I am using encFS for all data that gets backed up (on USB disc and in the cloud). Its easy to set up, and files get not stuffed into a "container" but they remain seperate files, with their file names and contents encrypted.
If a file is changed on disc, then only that single encrypted file is changed and Dropbox can upload it like any other file.
I also have one backup of my work PC sync every day to my webserver, using rsync. Its publicly accessible on the server, but who cares, its encrypted.
The unmentioned big issue with truecrypt is that encryption messes up dropbox's ability to do just do diffs, so syncing is noticeably slower. I'm fine with that though, because the (important) data I keep there is only updated 1 or 2 times/year.
Yes. I did an experiment to see just how much the diff was amplified by TrueCrypt. For a 1MB file change inside the TrueCrypt container, DropBox would have transferred 8x the normal amount. [1]
Fine for scenarios like you mention, but the "Everything" option suggested by the article is probably not a good idea.
Dropbox works brilliantly for sharing/syncing non-private files, but I don't think it makes sense to try to patch on something to make it work for truly private files. In my experience, the added security of encryption always comes with some inconvenience, but TrueCrypt volumes sound really inconvenient (like dealing with conflicts if the volume was mounted on multiple computers at the same time).
I'd rather lose the convenience of the web interface, etc. and have locally encrypted files that are only accessible to me.
What about adding encryption on top of a tool like lipsync (https://github.com/philcryer/lipsync) as an alternative to Dropbox for private files?
The issue with Dropbox recently is that for 4 hours, there was no password check. So it's not as much to protect public/shared files, but to protect all files you have on Dropbox, in the eventuality someone gets full access to your account.
Right, but you should have been assuming all along that your Dropbox files could be made public given that they are not locally encrypted. The recent security breach just drives home this point.
My point is that we need something like Dropbox but with local encryption. Putting a TrueCrypt volume on Dropbox isn't a practical solution, IMHO.
Yes, of course. From your previous messages it was looking like you were assuming that private files were "safe", that's why I wanted to add the detail.
I agree as well on the need for an encrypted solution. I'm surprised that Dropbox hasn't been proposing this already. Well, unless they intend to have access to the contents, themselves..
Yes, I would love to see a built-in feature for designating a folder in Dropbox as "super private", e.g. encryption happens on the client side and there is no web interface or ability to share subfolders.
Until that happens, I'm looking for a non-Dropbox alternative for syncing files I would prefer remained private.
For Mac OS X or Linux users, does anyone know an equivalent script to the batch script at the end of the post that would make Dropbox wait until the TrueCrypt virtual drive has been mounted?
My email contains far more sensitive information than Dropbox holds. I still let Google see my unencrypted emails without bitching.
I can't comprehend why people who are less than 1% of dropbox users think the service should change to be something it isn't for a feature they don't get or demand elsewhere.
If a file is changed on disc, then only that single encrypted file is changed and Dropbox can upload it like any other file.
I also have one backup of my work PC sync every day to my webserver, using rsync. Its publicly accessible on the server, but who cares, its encrypted.