If you work with several computers, sharing data between them, you probably:
- Go around with a memory stick all the day.
- Use a online file-sync service.
For convenience, I use the second option. I have some files in the cloud, so they are always accessible and updated from any PC I use (three PCs at work and my laptop at home/wherever). In fact, I can even access them from my phone. For that, I greatly recommend Dropbox. I’ve already talked about it, but in Catalan, so I will make a short summary for English speakers (the Google translation is not so good).
How Dropbox works
- Create an account.
- Install the software on one computer (be the OS Linux, Windows or Mac).
- Link the software to your account.
- Decide which folder you want to sync. All the contents of the folder are uploaded to Dropbox servers, in real-time (well, as fast as your connection allows). Any modification/deletion/addition of files is automatically updated, with no user intervention.
- Install the software on another computer.
- Link again to your account.
- Decide which folder to share. The contents of the folder are synchronised with the server, or what is the same: the two folders of your computers are always synchronized between them as soon as they have access to the network (usually, at boot up).
- Repeat steps 5,6, 7 in many computers as you want.
Pros:
- No need to manually sync every time you modify the files, it is automatically done (you can check the sync status).
- You have local copies of the files, so you can work if network is not available.
- You can even access to your files via a web browser.
- Data transfer between server and clients is encrypted.
Cons:
- You have a local copies of the files on each computer, so it could be considered “wasted space” for some people (I prefer to say redundancy :) ).
- Dropbox workers could have a look at you files, even if they say they are not going to. They are on their servers, so…
Making Dropbox safer: Truecrypt is your friend
If you like the idea of using Dropbox, but you are worried about your privacy, or you have to store sensitive/confidential data, there is a solution to the dilemma. Do not share files; share encrypted files.
Truecrypt allows you to create encrypted partitions or containers. A container is a file which can be used as a partition or disk drive, encrypted and protected with a password. Actually, it can be encrypted with a password + a key file, but then you always need to have at hand this file for accessing to it. As I like lists a lot, I will explain how to use Truecrypt in this way.
To create your encrypted container:
- Install Truecrypt software on you computer.
- Execute it, and follow the wizard to create a virtual volume.
- That’s all! :D
How to use the container:
- Run Truecrypt.
- Select the file (container) you have created before, and mount it.
- Now you should have a new disk drive/partition available on you system. Copy files to it as you would normally.
- Unmount the volume using Truecypt.
Quite simple, right? So, what’s the deal with Dropbox? You can put the encrypted container inside the Dropbox shared folder, so instead of getting access to all the files, they only receive a single encrypted file with no idea of what’s in there. Sure that they could try to crack it, but its like if somebody would like to hack your server by brute force (not impossible, but at least quite difficult).
To be sincere, there is a couple of drawbacks on that:
- You have to manually mount and unmount the encrypted file each time you want the data to be synced. While the volume is open, Dropbox will not sync it as it is considered to be “used by another application”.
- The sync is slower, as instead of just updating the files you have changed, it has to update the whole encrypted file.
I have found a balance between convenience and privacy putting on the encrypted volume just the sensitive files or personal data (e.g., pictures and documents), and outside of the container (but still inside the shared folder) the files that are not important but I want accessible and updated at all times.
Please keep in mind, that if you frequently update your encrypted volume in dropbox and when your encrypted container is nearly full. Its easy for dropbox or gouvernment authorities to extract the encryption key from the volume file and use it to access your data. This is as dropbox will keep previous versions of the file on the servers. and the encryption/decryption key inside the container file is the only thing that will not change over time during usage of the volume. Even changing the passphrase on the container IS NOT changing the decryption key. Be careful, your volume is not 100% safe on dropbox due to the key reveal problem. (Each truecrypt container stores the encryption key in a different place inside the file else it would be trivial to extract the key and to get all files without knowing the passphrase.)
I was told rhat Truecript was the toughest encryption to crack. Now reading the above statement about using Truecript with Dropbox my encripted folder key and be discovered? Can you explain this. Thanks
I’d like to use that solution, but because I do not have admin rights on my work pc, I am not able to run Truecrypt even in portabel mode.