Hacker 10 – Security Hacker

Tag: spideroak alternative

  • Encrypted cloud storage with messaging Peerio

    Encrypted cloud storage with messaging Peerio

    Peerio is a company providing encrypted file storage with integrated instant messager in the cloud. Available for Windows, Mac and Linux (if using the Chrome browser), smartphone apps are on the way, it is being developed by the makers of Cryptocat and miniLock, two other cloud based encryption utilities.

    Before you can use Peerio you will have to register for an account selecting a username, the email address you provide will receive a verification link for you to click on, after that you can create a short PIN code to pair devices with Peerio. A long passphrase is generated during account creation to stop users from picking a weak one, this is very important as encryption keys are derived from that passphrase.

    Although I see why the developers do this, I am not a fervent supporter of having something as important as the passphrase picked by a third party app instead of my trusted offline password manager, and most likely people without a password manager will write it down anyway.

    encrypted file storage Peerio
    encrypted file storage Peerio

    Peerio interface is clean and easy to use, you will see three tabs “Messages“, “Files” and “Contacts“, and a column allowing you to classify uploaded documents by file type (Photos, Videos, PDF, etc), everything is automatically synchronizing.  After you have added a contact, that person will be able to talk with you in real time, to send him a large file, drag and drop the files you wish to share inside the window to upload them to the cloud, another button lets you destroy those files from your account and the account of the people it is being shared with.

    This platform is comparable to Mega, a more established encrypted cloud storage with messenger that offers far more space. Peerio developers have no way to know what you are sharing, only users hold the private key to decrypt data downloaded from Peerio Canadian cloud servers, the company can’t read anything but they admit that timestamps and login IPs are kept, that is all they can hand over if they are forced to.

    A substitute method to send large files with end to end encryption is using an instant messenger and encrypting the files with PeaZip before the transfer. Peerio’s main leverage is that it does all the encryption work in the background but it also has the disadvantage that to send big files you will be asked to upgrade to their upcoming paid for plans, and, the part that bugs me the most, is that you have to convince your friends to open an account with Peerio.

    Peerio erasing shared cloud files
    Peerio erasing shared cloud files

    If you are small company and your employees need to share files often, perhaps Peerio will work, but for the individual, it is best that you encrypt a file and upload it with a proxy to a cyberlocker or use NeoRouter to avoid the metada treasure trove that cloud servers are, with the extra benefit of always having the data available in your hard drive.

    Other secure ways to share large files without a cloud server involved are Bittorrent Sync and Infinit.

    Visit Peerio homepage

  • List of non USA cloud storage services with client side encryption

    List of non USA cloud storage services with client side encryption

    To truly secure your data in the cloud it is necessary to encrypt it before it leaves your computer and not to trust others to do this for you. You can encrypt files yourself with something like Truecrypt, DiskCryptor or 7Zip but it requires time and extra work.

    This list contains cloud storage services that apply encryption before uploading it to their servers and give you full control of the decryption keys, making it impossible for the company to decrypt anything.

    TeamDrive: Company based in Germany, data is encrypted in the computer with AES256-bit using your own encryption key that the company has no access to. You can decide whether to store your files in Amazon EC2 USA, Ireland or Hong Kong servers, account data is only held in German servers.

    Mega: Based in New Zealand, all data is encrypted with AES128-bit before uploading it to the cloud, a RSA2048-bit key is used to share already encrypted files in between users, their FAQ is very complete explaining the security measures they use and what possible vulnerabilities exist against their business model.

    Mega cloud encryption file sharing
    Mega cloud encryption file sharing

    Powerfolder: German company, it can be used to store and share files in the cloud, they have no servers in the USA and everything is encrypted client side with the AES algorithm. You can password protect folders before sharing them with others.

    TresorIt: Hungarian company, they use AES256-bit to encrypt data before uploading it to the cloud. The company offered $US10.000 to whoever can break their security software. Data can accessed in your smarphone or desktop computer. There are free and paid for plans.

    TresorIt encrypted cloud storage
    TresorIt encrypted cloud storage

    Unseen.is: A full communications suite with encrypted cloud storage on top of email and instant messenger. With headquarters and servers in Iceland, encryption is end to end, the company does not have the key and can not read any messages. Unseen.is is transparent about their technological encryption set up and privacy policy. Have into account that online storage is limited, the service has been designed to only back up your most important files, not a whole computer.

    Notice: Even if the company is not based in the USA, they might be using American servers for storage unless specified.

  • List of USA cloud storage services with client side encryption

    List of USA cloud storage services with client side encryption

    Even with local encryption, it is not impossible for a government to subpoena a tech company and force them to introduce a backdoor in their software. A few of the US companies below allow you to download the security software source code to make it much harder for a government to tamper with it unnoticed.

    Another way to strengthen your security is to use third party cloud encryption programs like Viivo or BoxCryptor, they come with an easy to use interface that makes cloud encryption effortless. These programs can be used in conjunction with cloud services own encryption and it will add a second encryption layer that will have to be broken.

    If you use Linux, EncFS can create an encrypted version of your files inside a folder before syncing it online.

    iDrive: Data is secured with AES256-bit encryption before moving it to the cloud. The encryption key is provided by you and not stored anywhere in iDrive servers, or you can opt for their system based encryption scheme where the company holds the key.

    JungleDisk: Used to back up your computer files to Rackspace Cloud Files Service or Amazon S3. During installation you can create your own AES256-bit encryption key that nobody else will know with data being encrypted before leaving your computer.

