be looking increasingly attractive.

And now we may have some new suspicions as to why Digital Lifeboat was shut down - refer Secure Cloud backup -e.g., Digital Lifeboat - what alternatives are there?

Navigation

[0] Message Index

[#] Next page

[*] Previous page