Jump to content



Photo

Protected document storage options for iPad ?


  • Please log in to reply
11 replies to this topic

#1 Amamba

Amamba

    Neowinian

  • Joined: 10-January 10

Posted 11 March 2014 - 16:05

Hi y'all, need help.

All of us have some documents they need protecting. I had a solution that worked great for me for years - a Keepass file for passwords, and a Truecrypt container for bank and credit statements. Both were saved in Dropbox and so were accessible from any computer I owned.

I recently bought an iPad to replace Nexus 7 that was driving me nuts with slowdowns and crashes. I ended up liking that iPad a lot more than I thought I would, despite lack of customization and control over OS the thing just works. I spend much more time actually _doing_ things on it. I barely touch the desktop anymore, unless I need to process some photos or do my bills. I have to do my bills from the desktop because that's the only way I can save the statements to my Truecrypt container.

So, here's the question.. What do you use for a protected file storage that can be shared between several different computers and an iPad ?

Is there a way on iOS to access a Truecrypt container from cloud storage ? Does it require caching the entire container locally ?

Is there an online solution that is proven safe ? I understand that nothing is 100% safe online, but a bank level security combined with some sort of file encryption would do.

Right now I am thinking of using AES encrypted 7zip archives with Box.com, but there's got to be a better way.


#2 OP Amamba

Amamba

    Neowinian

  • Joined: 10-January 10

Posted 11 March 2014 - 17:21

To add.. anyone has anything to say about Boxcryptor ?



#3 +BudMan

BudMan

    Neowinian Senior

  • Tech Issues Solved: 89
  • Joined: 04-July 02
  • Location: Schaumburg, IL
  • OS: Win7, Vista, 2k3, 2k8, XP, Linux, FreeBSD, OSX, etc. etc.

Posted 11 March 2014 - 19:47

You do know your ipad data is already encrypted right?  Did you turn on passcode? And if you loose it you an just remotely wipe it
 
http://help.apple.co...ud/#/mmfc0ef36f
Erase your device

Are you storing your account numbers, and SS# on these statements? Most statements no longer have this sort of info on them - and pretty much other than some numbers don't really contain all that much info that all that private.

You can turn off simple passcode and use a better password and even enable wipe on 10 failed.. I would think its secure enough to have some old bank statements on to be honest.

#4 OP Amamba

Amamba

    Neowinian

  • Joined: 10-January 10

Posted 11 March 2014 - 20:18

Yes I know iPad is encrypted, however I want to share data across devices. I need a central storage solution that works with all of my computers, not just one of them.

 

I have no control over what information is being put on statements. Can't rely on each provider making sure they don't put anything sensitive on them. This kind of data simply does not belong in the open.

 

It looks like Boxcrypt could work, I need to figure what it does on iPad.



#5 #Michael

#Michael

    Neowinian Senior

  • Joined: 28-August 01

Posted 11 March 2014 - 20:25

Yes I know iPad is encrypted, however I want to share data across devices. I need a central storage solution that works with all of my computers, not just one of them.

 

I have no control over what information is being put on statements. Can't rely on each provider making sure they don't put anything sensitive on them. This kind of data simply does not belong in the open.

 

It looks like Boxcrypt could work, I need to figure what it does on iPad.

 

Boxcryptor doesn't do anything to or on the ipad itself.  It is an encryption wrapper on a computer that encrypts a file before sending it off to a cloud provider.  The iOS app just allows files from the cloud provider to download to the app itself and be viewed. 



#6 OP Amamba

Amamba

    Neowinian

  • Joined: 10-January 10

Posted 12 March 2014 - 02:31

Well, Boxcryptor could be it, but it's major limitation is that free version only links 2 devices and you need to unlink one of them to add another one. In a household with 4 tablets, 2 smartphones and a few computers, this won't suffice, and I am not paying $50 each year for a Pro subscription.

I decided to keep my Truecrypt container for archiving past data, and use encrypted zip files for current year's statements. Hopefully eventually someone would come up with a reasonable iOS encrypted container solution.

