
Encrypt Your Private Dropbox Data With EncFS - macco
http://www.webupd8.org/2011/06/encrypt-your-private-dropbox-data-with.html
======
sigil
This is better than TrueCrypt-on-Dropbox [1] in the sense that there's
probably much less bandwidth inflation due to encryption, if any.

However, with EncFS be warned:

"Anyone having access to the source directory is able to see how many files
are in the encrypted filesystem, what permissions they have, their approximate
size, and the last time they were accessed or modified." [2]

Since tarsnap does the block partitioning and encryption client-side, it
doesn't suffer from either problem.

[1] <http://news.ycombinator.com/item?id=2546626>

[2] <http://en.wikipedia.org/wiki/EncFS>

~~~
hotice
The post was updated with a command to exclude the EncFS key file from being
synced.

------
codenerdz
Im sorry, but the whole idea of Dropbox was simplicity. This method requires
installation of two more pieces software on every machine that will need
access to encrypted data and does not explain or guarantee that it will work
across platforms which is what dropbox is all about(I can access same files on
my phones, tablets, windows pcs, macs and web)

I basically approach Dropbox as a tool that fits its purpose and this purpose
unfortunately does not include properly encrypted data. So any sensitive
documents would NOT go into dropbox. They would be backed up into an online
backup that is encrypted on my side instead.

~~~
jerf
I find myself wondering if you actually read the content. Your first paragraph
seems like a response to the article, but then your second makes it look like
you didn't. Are you encrypting your files via hand-calculations before putting
it on Dropbox, or using a second software package you installed as a tool? In
which case what exactly is so hard about using one of the transparent file
systems, which both boast a decent array of OS support options, that you have
some sort of solution for that doesn't involve installing something beyond
Dropbox?

~~~
sorbus
I'm not sure if we both read the same comment. The second paragraph focuses on
the fact that Dropbox is not suitable for sensitive content, and therefor he
suggests using another service that offers client-side encryption (Tarsnap,
possibly, as I think that it does that). He is not saying that he is putting
encrypted files on Dropbox.

~~~
codenerdz
exactly, for sensitive data I use a different service that does client-side
encryption: CrashPlan

More on their encryption options here:

<http://www.crashplan.com/blog/tag/crashplan-encryption>

------
pbh
This idea seems to come up every few months. Don't do it! (At least unless you
seriously understand the caveats or something substantial has changed with
encfs and/or Dropbox.)

Here's my comment from a year and a half ago:
<http://news.ycombinator.com/item?id=895660>

... and from a few months ago: <http://news.ycombinator.com/item?id=2454924>

------
derrida
Or don't use dropbox, use rsync, disk encryption, cron and SSH. Works across
Mac/Linux & SCP on windows. With rsync+ssh+cron+disk encryption, you have full
responsibility. Competency with rsync is empowering and can be as simple as
dropbox, and way way way more secure.

------
yaix
I have been doing this for some time. Not with Dropbox but sync'ing the
encrypted files to my own server with rsync.

Install "Cryptkeeper" on Linux to have an tray icon to more conveniently mount
and unmount.

------
r00fus
This sounds great, I assume there's no way to view these files on an iOS
device (which is still quite workable encryption - only for dekstop)

------
jacques_chester
I've been happy with Tarsnap for encrypted remote backup purposes. I've got 8
months of daily snapshots, around 6Gb per shot. So far it's cost me around $7.

------
Astrohacker
Thanks, this is a lot better than the truecrypt system I had set up. Although
I have a sqlite database that seems not to work with this... that will be
staying in the truecrypt file system.

