Does anyone know if the services that offer encryption are also voiceover accessible?
Nancy Badger, Ph.D Assistant Vice Chancellor, Student Services UT Chattanooga Sent from my iPhone with dictation software. Please excuse spelling errors. > On Feb 25, 2016, at 11:00 AM, Traci Duncan <our4p...@gmail.com> wrote: > > > Enjoy, > Traci > > >> http://lifehacker.com/the-best-cloud-storage-services-that-protect-your-priva-729639300 >> >> The Best Cloud Storage Services that Protect Your Privacy >> >> <i9omcxqfkxm2kfstmlk8.jpg> >> >> Cloud storage is easy to come by. Dozens of services shovel tons of free >> space to you just for signing up. But which of those services are looking at >> the files you upload, and most importantly, which services encrypt your >> personal data so no one can look at it? Let's take a look. >> >> You already know why you should care about your privacy, even if you think >> you have nothing to hide. Privacy is even more important when it comes to >> cloud storage. You trust the service you sign up for to keep your files safe >> and secure and away from prying eyes. Whether you use your cloud storage for >> music, tax returns, or backups, it's still important to know that your >> provider isn't rifling through your files to make sure the music isn't >> pirated. If their servers ever get hacked, you want to know your tax returns >> and financial documents are safe. >> >> When we asked you for the best cloud storage providers, many of you asked an >> important question: Which services offered encryption or other security >> tools to keep your data safe from, well, anyone but you? Let's take a look. >> >> Cloud Storage Services with Encryption Rolled In >> >> <s8eijnee4gtmvmrfbjo1.jpg> >> >> Encryption works. Whether you want to protect your documents from potential >> identity thieves, want your files locked down in case your laptop or phone >> is lost or stolen, or you're concerned about the whole NSA spying scandal, >> encrypting them is the only way to make sure you're the only one with access >> to them. That is, without a ton of effort, anyway. Here are some of the >> services that have encryption built into their technology. >> >> SpiderOak >> >> <zvvaricffukg4rmv9eyu.jpg> >> >> SpiderOak starts you off with 2GB for free, with more storage available at >> $10/mo for each additional 100GB you need. All of your files are encrypted >> locally on your computer, and then uploaded to SpiderOak's servers, and any >> changes you make to your files and folders are synced with the local >> decrypted versions before being secured and uploaded. >> >> SpiderOak's "Zero Knowledge" privacy policy notes that because the >> encryption process takes place locally, they have no way of knowing what >> you're storing with them. Essentially, your data is completely private >> because you're the only person who knows what's being encrypted and >> transmitted. The only unencrypted versions live on your local computer. >> Also, since your data is encrypted locally with a password you choose, they >> have absolutely no way of decrypting it to see what's in your data store. At >> the same time, this also means that if you lose your password, SpiderOak >> can't retrieve it—or decrypt your locked files—for you. >> >> In the past, SpiderOak limited its remote access and syncing options, but >> SpiderOak Hive, their new syncing service, along with their iOS and Android >> apps let you take your encrypted files on the go. The encryption and >> decryption process still takes place locally, but the only thing that's >> stored on SpiderOak's servers are your password, so they can authenticate >> you and direct you to the right files. When your remote session is over, >> they destroy your password, so you can be comfortable that you're the only >> person who can access your files. If you're looking for a secure option that >> stores your files in an encrypted form but doesn't sacrifice usability, >> SpiderOak is definitely worth a look. >> >> SpiderOak uses a combination of 2048 bit RSA and 256 bit AES to encrypt your >> files. According to SpiderOak: >> >> Most importantly, however, the outer level keys are never stored plaintext >> on the SpiderOak server. They are encrypted with 256 bit AES, using a key >> created by the key derivation/strengthening algorithm PBKDF2 (using sha256), >> with 16384 rounds, and 32 bytes of random data ("salt"). This approach >> prevents brute force and pre-computation or database attacks against the >> key. This means that a user who knows her password, can generate the outer >> level encryption key using PBKDF2 and the salt, then decipher the outer >> level keys, and be on the way to decrypting her data. Without knowledge of >> the password, however, the data is quite unreadable. >> >> Wuala >> >> <q7zs00t7ysrb355r46mw.jpg> >> >> Wuala encrypts your files locally, and then uploads them to the cloud for >> safe keeping. You start with 5GB for free, and after that it's $4/mo for >> 20GB, $7/mo for 50GB, or $12/mo for 100GB. Like SpiderOak, Wuala handles >> encryption and decryption locally using a password you set, so no one can >> access your files. >> >> Furthermore, Wuala uploads different segments of your files to different >> servers, so they can't even identify what data belongs to which users. Your >> password is never transmitted anywhere, and again, this means that if you >> forget it and don't have unencrypted versions of your files locally, you're >> out of luck. You don't sacrifice features to get this level of security >> though. Wuala offers file versioning, cross-computer syncing, and mobile >> apps to help you keep working when you're on multiple computers or away from >> your desk. >> >> In order to give you access to your files on the go (and in order to share >> files with others) Wuala does have to make