Cloud & Privacy: Boxcryptor

Abandon privacy all ye who enter the cloud” is something that should be engraved over the entrance of most, if not all, cloud services.

At least this is what it feels like to me, having to relinquish all notion of privacy and intimacy knowing my files will be analysed—some cloud providers being more invasive than other in that regard. 

I’ll gladly open all my files and folders to any legit authority asking me to do so, provided they have a reason and the right to ask. But I don’t want anyone else accessing my files–be it on purpose, in order to offer me some service, or because of a security breach–to be able to read them.

I don’t want anyone to discover that I’m the author hiding behind the pen name of dear « Dulcinea Von Liebe, Duchess of Hot Steamy Romance ». I don’t want anyone or any algorithm to be able to read my medical documents, or to see the pictures of my cat. That’s none of their business. That’s, you know private. And that’s not the reason why I decided to use cloud to store my files.

The obvious solution would be to not use the cloud at all. Problem solved, thx for reading, bye. Save that I want to use the cloud: it’s a great tool. It’s just the lack of a stricter legislation that makes it such this Wild West and this Eldorado for those companies, giving them free rein over our data.

Enters Boxcryptor. 

Boxcryptor

In a nutshell, Boxcryptor is a service that will sit between your files, on your computer, and your cloud provider–they claim to work with most if not all cloud services–and they will encrypt your files before syncing them with your cloud.

It’s available for Mac, Windows, iOS and Android.

What’s great with Boxcryptor is that it’s invisible. Once installed, you can keep using whatever cloud you fancy and access your files like you’d normally do. Beside an occasional speed hit, you won’t notice any change.

Remember the first screenshot in this article? Here is what the same files would normally look like when accessed through Boxcryptor:

The only noticeable change in your workflow is that you must always access your files through Boxcryptor’s virtual drive, not directly from the cloud app itself. Why? Because if you don’t, you’ll access your encrypted files–see first screenshot–and you won’t be able to do much with those.

On a Mac it means that instead of opening the Finder in OneDrive->My Folder->My File, I now open it in Boxcryptor->OneDrive->My Folder->My File.

As you can see, it’s a tiny change. For the rest, you’ll be able to open, edit, share, copy, delete all your files and so on, as long as you remember to access them from Boxcryptor and not from your cloud directly.

Is it really secure?

I’m no expert, but they use strong encryption and, unlike all cloud service providers, they don’t own your private key: only you have it.

Technically, as far as I can understand, what you are the only one to own is the password used to connect (once) to your Boxcryptor account, not the key itself. But don’t quote me on that. The thing is that without this password, no one can read your files–so, do not loose it, there is no recovery.

Can the NSA bypass it? No idea, but for me it’s more about keeping private companies at large than fighting the NSA (hi, guys).

No cons?

Sure.

I already mentioned the occasional speed hit. For no apparent reason the Finder, as the File Explorer on Windows, will sometime slow down. I can live with that.

Boxcryptor being some kind of virtual drive on your computer, doesn’t always play nice with other apps but nothing dramatic either, just occasional hiccups.

Some apps & services don’t like that privacy layer. Using Boxcryptor you’ll loose access to some options, like say automated versioning and auto-save in Microsoft Office 365/OneDrive. So, use the free version of Boxcryptor to check you can still access everything you need, before committing.

Always check every file has completely been synced before reopening it. I learned it the hard way with Calibre’s metadata and library, as I store my ebook library in the cloud–which is strongly advised not to do so it’s neither Calibre’s or Boxcryptor’s fault here.

Help could be better: simpler and more detailed. That said, coupled with their support forum you should find all you need to know.

There is an iOS version too, which is great, but its UI is lacklustre.