#7 +BudMan

BudMan

    Neowinian Senior

  • Tech Issues Solved: 89
  • Joined: 04-July 02
  • Location: Schaumburg, IL
  • OS: Win7, Vista, 2k3, 2k8, XP, Linux, FreeBSD, OSX, etc. etc.

Posted 12 March 2014 - 11:31

Who exactly are you protecting your files from?  They are encrypted on your ipad as we stated, they are encrypted in the cloud and they use an encrypted transfer method.

 

201-security.jpg

 

So your protecting your bank statements from the company your storing your files with?  Or the government?  Both of which prob have easier ways to access that information ;)

https://www.dropbox.com/help/27/en

https://sugarsync.cu...201/kw/security

 

Look up pretty much every cloud provider - they are very security aware.  I find it unlikely someone at dropbox is looking into your files and thinking - hey I can sell this info for identity theft, etc.  The first case of this would completely shutdown not only dropbox but pretty much every company like them.  So I think they take it pretty serious - prob more so than your CC company or online store you shop with that stores your CC numbers, etc.

 

Its more likely that say your CC company or a store you shop with employee's would sell of this data for profit where this data is just easy search in a database and prob 1000's of peoples info in a nice spreadsheet vs and employee of say dropbox weeding through users files looking for info that might be useful to sell for profit or use themselves..

 

While I agree everyone should be concerned with loss of your personal data..  Curious who guards your mailbox when statements come there? Keep in mind these companies are storing your data like where your original bank/company is storing the information they give you in the statement.  What your doing is hiding the information from the company you trust to store the data for you.. 

 

If your worried that online storage company has access to your encrypted data - I would look to spideroak, I believe their claim to fame is even they do not have access.

 

https://spideroak.com/whyspideroak

Complete Privacy Guaranteed

  • SpiderOak never stores or knows a user's password or the plaintext encryption keys which means not even SpiderOak employees can access the data
  • Our zero-knowledge privacy approach means we can never betray the trust of our users

 

But to me, this is a bit over the top for some bank statements ;)



#8 OP Amamba

Amamba

    Neowinian

  • Joined: 10-January 10

Posted 12 March 2014 - 16:10

Bank statements, credit card statements, tax documents, medical bills... a lot of them have date of birth, full address, full or part social security number - this info needs to be stored somewhere somehow. And most of it nowadays comes in electronic format. This is ID thief's heaven - the whole system of using SSN's is broken, but that's beyond the point.

 

You can leave this information unencrypted in Dropbox, but after several publicized accidents - one when Dropbox opened user accounts for hours to anyone to browse through - I don't trust them much. Or OneDrive, or Google. I have no choice but to trust banks but at least the banks are supposed to have a system in place to vet their employees, and have decades if not centuries of security obsessed corporate culture (not that it prevents any issues), and there are laws that make them responsible for at least some monetary losses of their customers due to internal breeches. I have no idea how cloud services vet their employees, and as far as I know they can read anything in anybody's account and have zero oversight and zero responsibility.

 

You can leave the statements on bank site of course, but good luck getting them if you switch banks, or if your bank is bought out. And many only let you go back 1-2 years.

 

Also, banks and medical offices simply don't have all of your info - just (important) bits related to your business with them.

 

Short of printing every record and locking it up in a safe somewhere - which is really not a good solution anyway - the only sensible approach, in my view, is to assume that some of your data may become compromised sooner or later, and prepare for this by encrypting access. A thief sophisticated enough and equipped well enough to break an AES encrypted file with 12-15 character password likely isn't after your individual data anyway.



#9 #Michael

#Michael

    Neowinian Senior

  • Joined: 28-August 01

Posted 12 March 2014 - 16:18

Bank statements, credit card statements, tax documents, medical bills... a lot of them have date of birth, full address, full or part social security number - this info needs to be stored somewhere somehow. And most of it nowadays comes in electronic format. This is ID thief's heaven - the whole system of using SSN's is broken, but that's beyond the point.