some compromises in the security >> department. They're not much deeper than >> >> SpiderOak's, but they're similar—when you share a file with someone, the >> file is unencrypted so they can access it without your password. If you put >> files in your public folder, they're definitely unencrypted. When you sync >> and access your files on mobile devices, your password is required in order >> to encrypt and decrypt your files, and Wuala uses it to make sure you are >> who you say you are. The decryption process still takes place locally, but >> Wuala does—temporarily—have your password. >> >> Wuala uses AES- 256 for encryption, RSA 2048 for signatures and for key >> exchange when sharing folders, and SHA-256 for integrity checks. You can >> read more about their approach to security here and here. >> >> Tresorit >> >> <d1dzrwfpdki2hwr8tai1.jpg> >> >> Tresorit is new to the encrypted storage game, but they're worth checking >> out if you find the other services a little too cumbersome. Signing up with >> Tresorit nets you 5GB for free. They offer additional storage starting at >> $13/mo. >> >> Like other encrypted cloud storage services, all encryption takes place >> locally on your computer. This means that no one can decrypt those files >> without your password—including Tresorit employees. Tresorit supports >> Windows and OS X on the desktop, and has mobile apps for Android, iOS, and >> Windows Phone. One place Tresorit shines (and has a lot of potential) is in >> sharing encrypted files. You can share files and grant specific permissions >> to users you specify, but those files are still encrypted until they >> download and open them. >> >> As for their encryption technologies, Tresorit encrypts all files with >> AES-256 before they're uploaded. Beyond that, they note: >> >> Additional security is provided before upload by HMAC message authentication >> codes applied on SHA-512 hashes. Encrypted files are uploaded to the cloud >> using TLS-protected channels. >> >> Mega.co.nz >> >> <mlznzdeyxxclivzfzfen.jpg> >> >> Mega is the brainchild of former Megaupload mogul Kim Dotcom. Signing up for >> a free account gets you 50GB of space. Pro accounts come in different sizes, >> including 9.99 € (~$13)/mo or 99.99 € (~$130)/yr for 500GB and go all the >> way up to 4TB. Unlike the other services, there are no desktop apps, no >> syncing, and no mobile apps. Everything happens in your web browser (there >> is an Android app, but Mega says nothing about it on their site aside from >> "mobile apps are coming soon," so YMMV). >> >> When you sign up, you choose a password and Mega generates the keys used to >> encrypt and decrypt your data. Files are encrypted before they're uploaded >> and decrypted after download by your web browser. Those encrypted files are >> then transferred via SSL. However, Mega's encryption is user controlled >> (UCE), meaning that your password is king. Accounts with no files or folders >> can reset their password, but once you upload data, losing your password >> means you lose access to your files. Not everything with Mega is encrypted >> however. Your files and folders are, but unlike other services, your folder >> structure and file ownership details aren't, and Mega can access them >> (although they can't see or access the files inside). You can read more >> about those limitations here. From an encryption standpoint, Mega says: >> >> For bulk transfers, AES-128 (we believe that the higher CPU utilization of >> AES-192 and AES-256 outweighs the theoretical security benefit, at least >> until the advent of quantum computers). Post-download integrity checking is >> done through a chunked variation of CCM, which is less efficient than OCB, >> but not encumbered by patents. >> >> For establishing shared secrets between users and dropping files into your >> inbox, RSA-2048 (the key length was chosen as middle grounds between "too >> insecure" and "too slow"). All encryption, decryption and key generation is >> implemented in JavaScript, which limits throughput to a few MB/s and causes >> significant CPU load. We are looking forward to the implementation of the >> proposed HTML5 WebCrypto API in all major browsers, which will eliminate >> this bottleneck. >> >> JavaScript's built-in random number generator is enhanced through a >> mouse/keyboard timing-driven RC4 entropy pool as well as crypto.* randomness >> where available (Chrome only at the moment). >> >> An important thing to remember about Mega is that while they offer a lot of >> storage and make some big privacy promises (and they say mobile apps and >> desktop tools are on the way soon), their encryption is actually weaker and >> less robust than many of the other cloud storage options available. They >> draw a line between security, speed, and massive storage. >> >> If you're the type who believes a little "security through obscurity" >> frosting is good on top of your encryption cake, note that Mega is under >> heavy scrutiny just by virtue of the fact that Kim Dotcom is the man behind >> it. Also, Ars Technica reported Mega's encryption methodolgy leaves much to >> be desired shortly after it launched. Mega offered a bounty to anyone who >> could crack them, and multiple vulnerabilities were found. There's even an >> app specifically for cracking Mega passwords. However, the service promises >> improvements are on the way. For the time being though, if you want speed >> and flexibility and tons of storage, take a look. If you want real, solid >> encryption and security, hang tight until those updates come. >> >> The Cloud Storage Services that Don't Value Your Privacy >> >> <nszpz7xogyv5xsykpuq3.jpg> >> >> You may have noticed that some of the big names in cloud storage aren't >> listed above. That's not because they're insecure, or because they don't >> care about