Amamba Posted March 11, 2014 Share Posted March 11, 2014 Hi y'all, need help. All of us have some documents they need protecting. I had a solution that worked great for me for years - a Keepass file for passwords, and a Truecrypt container for bank and credit statements. Both were saved in Dropbox and so were accessible from any computer I owned. I recently bought an iPad to replace Nexus 7 that was driving me nuts with slowdowns and crashes. I ended up liking that iPad a lot more than I thought I would, despite lack of customization and control over OS the thing just works. I spend much more time actually _doing_ things on it. I barely touch the desktop anymore, unless I need to process some photos or do my bills. I have to do my bills from the desktop because that's the only way I can save the statements to my Truecrypt container. So, here's the question.. What do you use for a protected file storage that can be shared between several different computers and an iPad ? Is there a way on iOS to access a Truecrypt container from cloud storage ? Does it require caching the entire container locally ? Is there an online solution that is proven safe ? I understand that nothing is 100% safe online, but a bank level security combined with some sort of file encryption would do. Right now I am thinking of using AES encrypted 7zip archives with Box.com, but there's got to be a better way. Link to comment Share on other sites More sharing options...
Amamba Posted March 11, 2014 Author Share Posted March 11, 2014 To add.. anyone has anything to say about Boxcryptor ? Link to comment Share on other sites More sharing options...
+BudMan MVC Posted March 11, 2014 MVC Share Posted March 11, 2014 You do know your ipad data is already encrypted right? Did you turn on passcode? And if you loose it you an just remotely wipe it http://help.apple.com/icloud/#/mmfc0ef36f Erase your device Are you storing your account numbers, and SS# on these statements? Most statements no longer have this sort of info on them - and pretty much other than some numbers don't really contain all that much info that all that private. You can turn off simple passcode and use a better password and even enable wipe on 10 failed.. I would think its secure enough to have some old bank statements on to be honest. Link to comment Share on other sites More sharing options...
Amamba Posted March 11, 2014 Author Share Posted March 11, 2014 Yes I know iPad is encrypted, however I want to share data across devices. I need a central storage solution that works with all of my computers, not just one of them. I have no control over what information is being put on statements. Can't rely on each provider making sure they don't put anything sensitive on them. This kind of data simply does not belong in the open. It looks like Boxcrypt could work, I need to figure what it does on iPad. Link to comment Share on other sites More sharing options...
#Michael Posted March 11, 2014 Share Posted March 11, 2014 Yes I know iPad is encrypted, however I want to share data across devices. I need a central storage solution that works with all of my computers, not just one of them. I have no control over what information is being put on statements. Can't rely on each provider making sure they don't put anything sensitive on them. This kind of data simply does not belong in the open. It looks like Boxcrypt could work, I need to figure what it does on iPad. Boxcryptor doesn't do anything to or on the ipad itself. It is an encryption wrapper on a computer that encrypts a file before sending it off to a cloud provider. The iOS app just allows files from the cloud provider to download to the app itself and be viewed. Link to comment Share on other sites More sharing options...
Amamba Posted March 12, 2014 Author Share Posted March 12, 2014 Well, Boxcryptor could be it, but it's major limitation is that free version only links 2 devices and you need to unlink one of them to add another one. In a household with 4 tablets, 2 smartphones and a few computers, this won't suffice, and I am not paying $50 each year for a Pro subscription. I decided to keep my Truecrypt container for archiving past data, and use encrypted zip files for current year's statements. Hopefully eventually someone would come up with a reasonable iOS encrypted container solution. Link to comment Share on other sites More sharing options...
+BudMan MVC Posted March 12, 2014 MVC Share Posted March 12, 2014 Who exactly are you protecting your files from? They are encrypted on your ipad as we stated, they are encrypted in the cloud and they use an encrypted transfer method. So your protecting your bank statements from the company your storing your files with? Or the government? Both of which prob have easier ways to access that information ;) https://www.dropbox.com/help/27/en https://sugarsync.custhelp.com/app/answers/detail/a_id/201/kw/security Look up pretty much every cloud provider - they are very security aware. I find it unlikely someone at dropbox is looking into your files and thinking - hey I can sell this info for identity theft, etc. The first case of this would completely shutdown not only dropbox but pretty much every company like them. So I think they take it pretty serious - prob more so than your CC company or online store you shop with that stores your CC numbers, etc. Its more likely that say your CC company or a store you shop with employee's would sell of this data for profit where this data is just easy search in a database and prob 1000's of peoples info in a nice spreadsheet vs and employee of say dropbox weeding through users files looking for info that might be useful to sell for profit or use themselves.. While I agree everyone should be concerned with loss of your personal data.. Curious who guards your mailbox when statements come there? Keep in mind these companies are storing your data like where your original bank/company is storing the information they give you in the statement. What your doing is hiding the information from the company you trust to store the data for you.. If your worried that online storage company has access to your encrypted data - I would look to spideroak, I believe their claim to fame is even they do not have access. https://spideroak.com/whyspideroak Complete Privacy Guaranteed SpiderOak never stores or knows a user's password or the plaintext encryption keys which means not even SpiderOak employees can access the data Our zero-knowledge privacy approach means we can never betray the trust of our users But to me, this is a bit over the top for some bank statements ;) Link to comment Share on other sites More sharing options...
