Secure Cloud Backup/Sync

Posted on 2012-04-24 by Stephan Sokolow

Given the mounting concerns over cloud storage offerings and the increasing occurrence of bills like ACTA and CISPA, it’s becoming increasingly important to find alternatives to US-based, un-encrypted cloud storage services like Dropbox.

The question for poor saps like me is, who can we trust without paying even more money? Well, here are the cross-platform cloud backup/sync providers I’ve found which assure you that, like Firefox Sync, data is encrypted before it leaves your computer and they can’t recover it if you lose your key:

Name Free Plan Extras
SpiderOak 2GiB + 1GiB/referral Optional 2-factor auth via smartphone. In-depth technical details of their encryption are public.
TeamDrive 2GiB + 250MiB/referral German company. Security has approval from an independent authority. Can also self-host.

As an alternative, if you have VPS, co-located server, or feature-rich shared hosting in a country you trust, you can also run your own service using open-source software.

Just keep in mind that most options don’t encrypt data on the server so, if you get hacked or police confiscate your server, they probably will grab copies of your data before someone thinks to power it off and lose your eCryptFS or EncFS keys. (EncFS on the client might work though, but it’s not secure against attacks based on watching the encrypted data change over time.)

Client Server Encrypted Storage? Notes
SparkleShare ssh+git No Dropbox-like client. SSH Public-Key authentication.
various (WebDAV) ownCloud Limited Planned Has WebUI. Supported by remoteStorage.js.
duplicity ssh, rsync, ftp, WebDAV, Amazon S3, … Yes Linux-only. Sync is one-way like rsync. Client encrypts before sending to server.

I’d also keep an eye on Syncany. It’s not out yet, but if it doesn’t end up broken or vaporware, it looks like it will be a good hybrid of SparkleShare and duplicity.

Please feel free to suggest further alternatives in the comments. I’ll update the post if they look good.

CC BY-SA 4.0 Secure Cloud Backup/Sync by Stephan Sokolow is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

This entry was posted in Geek Stuff. Bookmark the permalink.

No related posts.

3 Responses to Secure Cloud Backup/Sync

  1. Svein Ove Aas says:
    2012-05-07 at 7:01

    You should also have a look at CrashPlan; it seems to fill most of your criteria.

    Reply
    • Stephan Sokolow says:
      2012-05-07 at 7:28

      Most, but not enough. Membership in the first table requires the site to offer some offsite storage for free and membership in the second table requires the software to be open source.

      Reply
  2. Diana Anderson says:
    2012-05-29 at 7:38

    My brother has been talking to me about this and although I was just barely able to keep up with him, I find myself agreeing with him and what you have also pointed out.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

By submitting a comment here you grant this site a perpetual license to reproduce your words and name/web site in attribution under the same terms as the associated post.

All comments are moderated. If your comment is generic enough to apply to any post, it will be assumed to be spam. Borderline comments will have their URL field erased before being approved.