 

You can leave this information unencrypted in Dropbox, but after several publicized accidents - one when Dropbox opened user accounts for hours to anyone to browse through - I don't trust them much. Or OneDrive, or Google. I have no choice but to trust banks but at least the banks are supposed to have a system in place to vet their employees, and have decades if not centuries of security obsessed corporate culture (not that it prevents any issues), and there are laws that make them responsible for at least some monetary losses of their customers due to internal breeches. I have no idea how cloud services vet their employees, and as far as I know they can read anything in anybody's account and have zero oversight and zero responsibility.

 

You can leave the statements on bank site of course, but good luck getting them if you switch banks, or if your bank is bought out. And many only let you go back 1-2 years.

 

Also, banks and medical offices simply don't have all of your info - just (important) bits related to your business with them.

 

Short of printing every record and locking it up in a safe somewhere - which is really not a good solution anyway - the only sensible approach, in my view, is to assume that some of your data may become compromised sooner or later, and prepare for this by encrypting access. A thief sophisticated enough and equipped well enough to break an AES encrypted file with 12-15 character password likely isn't after your individual data anyway.

 

And I thought I was paranoid.  The answer is simple: Don't store any of that information in the cloud.  You cannot prevent the individual companies from storing the information electronically and making it available to you over the internet but that doesn't mean you have to store it anywhere else and make it available.  Do this: Get a NAS and store those documents on the nas.  Then make sure that the storage device is not accessible to the outside world.  You could then use truecrypt to encrypt that storage if you are still paranoid.  Bing, bang, boom...all done.

 

Also...for redundancy and backups..backup the nas to an additional physical hard drive and place that hard drive in a safety deposit box.



#10 OP Amamba

Amamba

    Neowinian

  • Joined: 10-January 10

Posted 23 March 2014 - 19:12

And I thought I was paranoid.  The answer is simple: Don't store any of that information in the cloud.  You cannot prevent the individual companies from storing the information electronically and making it available to you over the internet but that doesn't mean you have to store it anywhere else and make it available.  Do this: Get a NAS and store those documents on the nas.  Then make sure that the storage device is not accessible to the outside world.  You could then use truecrypt to encrypt that storage if you are still paranoid.  Bing, bang, boom...all done.

 

Also...for redundancy and backups..backup the nas to an additional physical hard drive and place that hard drive in a safety deposit box.

 

 

This is not an answer, it's a limitation.

 

I looked at SpiderOak and Wuala, but I don't think I am ready to trust them just yet.

 

Winzip AES256 solution works good for protecting statements, but is a royal PITA for editable documents... as they have to be re-zipped and re-uploaded afer each edit on iPad.

 

For now, I'm afraid that's the only safe, if cumbersome, method. Although CloudOn seem to support password protected Excel files... will check that one, too. None of my spreadsheets have any account #s in them, anyway.



#11 OP Amamba

Amamba

    Neowinian

  • Joined: 10-January 10

Posted 24 March 2014 - 19:46

There's an app called Disk Decipher that reads Truecrypt (and FreeOTFE and LUKS) volumes, even on Dropbox without having to cache the entire container locally.

 

Once I RTFM'd, I was able to open the container in Dropbox and read files. For now it's read only, but I can use Winzip for individual files & transfer them to TC container in bulk later.

 

Highly recommended.



#12 #Michael

#Michael

    Neowinian Senior

  • Joined: 28-August 01

Posted 25 March 2014 - 18:55

There's an app called Disk Decipher that reads Truecrypt (and FreeOTFE and LUKS) volumes, even on Dropbox without having to cache the entire container locally.

 

Once I RTFM'd, I was able to open the container in Dropbox and read files. For now it's read only, but I can use Winzip for individual files & transfer them to TC container in bulk later.

 

Highly recommended.

 

That has to be the worst idea I have seen in a long time.  Talk about a convoluted and wrong implementation.  The moment I saw view only is the moment I said no.  Boxcryptor is what you are looking.  Stop being cheap and buy a subscription for it.