    JungleDisk cloud encryption Android client
    JungleDisk cloud encryption Android client

    Cubby: Client side encryption with AES256-bit, any content added inside the Cubby software is automatically encrypted before syncing it with the cloud, there is an option to sync data in between your computers and avoid the cloud altogether.

    Elephant Drive: You are given a choice of using the company encryption keys or creating your own, if you create your own keys Elephant Drive will only store a hash value of them to compare it with the entered password when you ask for access. The company will not be able to access your data even if they are forced to at gunpoint.

    SpiderOak: It can be used to share and back up files, data is encrypted in your computer with AES256-bit in CFB mode and HMAC-SHA256, the company has no knowledge of what data is stored in their servers or what your password is. SpiderOak software works in smartphones and Linux as well as Windows.

    Bitcasa: They implement convergent encryption to remove duplicate files stored in their servers, a way to save space in cloud servers by not backing up duplicate files that exist in another user account. With this system the company does not have to decrypt or see the data which is kept ciphered with AES256-bit.

    Bitcasa cloud encryption software
    Bitcasa cloud encryption software

    TarSnap: Targeted at the open source community, Tarsnap works in Linux, BSD, Solaris and other Unix based operating systems. Command line interface or shell scripts will encrypt and sign your data before uploading it, the software source code is available for download.

    Make sure not to fall for Dropbox or Google Cloud Storage security marketing ploys. Those companies only encrypt data server side. They do not protect you against a subpoena forcing a company to hand over the encryption keys.

    The only way to be safe from NSA accessing your data stored in the cloud, is if if the cloud company never had access to the encryption key. In that case, the NSA could only try a brute force attack against hashed passwords and it would not get them too far if you have assembled a very long encryption passphrase.

  • Encrypted cloud storage with TeamDrive

    Encrypted cloud storage with TeamDrive

    TeamDrive is a cross platform (Windows, Mac, Linux) cloud storage service with uncrackable encryption, using AES256bit and RSA-2048 public/private key, data is encrypted in your computer before it reaches their cloud servers, Teamdrive has no way to access the files, limiting their legal liabilities since you can’t be compelled to decrypt something that you don’t have the key for, the encryption key remains in the user computer at all times.

    To set up a Teamdrive account you are only required a valid email address, I liked that they have a portable version that can be carried in a USB thumbdrive or kept inside an encrypted virtual container (e.g. Truecrypt), but you will need to configure the default settings to make sure that there is no data leakage in the host computer, luckily Teamdrive software settings display the file path for data back ups and cache, a quick look will tell you where in the drive it is kept.

    Encrypted cloud storage TeamDrive
    Encrypted cloud storage TeamDrive

    The program is divided intro three tabs, “Spaces“, where you can create folders, organise your files and set access permissions for other members and with a right click send an invitation via email revealing the URL for the data you would like to share with others, optionally, spaces can be password protected. Another tab called “Members” lets you see who has access to a particular space and a third tab called “Activity” contains a very detailed log of file movements, like uploads and downloads with timestamps. To add files, manually select them or drag and drop inside the window, everything is quickly sync when there are changes, a trash can will save erased files that can be restored if you change your mind.

    Inside settings you can configure a proxy if you are using it to access Teamdrive cloud storage space, the paid for version allows you to assign roles to other people, setting up administration rights, like being able to publish and delete files or remove other members from a shared space. There is support for smartphones, you can run the application in  Android or iPhone  The free version has limited storage space and bandwidth, indicated inside the application with a graph bar, enough for light file sharing.

    Teamdrive is a decent alternative to SpiderOak and definitely better than Dropbox, where the company can decrypt your data, if you care about privacy drop Dropbox now.

    Visit TeamDrive homepage

  • Encrypted data backup with Powerfolder

    Encrypted data backup with Powerfolder

    Powerfolder is a free program for Windows, Mac and Linux to securely share, sync and backup your computer files, locally or in the cloud, if you choose to backup your data online you will be offered a free account with 1GB of free space, this is not necessary as the program can be used to do offline backups, if you decide to use the cloud option all data transfers will be encrypted using SSL (transfer) and AES (storage), to open an online account only requires entering an email address, which does not need to be verified, and the password of your choice.

    Powerfolder interface is easy to use, skinnable and with lots of configuration options, the software can be used to synchronize data in between computers on a LAN (Local Area Network) with real time data sync status showed on the screen, you can choose what to backup with a simple tick on a checkbox next to each folder.

    PowerFolder encrypted data backup
    PowerFolder encrypted data backup

    To share files online you just need to go to the Folders tab and follow the wizard where you will be offered what files to share and where to send an invitation key, in order for someone to access your data they will need to enter that secret key first. PowerFolder cloud storage can be accessed through the iPhone or Android through a specially made mobile portal (m.powerfolder.com), browser file downloads are made using an encrypted SSL connection, you can view and play audio files online too. Powerfolder software scans local folders for changes and uploads/erases the data as necessary, bandwidth taken by PowerFolder can be limited, a proxy and specific ports chosen, the plugins tab lets you configure advanced settings, like adopting UDT connections instead of TCP, encryption security level and setting up a dynamic DNS.

    I would have preferred it if the help manual wasn’t only available online, and the free 1GB online space is not enough to hold all of my important data, I could not find any other flaw to this very fine secure data backup software.

    Visit Powerfolder homepage