• Sign in to Neowin Faster!

    Create an account on Neowin to contribute and support the site.

  • 0
Sign in to follow this  

File encryption software recommendations

Question

CriticMunde37    2

Hello. I've been looking into encrypting my files, which are stored in the cloud. So far I've been thinking between NordLocker and Cryptomator. I even noticed that the first one has a bounty campaign, I've never seen something like this before. Does that mean that they have better security? Or maybe that they're really trying to improve their service via the help of freelance hackers? In any case I would like to hear your thoughts on using file encryption and if it's even necessary.

Share this post


Link to post
Share on other sites

4 answers to this question

Recommended Posts

  • 0
+BudMan    3,694
4 hours ago, CriticMunde37 said:

if it's even necessary.

That all depends - what are you storing in the cloud?  And the other big question is where?  And how.. Are these files you specifically upload?  Are they files that are sync'd up there like dropbox?

 

If they are video's of your cat - kind of hard to justify encryption.. Now if they are private videos of you and your loved one expressing your love - might be another story, etc.  Or if its a spreadsheet holding the nuke launch codes for India arsenal?

 

Here is one thing I will say about encryption, more often than not its not justified in the least.. And more times than not it will lock the user out of their own files more often than actually provide protection from others viewing them.

 

example:  I store copies of my audio books in the cloud (dropbox which already uses encryption).. I also store util type software that I might need in one place.. I use it to sync some info between machines.. You know notes on how to do xyz or something.. I have a txt file with some commands in them, so don't have to look them up if need to do them on another machine.

 

I am not storing passwords in a clear text, or in anything on there.  I am not storing any personal info on there.  I am not storing any sort of media that could be of issue if leaked to the public or someone other than me saw, etc..

 

With such use - how could anyone justify the added overhead of use, even if free cost money wise any sort of 3rd party encryption?  The most likely outcome in doing such a thing would be frustration in use/access of my own stuff.. Having to reauth with some other password or OTP or 2fa to get access.. And worse case actual loss of access to said data - because lost the password/key or something went wrong in the encryption/decryption... Which most often would happen exactly at the time that I wanted/needed access to said file the most ;)

  • Thanks 1
  • Haha 1

Share this post


Link to post
Share on other sites
  • 0
Mindovermaster    3,208
Posted (edited)
2 hours ago, BudMan said:

Or if its a spreadsheet holding the nuke launch codes for India arsenal?

I laughed so hard at that...

 

Encryption depends on what you want hidden. Like BudMan said.

 

Most cloud services are already encrypted when you upload files. You can set them as shareable or not. You can also password protect Zip/Rar files on the fly.

Share this post


Link to post
Share on other sites
  • 0
stereopixels    23

Can’t speak for Nordlocker as I’ve not used it however I’ve been using Cryptomator for several years and have to say it’s excellent; as Budman says don’t encrypt stuff you don’t need to but I keep a small 1gb crypt backed up on both OneDrive and Dropbox which has certain documents and backups of some of my keys in. Cryptomator is open source so I trust that the community has vetted it, but they’ve also had it audited.

Share this post


Link to post
Share on other sites
  • 0
ThaCrip    722

@stereopixels

 

Thanks for the Cryptomator suggestion as it sounds like a solid choice for all around ease-of-use paired with good security.

 

I also plan on uploading something online (my password managers database file) semi-soon but I tend to go with the more paranoid encryption route. sort of a double encryption with two different passwords. like the password manager file put inside a VeraCrypt container (which the VeraCrypt container uses some keyfiles) and then put the VeraCrypt container file inside a .7z file. so someone would have to break through the .7z first, then VeraCrypt and then the password manager database file in order to get to the sensitive info and I got the keyfiles for the VeraCrypt container stored on a different account/site of which I put multiple keyfiles inside so even if someone got a hold of the keyfiles (which are password protected (so they would also have to crack this)) they would not know which ones are used for the VeraCrypt container and I got a plenty strong password on it straight up. so the odds of them guessing the VeraCrypt password are pretty slim but with the keyfiles should be that much harder.

 

I realize what I am doing is a decent amount of work, which some might consider overkill, but it's better peace of mind and it's not something ill have to update much as it's obvious Cryptomator is much simpler but I prefer the paranoid route since I am not relying on one encryption program which should further lower the chances of someone breaking it and the entropy of the passwords I am using (which is guaranteed since it's truly random) should be plenty high enough for the foreseeable future.

 

hell, who knows... maybe ill pair Cryptomator with the stuff I am using as then someone would have to break through a total of four encryption schemes before they could access the data. but then again maybe not as the more stuff I wrap it in, it could be a issue in the future when retrieving that data since we need to make sure the programs are still around to access the data if I need to etc. but I figure with what I am using, it should satisfy the more paranoid types unless someone thinks 7z and VeraCrypt is crap security.

Share this post


Link to post
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.