Welcome to the MacNN Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

You are here: MacNN Forums > Software - Troubleshooting and Discussion > Applications > Simple App to Encrypt files with Cloud Service

Simple App to Encrypt files with Cloud Service
Thread Tools
Fresh-Faced Recruit
Join Date: Aug 2014
Status: Offline
Reply With Quote
Aug 20, 2014, 11:11 PM
 
Hi,

I'm looking for software that will allow me to encrypt files and folders easily (e.g. right click, select encrypt) from the Finder. The purpose is to encrypt the file before it is uploaded to any cloud service (OneDrive, DropBox, etc). I don't need to view the file on any other device like my phone or anything like that, I only want the file(s) to be encrypted, period.

When and if I need the file/folder, I would just double click it on my computer (or select decrypt) and I'm done.

Is there anything like that that someone can recommend? I've tried these and they don't seem to do this, or at least not very intuitively;

Thanks!
     
Administrator
Join Date: Apr 2001
Location: San Antonio TX USA
Status: Offline
Reply With Quote
Aug 21, 2014, 08:04 AM
 
I don't know of any one-click encryption packages, but GPG doesn't take much more than one click, and you KNOW when you've told the system to encrypt something with it. I am suspect of "almost automatic" encryption for two reasons: you may forget the one step to get the encryption done, and you may accidentally encrypt everything automatically. Neither is a good choice.

GPG is an open source implementation of the OpenPGP standard. You'd want their Mac implementation, called "GPGTools." Open source encryption has a strong reputation for lacking "back doors" or other flaws in security protocols or overall implementation. In short, it would be hard for NSA to sneak in something that allows them to peek at your stuff without all the other open source contributors knowing something about it.

One more note about "encrypting everything:" you probably don't want to accidentally encrypt your emails to Mom or work documents you're sending to your boss (unless you use your work's encryption system), but encrypting everything you put "in the cloud" is a good idea.

OneDrive and DropBox are both good examples of cloud storage that users would benefit from encrypting their content with, but there's something else to consider: I use DropBox for items I share (professional group documents, etc.), while I use Evernote for stuff I do not share - keeping that sort of thing straight is helpful in avoiding sending your boss an encrypted file he can't read while leaving your credit history documents unprotected on someone else's server...

Glenn -----OTR/L, MOT, Tx
     
Clinically Insane
Join Date: Jun 2001
Location: planning a comeback !
Status: Offline
Reply With Quote
Aug 21, 2014, 03:39 PM
 
I use TruCrypt for that.

Save the encrypted container on your Cloud Drive, and it mounts like an external HD on your Mac. I use it with Dropbox.

https://www.grc.com/misc/truecrypt/truecrypt.htm

-t
     
Fresh-Faced Recruit
Join Date: Aug 2014
Status: Offline
Reply With Quote
Aug 21, 2014, 11:22 PM
 
Thank you, I think this is exactly what I was looking for. Open source is good, at slats it gives me hope that the project won't be dropped out of the blue as has been the case with some software I have purchased in the past.

We are on the same page regarding encryption, I don't want to encrypt anything else except the files I send to the cloud. My Mac has already Filevault encryption and that would let me sleep at night if my machine ever got stolen.

I'll give this a shot and report back - thanks again! 😊


Originally Posted by ghporter View Post
I don't know of any one-click encryption packages, but GPG doesn't take much more than one click, and you KNOW when you've told the system to encrypt something with it. I am suspect of "almost automatic" encryption for two reasons: you may forget the one step to get the encryption done, and you may accidentally encrypt everything automatically. Neither is a good choice.

GPG is an open source implementation of the OpenPGP standard. You'd want their Mac implementation, called "GPGTools." Open source encryption has a strong reputation for lacking "back doors" or other flaws in security protocols or overall implementation. In short, it would be hard for NSA to sneak in something that allows them to peek at your stuff without all the other open source contributors knowing something about it.

One more note about "encrypting everything:" you probably don't want to accidentally encrypt your emails to Mom or work documents you're sending to your boss (unless you use your work's encryption system), but encrypting everything you put "in the cloud" is a good idea.

OneDrive and DropBox are both good examples of cloud storage that users would benefit from encrypting their content with, but there's something else to consider: I use DropBox for items I share (professional group documents, etc.), while I use Evernote for stuff I do not share - keeping that sort of thing straight is helpful in avoiding sending your boss an encrypted file he can't read while leaving your credit history documents unprotected on someone else's server...
     
Fresh-Faced Recruit
Join Date: Aug 2014
Status: Offline
Reply With Quote
Aug 21, 2014, 11:38 PM
 
Originally Posted by turtle777 View Post
I use TruCrypt for that.

Save the encrypted container on your Cloud Drive, and it mounts like an external HD on your Mac. I use it with Dropbox.

https://www.grc.com/misc/truecrypt/truecrypt.htm

-t
Thanks, this would work fine if it was a folder that wasn't being modified constantly, but this won't be the case.

A disk image would need to be re-uploaded every time it changes, right? I'm not sure on that, but if you modify an image, a differential upload won't take effect as it would be a completely different file from what it was before?
     
Administrator
Join Date: Jun 2000
Location: California
Status: Offline
Reply With Quote
Aug 22, 2014, 12:07 AM
 
You could encrypt the files in a folder, and then sync them. Only changed files would upload. The downside - anyone looking could see the file names. But not read them.

