Ugh. This “zero knowledge encryption” is NOT zpf. Just a per user PBE hiding a shared symmetric key.
I kept reading, trying to find the innovative way of encrypting large amount of data while not revealing the same key to all participant - some SSS variant or fast FHE or maybe a cool new PRE.
Also, all value added features besides shipping the bytes are gone when something like this is in effect. Search, preview, co-edit, metadata extraction.
I guess I’m disappointed / venting because of crushed hopes. I’m in this field and hoped something new and exciting is starting. Not trying to criticize the engineering work, which looks quite well done, just sad there isn’t new algorithmic development.
Boxcryptor was originally just a wrapper around Encfs and a Dropbox API client and probably hasn't significantly changed how they worked since they made it a fancy service. I assume that they rebuilt something like Encfs, but closed source.
Another vote for rclone. Let's you easily turn any cloud storage service into one with E2EE encryption. And with 'rclone mount' you can get a network file system easily with decent performance and good local caching.
Boxcryptor clients (client software) probably will stop being updated sometime in the foreseeable future, which at least for mobile will make Boxcryptor nonviable, even in the accountless mode.
Unfortunately Cryptomator isn’t as reliable as Boxcryptor.
> Unfortunately Cryptomator isn’t as reliable as Boxcryptor.
I have not had this experience. I switched to Cryptomator because it was a much smoother and more reliable experience for my use cases. What issues did you have?
I guess both securefs & gocryptfs are more tailored towards mounting encrypted folders locally (i.e. they don't have any support at all for cloud storage systems, that part is left to other tools).
But I guess you can do the same with rclone given that it supports encryption, mounting and the local filesystem.
I am not sure however how they compare in simultaneous read/write access by multiple users.
Just today I was lamenting the lack of Document Provider APIs on Cryptomator Android, I'd like to use it to encrypt my Obsidian vault. Alas the issue is locked and the milestone keeps shifting.
They take donations. I've donated to get a "key" for my copy of Cryptomator, but it doesn't do anything to the software, it's just there to turn off the thing that asks you to donate, I believe. I use it as the primary way to encrypt sensitive documents before cloud syncing them, so I figured it was worth a donation.
There are significant costs to encryption. Any deduplication is gone, losing a single "chunk" invalidates the entire file with no hope of recovery, and, more importantly, support costs are way higher - "I lost a password" becomes "I lost every file, I'll never recover them".
I think this acquisition is mostly because Boxcryptor is somewhat established in the German space and because Boxcryptor has been working together with Dropbox for a long time (since 2016).
Yeah I was trying to find more about ZKP but seems like it’s lord of a marketing gimmick than anything else. On a different note, still don’t understand why did Dropbox buy them,as the tech seems to be pretty basic. May be I’m missing something here.
Data encryption can be decoupled from key encryption. Let's say I hash the content of a file, encrypt the file with its own hash, and then encrypt the hash with the user's password.
This way you can have deduplication of data, and only an attacker that knows the content of the file can decrypt the file, but since they already have the file, it does not matter.
I wonder if ProtonDrive is scaring them a little. The end to end encrypted file storage market was tiny to start and now it’s getting a big name player at last. Tresorit is overpriced, Boxcryptor needed the acquisition and ProtonDrive seems small still.
These products need to be available for end consumers too though not just b2B
This made me realize I haven't heard of any tech acquisition news in real businesses (meaning not crypto) in many months. MANGA isn't gobbling up competition to maintain their monopolies like they used to...
I have a dead simple backup plan that is basically free.
All my essential, must have info is stored on two 128GB microSD cards. One lives in a safe at home. The other I strap to my wrist. The cards are encrypted with BitLocker. A few trusted others have the decrypt/safe key.
The data is as safe as I am --- if not safer. If something does go bump in the night, all I have to worry about is my own personal safety. Even if I die unexpectedly in an accident, search and rescue will still likely deliver the data to my next of kin.
Let's face it --- no one is going to organize a search party if your on-line backup suddenly disappears or is being held hostage for "egress fees".
Not OP, but I have multiple back-ups of things like mortgages, employment confirmations, what passes as letters of recommendation in Germany, educational certifications and diplomas, some other legal stuff thay moght be important and of course all documents from the comoanies I had / have. I do use USB sticks so.
If you have to ask that question, you probably don't need a backup.
Photos, last will and testament, legal documents, bank/accounting/tax info, photocopies of birth certificate/passport/diplomas, source code, login/access credentials, crypto keys, etc., etc.. All the same stuff that people like to use on-line backup for.
Aside from photos/crypto keys, all the other ones are easily replaceable within 2 weeks, at least in my not-the-US country. Source code would be only for any personal projects, as companies usually don’t let you backup their code.
And none of these make sense to have on your wrist 24/7.
So your argument is that everything can be easily replaced? If true, you don't need backup. If everyone was just like you, Dropbox probably wouldn't exist.
I run my own company. I have 20 years of source code and legal documents that are essential to my company --- among other things. Lots of time, effort and money is tied up in this info and it is not easily replaced.
And none of these make sense to have on your wrist 24/7.
You're entitled to your opinion of course but it might carry more weight if you would explain/justify instead of merely state.
Recently I’ve been chasing down old medical records. Once you cross the 7-15 year threshold from your last encounter with a healthcare organization, they often destroy the records even if they were digitally kept. Sometimes that is not altogether a good thing depending on your personal or genetic/familial medical history. And in the US at least, medical records are generally the property of the provider (organization). Restoration isn’t guaranteed.
Less than ten years after I graduated high school, the district had already migrated SIS platforms and had lost my freshman year transcripts. I have the only copy.
I’m in the same position as you with respect to having business records that I’m the custodian of, which aren’t readily or realistically restorable if I don’t make my own backup arrangements.
For anything truly important, you can’t assume someone else has your disaster recovery interests in mind.
I know exactly where my data is at all times. And I know it is at least as safe as I am. Actually, it is safer since I keep 2 copies --- one stays at a fixed location and one travels with me at all times.
I spent some time contemplating the possibilities and this is a simple, easy plan that will likely survive even my death.
I always update the one on my wrist as needed first. If there are lots of changes, I use XCOPY to scan/copy updated files only from the wrist card to the one kept in a safe. Otherwise, I may make the same updates to both manually.
I have a cheap digital watch with a "data vault" that I have added. This is a 3-D printed plastic device with a latching slot for holding/protecting the card.
I kept reading, trying to find the innovative way of encrypting large amount of data while not revealing the same key to all participant - some SSS variant or fast FHE or maybe a cool new PRE.
Also, all value added features besides shipping the bytes are gone when something like this is in effect. Search, preview, co-edit, metadata extraction.
I guess I’m disappointed / venting because of crushed hopes. I’m in this field and hoped something new and exciting is starting. Not trying to criticize the engineering work, which looks quite well done, just sad there isn’t new algorithmic development.