The problem with any of the cloud services is that they can't provide zero-knowledge encryption; at some level you're trusting the vendor to not screw up.
Hey Tom—There is one cloud based backup/storage provider that claims to be entirely zero-knowledge: https://spideroak.com/zero-knowledge/ FWIW: I haven’t personally used this service, but have friends who do and swear by it. Michael Chung Systems Administrator Enterprise Computing & Service Management Haas School of Business, UC Berkeley Student Services Building, Room S300D Berkeley, CA 94720-1900 Tele: <tel:15106433887> 510-643-3887 Typical Office Schedule Offsite: M-F At Haas: On-demand From: [email protected] [mailto:[email protected]] On Behalf Of Tom Holub Sent: Friday, March 13, 2015 4:33 PM To: Ian Crew Cc: [email protected] Subject: Re: [Micronet] TrueCrypt I've been doing a lot of work on data protection, and haven't found a free direct replacement for TrueCrypt. The problem with any of the cloud services is that they can't provide zero-knowledge encryption; at some level you're trusting the vendor to not screw up. For some data risks that's acceptable, but it depends on the specific needs. I've used BestCrypt as a drop-in replacement for TrueCrypt, and it's good, much better than TrueCrypt in terms of UI. But it's not free; whether it makes sense in your environment depends on how many nodes you need to install it on, and who you're collaborating with. On Friday, March 13, 2015, Ian Crew <[email protected] <mailto:[email protected]> > wrote: Hi Sergey: There are campus-supplied and supported services that support both MSSEI PL1 (Box, Google Drive, and bCourses Project Sites) and MSSEI PL2 (CalShare) data, which may remove the need to use per-file encryption tools at all. See http://kb.berkeley.edu/page.php?id=44390 for a comparison among those 4 tools. Hope that's helpful, Ian On Mar 13, 2015, at 3:51 PM, Sergey Shevtchenko <[email protected] <javascript:_e(%7B%7D,'cvml','[email protected]');> > wrote: Dear Micronetters, It's been a year since TrueCrypt has been abandoned by its developers, and we can't recommend the Dropbox/TrueCrypt solution anymore :( What are you folks using for free, cross-platform, on-the-fly container encryption/decryption these days? It does not look like those audits found any vulnerabilities with TrueCrypt 7.1a, so perhaps its still in use? Searching on Google didn't really reveal any good alternatives, since whole-disk encryption and single-file encryption/decryption routines don't compare to ole TrueCrypt's mountable containers... Sergey Shevtchenko IT Director Goldman School of Public Policy <http://gspp.berkeley.edu/> University of California, Berkeley tel.: (510) 643-0077 ------------------------------------------------------------------------- The following was automatically added to this message by the list server: To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site: http://micronet.berkeley.edu Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet. This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past. ___ Ian Crew IST-Architecture, Platforms and Integration (API) Earl Warren Hall, Second Floor University of California, Berkeley -- Tom Holub, Founder Totally Doable Consulting, <http://totallydoableconsulting.com/> http://totallydoable.com Practical IT management consulting for education and non-profits <mailto:[email protected]> [email protected], 510-957-8225
------------------------------------------------------------------------- The following was automatically added to this message by the list server: To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site: http://micronet.berkeley.edu Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet. This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