Time Machine ran into the same problem with encrypted disk images, and Apple introduced sparse bundles to solve it. Assuming your backup software handles bundles as individual files (as it should) you can backup only the changed parts of the encrypted image.
     
Fresh-Faced Recruit
Join Date: Aug 2014
Status: Offline
Reply With Quote
Aug 22, 2014, 12:10 AM
 
Thanks! I had no idea about sparse bundles, will try with disk images and we'll see if it's does an differential upload - cheers!

Originally Posted by reader50 View Post
You could encrypt the files in a folder, and then sync them. Only changed files would upload. The downside - anyone looking could see the file names. But not read them.

Time Machine ran into the same problem with encrypted disk images, and Apple introduced sparse bundles to solve it. Assuming your backup software handles bundles as individual files (as it should) you can backup only the changed parts of the encrypted image.
     
Clinically Insane
Join Date: Jun 2001
Location: planning a comeback !
Status: Offline
Reply With Quote
Aug 22, 2014, 10:20 AM
 
Originally Posted by csaborio View Post
Thanks, this would work fine if it was a folder that wasn't being modified constantly, but this won't be the case.

A disk image would need to be re-uploaded every time it changes, right? I'm not sure on that, but if you modify an image, a differential upload won't take effect as it would be a completely different file from what it was before?
Not really. As far as I can observe, the TrueCrypt container is like a sparse bundle. Only the changes are synced.

-t
     
Clinically Insane
Join Date: Jun 2001
Location: planning a comeback !
Status: Offline
Reply With Quote
Aug 22, 2014, 10:24 AM
 
Originally Posted by csaborio View Post
Thank you, I think this is exactly what I was looking for. Open source is good, at slats it gives me hope that the project won't be dropped out of the blue as has been the case with some software I have purchased in the past.
You don't have to worry about that, because it has already happened

TruCrypt development stopped earlier this year.

The consensus among the security community is that the TruCrypt developers were forced to implement back doors in the recent builds. Obviously, they are not allowed to admit that, so they stopped development, citing "security" reasons.

The old versions of TruCrypt (the page I linked) have been working w/o problems for years, are open source, and not compromised.

I continue using TruCrypt, although there is no more development ongoing.

-t
     
Administrator
Join Date: Jun 2000
Location: California
Status: Offline
Reply With Quote
Aug 22, 2014, 03:42 PM
 
Originally Posted by turtle777 View Post
The consensus among the security community is that the TruCrypt developers were forced to implement back doors in the recent builds.
turtle, do you have a link for this? The last time I read about it, the retirement was still a big mystery. Wikipedia doesn't talk about that either.
     
Fresh-Faced Recruit
Join Date: Aug 2000
Location: Clifton, VA
Status: Offline
Reply With Quote
Aug 22, 2014, 06:18 PM
 
Originally Posted by turtle777 View Post
Not really. As far as I can observe, the TrueCrypt container is like a sparse bundle. Only the changes are synced.

-t
So why not create an encrypted sparse dmg image instead? Easier than going through all of the hassle and mystery of TrueCrypt.
     
Managing Editor
Join Date: Jul 2012
Status: Offline
Reply With Quote
Aug 22, 2014, 06:59 PM
 
Be wary of encryption when migrating to a new OS. Apps (especially those no longer under development) can, have, and do break when things get updated.

We're on the precipice of Yosemite, which breaks low-level things, like Parallels. Be careful.
     
Clinically Insane
Join Date: Jun 2001
Location: planning a comeback !
Status: Offline
Reply With Quote
Aug 22, 2014, 09:14 PM
 
The good thing about TruCrypt is that it's cross-platform.
That's so the reason why I prefer it over sparse images.

Even if it were to break on OS X, you could always recover the data with a different OS.

-t
     
Clinically Insane
Join Date: Jun 2001
Location: planning a comeback !
Status: Offline
Reply With Quote
Aug 22, 2014, 09:19 PM
 
Originally Posted by reader50 View Post
turtle, do you have a link for this? The last time I read about it, the retirement was still a big mystery. Wikipedia doesn't talk about that either.
I'd need to google the links. I read this analysis back when.

Logically, it's the only explanation that makes sense.
The previous TruCrypt version worked for more than 4 years, and no known security issues were ever discovered.

Suddenly, a NEW version gets issued that DOES NOT claim to fix the security issues, and right after that, development is stopped.

Doesn't make any sense at all, except, if there was some event that can't be disclosed.

-t
     
Clinically Insane
Join Date: Jun 2001
Location: planning a comeback !
Status: Offline
Reply With Quote
Aug 24, 2014, 08:46 AM
 
That would be awesome.

-t
     
Clinically Insane
Join Date: Jun 2001
Location: planning a comeback !
Status: Offline
Reply With Quote
Sep 1, 2014, 01:38 PM
 
You guys might want to take a peak at this:

https://www.boxcryptor.com/en/boxcryptor

Looks like an interesting solution.

Downside is: it's not open source, so theoretically, there could be a back door.
However, since it's a German company, you'd think the NSA has less "access" or power over them.

tl/dr: Boxcryptor is convenient, but for the security paranoid, I'd still recommend TruCrypt.

-t
     
   
Thread Tools
Forum Links
Forum Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Top
Privacy Policy
All times are GMT -4. The time now is 02:42 PM.
All contents of these forums © 1995-2014 MacNN. All rights reserved.
Branding + Design: www.gesamtbild.com
vBulletin v.3.8.8 © 2000-2014, Jelsoft Enterprises Ltd., Content Relevant URLs by vBSEO 3.3.2