Cloud Storage
The below information focuses on services that support end-to-end encryption (E2EE)End-to-end encryption (E2EE) is a system of communication where only the communicating users can read the messages. In principle, it prevents potential eavesdroppers. Wikipedia – End-to-end Encryption. While there are a large number of cloud storage providers available, using their services assumes that the provider will not inspect or spy on your data. By leveraging E2EE your data may safely pass over the public internet. As a proprietary key is required, the only two parties that can decode your data is the sender and the receiver.
For information on other means of online file transportation, view Cyber Uncovered’s File Transportation page.
Nextcloud
Top Suggestion
Nextcloud is known for their suite of client-server collaboration and communication applications, namely Nextcloud Files. Nextcloud allows you to operate and host these services on your own local computer or private server.
Nextcloud is recommended over other services as they have integration and support for E2EE. Building upon E2EE, the platform supports offline recovery keys, server-side encryption and support for Hardware Security Modules (HSM)A hardware security module (HSM) is a physical computing device that safeguards and manages digital keys, performs encryption and decryption functions for digital signatures, strong authentication and other cryptographic functions. Wikipedia – Hardware Security Module.
Proton Drive
Proton Drive is a new service brought by the same company that hosts the popular services Proton Mail and Proton VPN. Proton Drive is currently in early-access and and only available through their web client. ProtonDrive also leverages E2EE file storage. Their services are based out of Switzerland and are governed by Swiss privacy laws.
When you use a web client, you are putting your trust in the server to provide you the necessary JavaScript code to generate the decryption key and authentication token in your browser. A hacked server can send you harmful JavaScript code that will steal your master password and decrypt your data.
Tahoe-LAFS
Tahoe-LAFS (Tahoe Least-Authority File Store) is a distributed data store and file system that is free and open, secure, decentralized, and fault-tolerant. It can function as an online backup system or as a file-based web host. Tahoe can also be utilized in a RAID-like fashion, combining several drives to form a single large Redundant Array of Inexpensive Nodes (RAIN)RAIN is the use of multiple servers to maintain service if one server fails. pool of fault-tolerant reliable data storage. Even if a server fails or is taken over by an attacker, the entire file store continues to function properly, preserving your privacy and security. The servers used as storage pools do not have access to your data.
Tahoe-LAFS is only advised for experienced system administrators due to the system’s complexity and the number of nodes required for set up.
AVOID:
Dropbox | Google Drive | Microsoft OneDrive | Apple iCloud
If you use a common cloud storage service you are putting your complete trust in the service provider not to spy at your files. Consider lowering your need to trust public services by choosing one of the alternatives which leverage end-to-end encryption (E2EE).