Jump to content
TorGuard

Encryption need advice.

Rate this topic


Ace Mcool
 Share

Recommended Posts

hi everyone

recently i was hit with deadbolt on my Asustor's.

 

i was lucky amd lost little.  it was lazyiness on my part that i left a setting on years ago after a tech support session which left the support software open and vulnerable

one nas was compromised other was safe.

. I was able to save 99.9999999 percent of data.

 

now i have cloud backup for my nas'.

 

is through sync  and although they encrpt  on the fly,  they do suggest that data also be encrypted before upload.

 

I still want to use my data without too much difficultly.

 

so i am looking for an encryption program which i use with a stored key,  and that i wont have to setup three more nas' to hold encrypted  files before putting them in the vault.

 

research tells me open source is actually better as preparatory is usaully comprised with back doors.

 

no i dont have any really sentitive data, but .......

Any help would be appreciated. 

thx

 

Ace

Link to comment
Share on other sites

Hello, on one side you did not mention which type of data it is and secondly I fail to understand if your question has anything to do with vpn, but as far as I understood, you should consider trying rclone: https://rclone.org/ which works quite with every storage provider. I did not try with it sync.com as I do not use sync.com. Here are additional suggestions which you may think about:

1. most people require big storage for pictures and videos. There are several providers who offer unlimited storage for pictures, but yandex's is my favourite, with free account you get unlimited storage and application on your mobile phone uploads directly from the phone and you have your backup even before you get it to your nas.

2. Videos take most space, especially if it is about videos which you shoot, here again, the cheapest yandex offer gives you unlimited video storage too. With pictures and videos you already have backup always running of something that grows today mostly, paying for that storage raises the costs.

3. When/if you buy "lifetime" storage, like pcloud, you need to be aware that lifetime means only as long as the company exists.

 

Considered you can encrypt and much, much more with rclone, I guess price/storage difference is the only thing you should bother about.

Link to comment
Share on other sites

Yes thank ou for the reply so quickly

was looking for third party open source encryption solution.

SYNC states that i should have one even though they encrypt.  What that tells me is that they ca snoop and or make availible info on type and such of the information i put on the cloud.

 

Reason I put this up here is the reason most use vpns is to keep snooping down to a minimum.

 

after looking at several different propitiatory solutions  ar available but they are more at risk due to back doors and compliance with regulators.

Open source has been the most suggested, but the few i have found are still kind of beta.

 

ANy ideas on that would be great

A bunch of data is propitiatory and takes up about 35 TB,  the rest are pictures and videos that i have been archiving for many years,  some hunting trips, vacation stuff a ton of pictures,  ( use to be in the photo business as well as its a hobby as well.)

A lot are videos, some personal others work or were work related.  Am consulting these days mostly so the work stuff

 

second nas contains first back ups of second.  but i was advised after the deadbolt problem to keep off site backup(s) as well.

 

Ace

Link to comment
Share on other sites

You are welcome.

 

13 hours ago, Ace Mcool said:

was looking for third party open source encryption solution.

rclone is open source and you can encrypt, you can test it locally, here is one example:

As first you should read rclone documentation and play with it, you do not need cloud storage to see how it works, rclone is actually very simple and is quite rock solid.

1. create rclone.conf local entry, as example this:

[local]
type = local
nounc = true
one_file_system = true
case_sensitive = true
no_preallocate = true
no_set_modtime = true

2. Then add encrypted folder which uses local as it's root, I will call it simply trezor:

[local-trezor]
type = crypt
remote = local:
filename_encryption = standard
directory_name_encryption = true
password = SOMEVERYSECUREPASSWORD1
password2 = SOMEVERYSECUREPASSWORD2
no_data_encryption = false

 

That is it, let's say you want to copy/sync your Documents folder to trezor:

1. let's create same structure of the hard disk, create new folder home/user/Documents in your local trezor:

rclone mkdir local-trezor:home/user/Documents

 

Let's check newly created folder if it is encrypted:

ls -la

as a result you will see encrypted name of folder home, something like this:

drwxrwxr-x   3 user user      4096 Mär 26 15:55  mc52ao8aqvippqf8u0vvl0c7gs

We see that folder is created, let's see if rclone can see it unencrypted:

rclone lsd local-trezor:

As a result you can see the folder:

-1 2022-03-26 15:55:25        -1 home

 

That's it, you see by that how filename obfuscation works, now you can sync your documents folder with

You can list then all copied files with as example

rclone ls local-trezor:

 

To make life easier, you can mount any entry from config as a disk, here is how it looks for let's say sync.com employee:

image.png

 

From what you said, rclone is for sure exactly what you are looking for. Just make sure to save both passwords (if both are used) in some secure place, as sync.com does not have this data. For mobile applications there is rclone browser which is quite limited for now, not sure if rclone (aka encrypted files) would be accessable for you from mobile devices, for that you can as workaround mount drive on your pc and share that folder in the way your preffered mobile application uses it, personally, all my devices are connected in wireguard network where each device has its own subnet, do not open ports for services like ftp etc.., it is enough to open just one udp port for wireguard, if you really need a backup, open same tcp port for ssh.

 

13 hours ago, Ace Mcool said:

A bunch of data is propitiatory and takes up about 35 TB

I consider that exactly this data has/should be encrypted and stored online, you should check pricing's, sync.com is quite expensive compared to other solutions. Void some questionable services like blomp, there nothing works if you are not using your own soft (like rclone/swift clien), their price is very attractive to make mistake, if you use such services, then only for a backup of archive which you probably can afford to loose forever, by that, I think you should use reliable service. If you can not afford data loss, then additionally good option is synology, which offers you same amount of cloud storage as your device offers on storage. In your case it could spare usage of second nas. There is quite plenty of different cloud and non cloud solutions, it really only matters how much you want to spend on it.

13 hours ago, Ace Mcool said:

the rest are pictures and videos that i have been archiving for many years,  some hunting trips, vacation stuff a ton of pictures,  ( use to be in the photo business as well as its a hobby as well.)

A lot are videos, some personal others work or were work related.  Am consulting these days mostly so the work stuff

Considering that data on cloud has always the risk that it disappears or that provider goes belly or even worse, take some politicaly motivated steps without any requirement to ban you from their service (just like most western based companies did lately), civilized or not, it happened during the 40's and in 2020's we seem not to be a bit cleverer. By that, you probably should have several places where you do store your data. For pictures and videos it is quite easy as there are many providers, I mentioned already yandex which you could use next to one which you use as your main, for pictures at least you have no costs and with data amount which you do have, $ 10 per year for unlimited picture and video storage is more than attractive pricing. What one also does not really think is what happens in the case when you need to move your data elsewhere for whatever reasons, with that amount of data it would waste quite a lot of your time to not only copy it to other place/cloud but also to verify and make sure everything is ok. Having several places let's you easily close/forget about that old place, you just need to make sure to sync properly so that you do not need to check always if something wasn't synced due to whatever reason as for you primary task would be in my eyes to prevent data loss, as you say, 99,99% is good, but that 0,01% can be sometimes more worth than all the other 99,99%.

 

13 hours ago, Ace Mcool said:

second nas contains first back ups of second.  but i was advised after the deadbolt problem to keep off site backup(s) as well.

In the case that you use several cloud storages, you might not need that one for a backup of first, instead you could have double storage amount.

 

Hope it helps you, all above advices are really "general", cloud backup's are always to be seen as individual, as everybody wants to do/use something different.

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
 Share

×
×
  • Create New...