your privacy, it's just because they don't offer the same tools >> or privacy promises that the above do. In the worst case, it's because they >> actually say outright that they scan your files for content they deem >> "inappropriate." >> >> We're not saying you should drop your favorite service and move to one of >> the ones we mentioned, but if you do stay where you are, you should know >> what their privacy policy says. Dropbox, Google, and Amazon all say they >> will only dig into your files if someone tips them off to illegal or >> copyrighted material, or law enforcement comes knocking. All three will >> insist on seeing a court order before investigating or turning over any data >> to the authorities. At least there's some measure of due process involved, >> and they won't shutter your account because someone found something they >> didn't like. >> >> On the other end of the spectrum, Microsoft's SkyDrive has regularly come >> under scrutiny by privacy advocates. Microsoft is known to scan its users' >> files, sometimes with disastrous results. In 2011, a German photographer had >> his Microsoft accounts restricted because Microsoft deemed some of his >> professional work "questionable." Another user had his accounts closed even >> though the content he had stored was in a private folder, accessible only to >> him. SkyDrive isn't alone here. Apple reserves the right to scan your files >> stored in iCloud for illegal or malicious content as well. >> >> The services we've highlighted have similar privacy policies (which you >> should read before signing up). They'll respond to subpoenas and court >> orders, but because of the way your data is stored and encrypted, most of >> them don't even know where your data is on their servers, much less how to >> decrypt it, so they physically can't give it to someone who comes asking for >> it. >> >> Remember, You Can Always Do It Yourself >> >> <jau196evkmxgp9btpflv.jpg> >> >> When we highlighted the five best cloud storage services, many of your >> choices were based on how much storage you could get (usually more than the >> free plans above) and how tightly those services integrated with other >> services you use. With some of the above options, syncing can be slow >> because your files have to be encrypted before uploading, decrypted after >> downloading, and secure connections have to be established. If you want >> speed and tons of storage along with security and encryption, you can have >> it by using a third party tool to encrypt your data locally. >> >> For example, we've shown you how to encrypt your Dropbox files with >> encrypted ZIP archives, or by using TrueCrypt, Boxcryptor, or Viivo >> (formerly SecretSync). Since then, even more tools to keep your cloud data >> safe have emerged, like CryptSync, which is compatible with Dropbox, Google >> Drive, SkyDrive, and others. >> >> Finally, don't forget that the most secure cloud storage solution is the one >> that you have complete control over. Like we said above, Mega sounded great >> until researchers highlighted its vulnerabilities. The other services could >> have vulnerabilities too, but they're not under the same scrutiny. Using >> cloud storage inherently means giving your files—encrypted or otherwise—to >> someone else. If you want to keep them close but still access them >> everywhere, you can always use a large hard drive or a NAS and roll your own >> syncing cloud service with OwnCloud. You could even power it with a >> Raspberry Pi and keep the overhead low. >> >> Whatever you do, make sure to take your security and privacy into >> consideration before you upload to the cloud. You don't have to give up >> convenient access to your files anywhere you go to protect your privacy. You >> just have to choose the right cloud storage provider—or take matters into >> your own hands. >> >> Photos by Maksim Kabakou (Shutterstock), Tischenko Irina (Shutterstock), and >> Steven Depolo. >> > > -- > The following information is important for all members of the Mac Visionaries > list. > > If you have any questions or concerns about the running of this list, or if > you feel that a member's post is inappropriate, please contact the owners or > moderators directly rather than posting on the list itself. > > Your Mac Visionaries list moderator is Mark Taylor and your owner is Cara > Quinn - you can reach Cara at caraqu...@caraquinn.com > > The archives for this list can be searched at: > http://www.mail-archive.com/macvisionaries@googlegroups.com/ > --- > You received this message because you are subscribed to the Google Groups > "MacVisionaries" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to macvisionaries+unsubscr...@googlegroups.com. > To post to this group, send email to macvisionar...@googlegroups.com. > Visit this group at https://groups.google.com/group/macvisionaries. > For more options, visit https://groups.google.com/d/optout. -- The following information is important for all members of the V iPhone list. If you have any questions or concerns about the running of this list, or if you feel that a member's post is inappropriate, please contact the owners or moderators directly rather than posting on the list itself. Your V iPhone list moderator is Mark Taylor and your owner is Cara Quinn - you can reach Cara at caraqu...@caraquinn.com The archives for this list can be searched at: http://www.mail-archive.com/viphone@googlegroups.com/ --- You received this message because you are subscribed to the Google Groups "VIPhone" group. To unsubscribe from this group and stop receiving emails from it, send an email to viphone+unsubscr...@googlegroups.com. To post to this group, send email to viphone@googlegroups.com. Visit this group at https://groups.google.com/group/viphone. For more options, visit https://groups.google.com/d/optout.
