Tuesday, 5 July 2011

Dropbox and Encryption

 This is a subject thats had quite a bit of attention recently. Mainly due to Dropbox changing their terms and conditions of use. Now I'm not a lawyer or understand legal-speak, but what it appears to boil down to is that Dropbox can now open/read/own your documents should they choose to (OK this might be stretching it, but lets look at worst case scenario)


So we want to maintain using Dropbox to keep in sync between all your machines, but encrypt the data.

My normal encryption of choice is Truecrypt, as I use that on all my portable devices. However this is great on local machines, it doesn't really scale very well as it creates a single encrypted 'volume' on the target, so in this case would create a huge 1-2Gb file on my Dropbox. So when I changed something, the entire file would appear 'changed' to Dropbox and it would start re-syncing the whole thing. No problem on most of my connections/machines, apart from my rubbish home DSL connection which can barely manage 2Mb download at times, and if you shove too much data over it the PPP session fails and you start the PPP ping-pong at the exchange (Thats a whole different story. Who'd have thought somebody working for an ISP would have broadband problems....)

Anyway, so what I have is my dropbox on my work laptop, my home server and a windows VM desktop. Handy keeping all 3 in sync. My home Ubuntu server keeps a local copy, and does a daily rsync to a local HDD NAS, so I've always got a backup at home. My works laptop is an Ubuntu desktop, and my VM desktop is on Windows 7, so all 3 have to be compatible with the final solution, and as seamless as possible.


In comes Encfs, which looks ideal, loads of tutorials for Ubuntu, mac, etc, so looks good, its built on top of FuseFS which integrates with PAM authentication nicely, and there is a handy tutorial for setting up at pragmattica.wordpress.com/2009/05/10/encrypting-your-dropbox-seamlessly-and-automatically/ So that looks fine for my Ubuntu systems.

However the windows machine is still a problem. Looking around Boxcryptor looks like it solves it, as its a windows solution built around EncFS www.boxcryptor.com/support.html and it supports generally.


However after setting up my encrypted volume, etc, I found a few problems between the two versions. Firstly my Ubuntu desktop is running an older version of EncFS (version 1.6), which apparently Boxcryptor is incompatible with, so immediately my windows machine fails to connect with the encrypted dropbox with an incompatibility error. Hmph, so looks like I need to get on and do the upgrade of my laptop (I've been holding off on the latest version release).

Will carry this out and see how it goes, so for now I've got encryption all sorted, my linux machines are happy, just not windows. Ah well, a minor price to pay temporarily. I can always get the data from my NAS when I need it I guess.


Oh and if you haven't got a dropbox, then sign up via my referrer url at db.tt/0dLLilw Each referrer you send, you get some additional free space, which is nice!

No comments:

Post a Comment