Amamba Posted March 12, 2014 Author Share Posted March 12, 2014 Bank statements, credit card statements, tax documents, medical bills... a lot of them have date of birth, full address, full or part social security number - this info needs to be stored somewhere somehow. And most of it nowadays comes in electronic format. This is ID thief's heaven - the whole system of using SSN's is broken, but that's beyond the point. You can leave this information unencrypted in Dropbox, but after several publicized accidents - one when Dropbox opened user accounts for hours to anyone to browse through - I don't trust them much. Or OneDrive, or Google. I have no choice but to trust banks but at least the banks are supposed to have a system in place to vet their employees, and have decades if not centuries of security obsessed corporate culture (not that it prevents any issues), and there are laws that make them responsible for at least some monetary losses of their customers due to internal breeches. I have no idea how cloud services vet their employees, and as far as I know they can read anything in anybody's account and have zero oversight and zero responsibility. You can leave the statements on bank site of course, but good luck getting them if you switch banks, or if your bank is bought out. And many only let you go back 1-2 years. Also, banks and medical offices simply don't have all of your info - just (important) bits related to your business with them. Short of printing every record and locking it up in a safe somewhere - which is really not a good solution anyway - the only sensible approach, in my view, is to assume that some of your data may become compromised sooner or later, and prepare for this by encrypting access. A thief sophisticated enough and equipped well enough to break an AES encrypted file with 12-15 character password likely isn't after your individual data anyway. Link to comment Share on other sites More sharing options...
#Michael Posted March 12, 2014 Share Posted March 12, 2014 Bank statements, credit card statements, tax documents, medical bills... a lot of them have date of birth, full address, full or part social security number - this info needs to be stored somewhere somehow. And most of it nowadays comes in electronic format. This is ID thief's heaven - the whole system of using SSN's is broken, but that's beyond the point. You can leave this information unencrypted in Dropbox, but after several publicized accidents - one when Dropbox opened user accounts for hours to anyone to browse through - I don't trust them much. Or OneDrive, or Google. I have no choice but to trust banks but at least the banks are supposed to have a system in place to vet their employees, and have decades if not centuries of security obsessed corporate culture (not that it prevents any issues), and there are laws that make them responsible for at least some monetary losses of their customers due to internal breeches. I have no idea how cloud services vet their employees, and as far as I know they can read anything in anybody's account and have zero oversight and zero responsibility. You can leave the statements on bank site of course, but good luck getting them if you switch banks, or if your bank is bought out. And many only let you go back 1-2 years. Also, banks and medical offices simply don't have all of your info - just (important) bits related to your business with them. Short of printing every record and locking it up in a safe somewhere - which is really not a good solution anyway - the only sensible approach, in my view, is to assume that some of your data may become compromised sooner or later, and prepare for this by encrypting access. A thief sophisticated enough and equipped well enough to break an AES encrypted file with 12-15 character password likely isn't after your individual data anyway. And I thought I was paranoid. The answer is simple: Don't store any of that information in the cloud. You cannot prevent the individual companies from storing the information electronically and making it available to you over the internet but that doesn't mean you have to store it anywhere else and make it available. Do this: Get a NAS and store those documents on the nas. Then make sure that the storage device is not accessible to the outside world. You could then use truecrypt to encrypt that storage if you are still paranoid. Bing, bang, boom...all done. Also...for redundancy and backups..backup the nas to an additional physical hard drive and place that hard drive in a safety deposit box. Link to comment Share on other sites More sharing options...
Amamba Posted March 23, 2014 Author Share Posted March 23, 2014 And I thought I was paranoid. The answer is simple: Don't store any of that information in the cloud. You cannot prevent the individual companies from storing the information electronically and making it available to you over the internet but that doesn't mean you have to store it anywhere else and make it available. Do this: Get a NAS and store those documents on the nas. Then make sure that the storage device is not accessible to the outside world. You could then use truecrypt to encrypt that storage if you are still paranoid. Bing, bang, boom...all done. Also...for redundancy and backups..backup the nas to an additional physical hard drive and place that hard drive in a safety deposit box. This is not an answer, it's a limitation. I looked at SpiderOak and Wuala, but I don't think I am ready to trust them just yet. Winzip AES256 solution works good for protecting statements, but is a royal PITA for editable documents... as they have to be re-zipped and re-uploaded afer each edit on iPad. For now, I'm afraid that's the only safe, if cumbersome, method. Although CloudOn seem to support password protected Excel files... will check that one, too. None of my spreadsheets have any account #s in them, anyway. Link to comment Share on other sites More sharing options...
Amamba Posted March 24, 2014 Author Share Posted March 24, 2014 There's an app called Disk Decipher that reads Truecrypt (and FreeOTFE and LUKS) volumes, even on Dropbox without having to cache the entire container locally. Once I RTFM'd, I was able to open the container in Dropbox and read files. For now it's read only, but I can use Winzip for individual files & transfer them to TC container in bulk later. Highly recommended. Link to comment Share on other sites More sharing options...
#Michael Posted March 25, 2014 Share Posted March 25, 2014 There's an app called Disk Decipher that reads Truecrypt (and FreeOTFE and LUKS) volumes, even on Dropbox without having to cache the entire container locally. Once I RTFM'd, I was able to open the container in Dropbox and read files. For now it's read only, but I can use Winzip for individual files & transfer them to TC container in bulk later. Highly recommended. That has to be the worst idea I have seen in a long time. Talk about a convoluted and wrong implementation. The moment I saw view only is the moment I said no. Boxcryptor is what you are looking. Stop being cheap and buy a subscription for it. Link to comment Share on other sites More sharing options...
Recommended Posts