The initial setup can be tricky. I mean, it’s simple but it still is geeky and many options make little sense if you don’t take time to read the online help.
Here are the key steps you must follow to avoid any surprise:

  1. Check you’ve already configured and synced all the cloud services you want to use on your computer: Boxcryptor comes in a free tier (allowing one cloud only, and sync up to two devices) and a paid one (as many cloud and devices as you want, and a few other benefits).
  2. Install Boxcryptor, login.
  3. In its Preferences, check that Boxcryptor has correctly identified your cloud service, then click the link button for each one: Boxcryptor needs to access your cloud files.
  4. Finally, tell Boxcryptor what folder to encrypt. Do not encrypt the root folder of your cloud service, use a dedicated folder, or multiple ones.
  5. It will copy the folder to encrypt (to avoid conflicts with your files on the cloud) and add an «_encrypted » extension to it. Don’t touch it while it’s doing its stuff. When it’s done encrypting, you can remove this extension.
  6. Let it encrypt your files and let your cloud sync all changes back before you start working with your files again. Here again, it will prevent any conflict.
  7. One last suggestion, though: if you use Boxcryptor’s paid version you’ll have the ability to encrypt file names too (not only their content). If you plan to use that option, activate it before you start encrypting any file or folder, otherwise Boxcryptor will have to process them once again, and sync them back to your cloud.
    Go to the Preferences and in the Security tab, check Enable Filename Encryption.

Having to pay for something that should come as a default with any cloud storage? Sure, it’s a pain. Alas, a stricter respect of online privacy is not something I see coming anytime soon: there is too much money involved in mining our data, preferences and habits. And there are so few politicians willing to push legislations forcing companies to respect our privacy. So, unless you have a better solution…

Free or paid version?

The free version works exactly like the paid one, but will only let you use one cloud service (unlimited, with the paid tier) and sync up to two devices (vs unlimited), and you won’t be able to encrypt file names, only their content.

That last bit is an obvious weakness in protecting your privacy, as it’s much harder to just guess what is in a file named “怐濗搎戬晌沝涞汀䀤” than, say “Secret Plan to Conquer the World.docx”.

The paid version is €36/year.

It’s up to you to decide what a better privacy is worth to you. There is no question for me, if only for the peace of mind it gives me to know that even if some hacker could access my cloud storage (s)he won’t be able to read my files that easily.

Boxcryptor

Apple teams up with Goldman Sachs on Credit Card Paired with iPhone’

My big question is what the interest rates are going to be. Credit cards have turned into a dirty business where people who carry a balance pay exorbitant interest rates, even if they’ve never missed a payment. And the higher the interest rates, the harder it is to pay off the balance. Is that where Apple wants Services revenue growth to come from? Charging people usurious interest rates on their credit card debt?

John Gruber.

I’ve been saying that for years now, but I also remain persuaded that the other way Apple’ld be diversifying its operations is by becoming it’s own mobile operator/carrier.

Mobility, constant access to our data, is a huge part of the user experience Apple so much relies on to sell us its devices. And it’s a part where Apple has not much control: Apple is running the date centers, it’s running the apps we use to connect to them and the Mac, iPhone and lPad those apps are running on. Leaving only the network itself in the hands of third parties.

There is no reason for Apple not to try to get a slice of this huge cake, imo.

Jeff Bezos answer to threats and blackmail

Jeff Bezos’ answer to the threats he received: No thank you, Mr. Pecker.

To lead my investigation, I retained Gavin de Becker. I’ve known Mr. de Becker for twenty years, his expertise in this arena is excellent, and he’s one of the smartest and most capable leaders I know. I asked him to prioritize protecting my time since I have other things I prefer to work on and to proceed with whatever budget he needed to pursue the facts in this matter.  

Beside the fucked-up situation that Bezos reveals, I had to read this sentence two or three times just to wrap my head around this “whatever budget”, knowing Bezos’s personal wealth is estimated at $131B

It made me realise that Bezos and I may live on the same planet and breathe the same polluted air, but we don’t live in the same world where one must be a multi-billionaire to stand a chance against such threats and the crooks behind them. Something Bezos seems to be well aware:

If in my position I can’t stand up to this kind of extortion, how many people can? (On that point, numerous people have contacted our investigation team about their similar experiences with AMI, and how they needed to capitulate because, for example, their livelihoods were at stake.)

Apple’s hit wireless earbuds are showing their age

If you use and enjoy AirPods as much as I do, replacing worn out AirPods with a fresh pair is the natural next step. Even at $159, AirPods feel like a great value for what they offer if you appreciate portable wireless earbuds. (Zac Hall, via MacStories)

I don’t own AirPods and don’t think I ever will, at least not as long as I have a choice.

Sure, they’re cool, and who doesn’t hate those darn always-tangled cords? But: Continue reading “Apple’s hit wireless earbuds are showing their age”