WingNews logo WingNews GitHub [2]
top | item 20367158

How I encrypt my data in the cloud

151 points| robertjfclarke | 6 years ago |robertclarke.com

99 comments

order
[+] imiric|6 years ago|reply
I wouldn't trust a closed-source tool like Boxcryptor for encryption of sensitive data. Cryptomator looks interesting, though it's still a relatively new tool, and I'd be hesitant to rely on it.

For my personal backups I use a combination of tar, pixz, and GnuPG. There's no fancy deduplication, and it's definitely not efficient, but it's relatively simple and I can restore individual files with ease.

I run a variation of the following command occasionally:

  tar -C / \
    --exclude='dev/*' \
    --exclude='home/*/.cache' \
    --exclude='lost+found' \
    --exclude='mnt/*' \
    --exclude='proc/*' \
    --exclude='run/*' \
    --exclude='sys/*' \
    --exclude='tmp/*' \
    --exclude='var/cache/*' \
    --exclude='var/lib/docker*' \
    -cvf - . | pixz | gpg2 -e -r $PGPID \
    | ssh host 'cat > /backup/root.tpxz.gpg'
Then I generate an encrypted index file for quick lookups, create checksum and PAR2 repair files, and upload all of it to Wasabi, while keeping a local copy.

Wasabi may not be the cheapest storage solution, but they have no egress charges, which makes recovery a non-issue. Good speeds and S3 compatibility are also great. Don't want to run an ad for them, just a happy customer.

[+] m0zg|6 years ago|reply
Wasabi does have some not-entirely-true advertising on their web site though. If you don't download (which you typically don't if you're doing backups), all cloud providers are cheaper than Wasabi on per-TB-mo basis. Google Coldline or Amazon Glacier, for example, are $4 TB-mo (and Google is about to roll out $1.23 TB-mo "archive" option). Azure seems to have "archive" option for $1 TB-mo (LRS Archive option, advertises the same "11 nines", tho the price is so low, there's got to be a catch)

The Wasabi offering seems to be equivalent to the "hot" storage options, which, I agree, is crazy expensive in the cloud if you do a lot of egress.

[+] C14L|6 years ago|reply
I used to do it this way too, but recently switched to `encfs` and simply sync the encrypted directories. So only modified files (with encrypted filenames and content) are sync'ed.
[+] judge2020|6 years ago|reply
I use Cryptomator but it does "phone home" for version checks so I keep an old version of the installer just in case.
[+] kayoone|6 years ago|reply
i guess a main point for Boxcryptor is easy access through mobile apps, does your solution provide that?
[+] tdurden|6 years ago|reply
Arq [1] works very well for me, it is compatible with various cloud providers as well as personal servers.

1. https://www.arqbackup.com/

[+] microtonal|6 years ago|reply
I love Arq. I use Arq to backup to a local server via sftp and remotely to B2 (which has very affordable storage). I have used Arq for many years, and regularly restore files through Arq.

On Linux, I use restic, which can also backup to B2 (and via sftp, obviously). restic has this nice feature where you can mount the backups at some destination as a FUSE filesystem. Makes it very easy to go through backups and recovering the bits you need.

[+] eeeeeeeeeeeee|6 years ago|reply
I have been using Arq for years and it has saved me numerous times. I backup to Amazon Drive, which is about $60/year, but it supports most of the major object store providers.
[+] rsync|6 years ago|reply
Arq backup is fantastic and will work with any SFTP endpoint - not just name-brand (proprietary) cloud services.
[+] darkteflon|6 years ago|reply
I’ve been using Arq for years and also find it to be excellent.
[+] StavrosK|6 years ago|reply
I use Borg and rsync.net [1]. I recently switched to Restic which is pretty much the same as Borg but doesn't need a corresponding server, it can back up to dumb storage. It's been going well, I think I prefer it to Borg.

