Keeping your data safe in the cloud the cheap way – part 2

Note: This page was updated on 2016-12-03. Truecrypt is no longer in use as it contained errors. If you want to find some alternatives for your system, have a look here.

A while ago I posted about a cheap way to keep your data safe in “the cloud”. Most people know Dropbox, Skydrive and Google drive, and that none of these systems are encrypted on your end. Because of that I installed Truecrypt and did some experiments.

Let’s set this as a case. You have 5MB of data you want to keep in the cloud. Dropbox gives you 2GB for free, 5MB fits in there easily. But your MBs are only encrypted by Dropbox, any CIA/FBI/NSA/TSA John Doodle can walk in and look at them. Dropbox will hand them the encryption key. Be one step ahead.

Truecrypt interface

Set up Truecrypt and create a 10MB container. (See the previous post on the how-to and such.) Set up the container outside Dropbox is my advice. Stick your 5MB worth of data inside the new drive (which is the truecrypt container) and happily use it. Once in a while copy the 10MB container to Dropbox so it gets saved to the cloud, encrypted by truecrypt. Do NOT copy the files from the container to Dropbox, then Truecrypt will decrypt them first. So if you set up the container in c:\mycrypt\container which you linked to drive T:, copy c:\mycrypt\container to Dropbox, not everything in T:.

Why not create the container directly in a Dropbox folder? Dropbox will the continuously update the entire 10MB to the cloud, which might affect the rest of your internet access. If you’re okay with that, go ahead and put the container directly inside a Dropbox folder.

And why 10MB for 5MB of data? That’s to have some space for when your amount of data grows. You can make it 6MB, but when you get to 6.1MB of data, you’ll need to create a new container in truecrypt and copy things over. It’s just some planning ahead.

Hope this helps someone.

Keeping your data safe in the cloud the cheap way

Security and safety of data. You may not be concerned about it. I am. Especially since I like Cloud solutions.

spideroak_nav_mainI have an account with a cloud provider called SpiderOak where your data are stored encrypted. Your computer first encrypts your stuff and then sends it to SpiderOak’s servers. They don’t have your key, so if you lose it and you lock yourself out of the client on your computer, you’re royally buggered up. They can’t help you. SpiderOak offers 2GB free, other accounts cost money ($100/year, $10/month for 100GB). See their site for other pricing options if you’re interested.

What if you can’t afford that but you have a huge Skydrive with Microsoft, or this enormous space on Google Drive? The answer: Truecrypt.

Truecrypt is a helper program that allows you to encrypt stuff. You can make it encrypt a file, a disk partition or even your entire computer. For this post I stick to the file.

When you start Truecrypt you have the options:

Truecrypt 1

Note that this is a shot from Linux, in Windows it’ll look as good as the same. To set up an encrypted file, you click ‘create volume’, enter the name of the file and follow the prompts (the entire procedure is laid out in their Beginner’s Tutorial, so I’m not copying all that here. When you have followed the wizard, you have created a new volume.

Next step is to mount the file (volume). The fun bit is that you can mount the truecrypt file as a drive (e.g. /media/truecrypt in Linux, or to a drive letter like M: or V: in windows):
truecrypt 2

Via ‘select file’ you browse to your file (or you type in the name) and click Mount. Truecrypt asks you for the password you assigned to the file in the creation process and if that matches your file is mounted as a disk (as mine is in Slot 1. Windows will show you actual drive letters to assign something to).

Stick your work in the new drive, unmount it and back up that file to Google Drive, Dropbox, MS Skydrive etc, provided you have ample space there. If you created a 4GB Truecrypt file and you try to store that to a 2GB dropbox account, you’ll get yelled at by Dropbox.

The file (your new drive) will be fully encrypted, no one can read it. I have read that the FBI spent months trying to hack a Truecrypted drive from the infamous DotCom affaire and gave up. If you need your file back, just download it from wherever, mount it and voila, there are your files. For your eyes only, and no one else’s. Again: lose the password and you’re buggered.

Warning:

! Note that I don’t know if syncing a Truecrypt file “live” to Dropbox (e.g. you have the Truecrypt file INSIDE your Dropbox directory) works fine. I haven’t tried that.

I assume it will, as Truecrypt only has unencrypted data in memory and always writes encrypted data to disk. Dropbox then should move the update to the cloud, but understand that if you update e.g. a 1GB file (your drive), each update will cause the entire 1GB file to be Dropboxed, not just the 25 words you added to the file inside your Truecrypt-drive. For Truecrypt it’s a drive, for Dropbox it’s a big file. That is why I suggest copying the Truecrypt file to Dropbox when you’re done for the day or so.

Questions?