[1] https://www.stavros.io/posts/holy-grail-backups/

[+] trulyrandom|6 years ago|reply
You can also use sshfs in combination with borg to eliminate the need for the server to support borg.
[+] bdibs|6 years ago|reply
Restic is a great choice also.

You can store files/backups/whatever encrypted with support for many popular endpoints (local filesystem, S3, Backblaze B2).

[+] Fnoord|6 years ago|reply
I use Nextcloud on Synology with WebDAV. It is encrypted on the filesystem level.

Then I use a bunch of free cloud providers (including TransIP STACK who gave 1 TB for free at some point) together with Cryptomator [1] which is a cross-platform (Windows, Linux, macOS, Android, and Cyberduck/Mountainduck also support it) Java program. The advantage of it, is it abstracts the filesystem and WebDAV. So you see the decrypted data on a separate filesystem layer, allowing all your normal applications to work. It is also FOSS and gratis.

Is it the best option? I don't know. I like the mentioned advantages. I've never used Arq, for example, but it not working on Linux and Android is a dealbreaker for me.

As for cold wallets, quoting the article:

> Offline wallets are the best way to go for storing a larger amount of cryptocurrency. I use ColdTi wallets to store multi-sig private keys. ColdTi is essentially just a slab of titanium that comes up with a punch set that can be used as a fire-proof seed backup. Very handy :)

These are useless in a case of fire.

[1] Already mentioned multiple times in other posts at the time I wrote this. https://cryptomator.org

[+] reacharavindh|6 years ago|reply
I just tried boxcryptor in my Ubuntu Workstation. It was burning through 40%+ CPU on all 4 cores while it is not being actively used! Don't know if it is a simple bug or just designed without an eye for resource usage.

On the other hand, I ended up learning about scrypt(written by Collin Percival, who works on FreeBSD a lot and runs Tarsnap), and restic which in layman's view appears to be a better borg.

[+] b1gtuna|6 years ago|reply
Considered rclone instead of boxcryptor? If you are worried about data security, I'd be wary of using a closed source encryption service.
[+] mus1cfl0w|6 years ago|reply
I do pretty much the same but moved away from Boxcryptor to Cryptomator as it's open source :)
[+] Perceptes|6 years ago|reply
I'd never heard of Boxcryptor. Does anyone else use this? I'm not sure I understand why I need to sign up for an account to use it if its entire purpose is to do client-side encryption.

Also, it's not quite the same functionality, but this also reminds me: For a long time I've used Knox (by AgileBits, the same company that makes 1Password) for encrypted disk images, but they no longer sell or maintain it. It works just fine, but I should probably find a replacement that's still maintained, at least for security updates. Anyone know a good alternative? VeraCrypt (mentioned in the article) seems like one possibility.

[+] robertjfclarke|6 years ago|reply
Veracrypt is a great piece of software, but it isn't as easy to integrate across various platforms. Boxcryptor is great because they have iOS/Android/etc. apps.
[+] daveidol|6 years ago|reply
Try Cryptomator instead! It's free and open source and does essentially the same thing (no account required)
[+] bootlooped|6 years ago|reply
You must sign up for an account to use Boxcryptor because it is paid software. That is the only reason as far as I can tell. As far as I know their servers do nothing for you once you have installed the software on your devices.
[+] hrunt|6 years ago|reply
Boxcryptor[1] started out as an EncFS[2] implementation. At the time, EncFS was the only real good solution for file-based encryption. Solutions like TrueCrypt are disk-based, which means for cloud syncing solutions like Dropbox, one file -- the entire disk volume -- gets synced, and every time a file changes, the entire disk gets synced again. EncFS encrypts individual files, which works great for file-based syncing services.

Boxcryptor offered a client for macOS, Windows, Android, and iOS that worked really well, and if you needed Linux support, one could install EncFS and use it transparently on that platform. Boxcryptor charged for a creating volumes with more advanced EncFS settings, but if you created the EncFS volume with those advanced settings using EncFS itself (e.g. on a Linux machine), the free version of Boxcryptor could read and write those volumes with those settings.

In 2013, the people who ran Boxcryptor wrote a second version that implemented a proprietary, unpublished encryption and/or file management scheme. They relegated the previous version to an unmaintained Boxcryptor Classic product and eventually removed it.[3] The proprietary version is what is offered today.

IF you want Boxcryptor-like functionality today, the EncFS4win project[4] is a good solution for Windows. EncFS can be installed via Homebrew[5] on macOS and its volumes mounted via a shell script or some FUSE GUI managers. You can install EncFS on Linux and use gencfsm[6] for a GUI manager. The Windows, macOS, and Linux implementations all use FUSE for exposing the encrypted files via a native filesystem interface. For Android, Encdroid provides an application browser for volumes. I am unaware of an iOS solution. I use the FUSE systems to keep certain sensitive cloud documents synced between my Windows, macOS and Linux machines while still being able to edit and use them like normal files on those systems.

EncFS does have a few attack vectors they have been slowly addressing. It also suffers from the same problem that all cloud-synced file-based encryption systems suffer; someone could restore your cloud files to a previous known version without your knowledge. The file-based encryption does not prevent what is in effect a replay attack. A research paper proposed a solution -- CryFS[7] -- with some solutions for this problem, but the implementation is immature.

(edited for formatting)

1. https://www.boxcryptor.com/en/

2. https://vgough.github.io/encfs/

3. https://www.boxcryptor.com/en/blog/post/6-years-of-boxcrypto...

4. https://encfs.win/

5. https://formulae.brew.sh/formula/encfs

6. https://moritzmolch.com/apps/gencfsm/

7. https://www.cryfs.org/

[+] joyjoyjoy|6 years ago|reply
I found it extraordinary difficult to build your own encrypted cloud.

Options:

1. Truecrypt container. CON: Upload takes to long

2. ecryptfs CON Always had problems getting it to work. AFAIK it is not under current development anymore.

3. Run a FS in a mounted contaner (Filesystem in a FILE). Slow. Not very stable. Under no circumstance use ext4 or something like it, if you really want to try this, use ZFS to avoid data corruption

4. CryptFS. Great Idea but slow as f.. https://www.cryfs.org/comparison/

In the end I did not the cloud as a second backup for a large system (10TB) since I found no safe, fast and reliable way.

[+] unethical_ban|6 years ago|reply
That is why I like ZFS: Its send/recv function can do block level syncing, so while the first upload will take a while, subsequent syncs will be much smaller.

Of course, unless you stand up your own VM with a ZFS partition, there are few cloud options for ZFS.

[+] pella|6 years ago|reply
> 4. CryptFS. Great Idea but slow as

"CryFS solves all of these issues, but because of the increased security it is a bit slower. It is also a very new project and currently only available for Linux and Mac, but has experimental Windows support in the newest version. So if you don't need Windows support today, you can give it a try." https://www.cryfs.org/comparison/

[+] hedora|6 years ago|reply
I bought a synology, and used their solution.

Haven’t tried a full restore, but I occasionally browse old backups and download something as a spot check.

I would much prefer a turn key open source solution that’s commercially developed/supported by one firm (but not tied to that company’s hosting).

Maybe someone will release something under the BSL, and build a healthy company out of it.

[+] techpop10|6 years ago|reply
Interesting but wonder if this type of encryption ruins Dropbox business model since it keeps them from de-duping anything. I couldn't care less about Dropbox's business model... just curious.
[+] newscracker|6 years ago|reply
Of course any kind of encryption does make a dent in Dropbox's margins, since Dropbox's model is to dedupe data across all its customers but yet charging everyone as if the space used is strictly by their data alone. But the follow up question would be how much of personal (non-public and non-shared) data do people store vs. how much publicly available or shared data (not necessarily free) data they store in their Dropbox accounts for this to make enough of a dent.
[+] dunham|6 years ago|reply
I doubt Dropbox gains much from deduping between customers, but I'd love to see some data to the contrary. Last I knew they weren't sharing that, but most of my data is unique to me and anything I'd want to encrypt is unique to me.

I think they do gain a lot from selling 2TB to people using 30GB and selling additional users of the same <3TB of data to enterprises. (That's gotta be pretty sweet profit if they have takers - $12.50 more a month for zero additional storage and a little more data transfer.)

[+] xchaotic|6 years ago|reply
"$4 per TB/month" so 16 X 12 = $192+tax not a insignificant amount even in a first world country and probably a deal breaker for people living in poorer countries.
[+] GordonS|6 years ago|reply
4TB is a lot of personal data - $192/y for that isn't cheap, but I wouldn't call it expensive either for a first world country. And I suppose syncing masses of personal data to an archive across the world is kind of a 1st world problem.
[+] votepaunchy|6 years ago|reply
Note that AWS offers archival storage for $1/TB-month and Google has promised $1.23/TB-month later this year. These prices are competitive with raw storage, so the alternative is to go without backup.
[+] eeeeeeeeeeeee|6 years ago|reply
That's a fairly normal price. I pay $60/year for Amazon Drive, which has a 1TB limit (no charge for data transfer), that I don't even come close to approaching.
[+] burmecia|6 years ago|reply
I think the best approach is never save unencrypted data on cloud. Always encrypted on client first. But by that way we lost dedup capability, so we have to do everything, such as encryption, dedup and compression on client side. I made an in-app file system dedicated for that purpose. https://github.com/zboxfs/zbox
[+] viraptor|6 years ago|reply
> But by that way we lost dedup capability

This depends on how secret do you want your data to be. You could use block-based encryption/compression and backup. That way you can still dedup encrypted result.

If anyone can inject data into your system and monitor the backup, they could learn when they hit collisions, but for most personal backup cases that's irrelevant.

[+] philips|6 years ago|reply
I think this is a really compelling approach!

What sorts of applications have started to adopt this?

I also thought a different layer to start at would be sqlite databases since I understand that many mobile application use that.

How do applications handle conflicts? It looks like there is a version on files but when is a new version created? On close?

Do you see GDPR or any other compelling event that will cause applications to consider this sort of cloud storage?

[+] sandGorgon|6 years ago|reply
Or use Tarsnap.com - Online backups for the truly paranoid
[+] ur-whale|6 years ago|reply
None of the tools described in the article are open-source. Call me paranoid, but that doesn't pass my bar, both from a security pov and from a long-term recover-ability pov.
[+] Youden|6 years ago|reply
I like encrypted ZFS snapshots. There are tools to automate the process of creating and uploading them and they handle incremental backup and restore painlessly.
[+] inovica|6 years ago|reply
I tried Boxcryptor, but didn't like how it worked, so have built something else myself and been using it in one of my companies (distributed) for over a year now. The side benefit is that by being able to encrypt at the folder level I now can give different permissions to different teams but within the one Dropbox account. If anyone is interested in a beta when I release it drop me a message - contact info in my profile
[+] willtim|6 years ago|reply
I've been working on my own encrypted and de-duplicated backup solution using libsodium. It's early days and progress is slow with limited spare time, but it works well enough for my own use already. I wanted to avoid any closed source or even lesser-used open-source encryption.

https://github.com/willtim/Atavachron

[+] m0zg|6 years ago|reply
I just do Backblaze with a client-side key. Cheap and effective. I do wish they had a Linux daemon client. I'd pay more for that.
[+] bronco21016|6 years ago|reply
I use Cryptomator tied to a WebDAV instance on my server for most of the same use cases. The one thing I feel it’s missing is a gallery type feature for photos so you can see thumbnails and swipe left to right through the files. I’m not sure how this would work in practice with the encryption but it would really make it a killer encryption app for me.
[+] cheschire|6 years ago|reply
It really is the only missing feature. It gets frustrating trying to show a specific photo from an event to a friend when I have to guess which number in a series a photo was.