Encrypt your dropbox files

Dropbox is indeed a great application. It gives you a free 2GB of storage space to store your files and allows you to access to them and sync them between different computers, regardless you are running Windows, Mac, Linux or any other smart mobile device. However, as good as it gets, there is one major issue. All the files that you have stored in the cloud are not encrypted. Whoever hack into your account can view and access all the files in your account, including those confidential documents that you have synced over the cloud.

Why is this important to you? A mistake made by the Dropbox team few days back had left the Dropbox’s main door open for 4 hours. During this period, anyone can log into any account and access all the files in that account without any passwords. While this affects only 1% of its users (which amounts to about 250,000, and that is not a small number), if you are one of those whose accounts have been compromised and you have confidential files in your Dropbox, you better watch out for the bad things that might happen to you.

Since you never know when such incident will happen again, it is best to encrypt your files before you sync them to the cloud so there is a second level of defense when your account has been compromised.

1. SecretSync

SecretSync is a file-by-file encryption solution for Windows and Linux. Once installed, you will find a new “SecretSync” folder in your user directory. Any files that you place in this folder will be encrypted and sync to Dropox.

The installation and usage of SecretSync for Windows is pretty straightforward. You simply download, install and run it. it will then guide you through the encryption process.

For Linux, the usage is purely command-line based.

1. You have to first download the deb file and install it in your system.

2. Open a terminal and type

secretsync

This will run the installer and download the necessary files from SecretSync site. It will also run you through the setting up process.

After the installation, type

secretsync start

to start the SecretSync service. You should see a new SecretSync folder in your Home directory. Any files you place in this folder will be encrypted and synced to Dropbox.

To get SecretSync to autostart everytime you login, go to “System -> Preferences -> Startup Applications” and create a new startup item.

SecretSync

2. TrueCrypt

TrueCrypt is another powerful and cross-platform compatible encryption tool that you can use. We have mentioned it here and here, so we won’t go through it again.

One disadvantage of TrueCrypt is that you have to create a fixed size virtual container before you can use it. In addition, you can only get it to sync after you have unmounted it. This means that you won’t be able to sync your files in real time. Other than that, if you need a true cross-platform solution, then TrueCrypt is definitely the one for you.

3.Encfs

Encfs is a better solution than SecretSync because it stores the encryption keys on your local machine and it can work in Linux (natively), Windows (via BoxCryptor) and Mac (via MacFuse), which is great if you use Dropbox on more than one operating system.

In Ubuntu, open a terminal and type:

sudo apt-get install encfs sudo addgroup <your username> fuse

To create an encrypted folder, type the command:

encfs ~/Dropbox/.encrypted ~/Private

The above command instructs encfs to create an encrypted hidden folder (with name .encrypted) in Dropbox and mount it in the Private Folder in your Home directory.

When it prompts you for the configuration option, press “p” follow by Enter.

Next, it will ask you to enter your password. Be very careful with what you type since it won’t appear in the screen.

That’s it. Whatever files you place in the Private folder will be encrypted and synced with Dropbox.

To get the encrypted folder to automount everytime you log in, you can use gnome-encfs.

sudo add-apt-repository ppa:gencfsm && sudo apt-get update && sudo apt-get -y install gnome-encfs-manager

and type gnome-encfs in the dash

or if you don like a ppa use:

1. Download gnome-encfs here (or grab the source here) to your Home folder.

2. Type the following command:

sudo install ~/gnome-encfs /usr/local/bin gnome-encfs -a ~/Dropbox/.encrypted ~/Private

GUI for Encfs

In Linux, Cryptkeeper is an application that provides a graphical interface for encfs. It doesn’t come with the full configuration option for encfs, but if you need an easy way to get started quickly, this will be very useful.

In Ubuntu,

sudo apt-get install cryptkeeper

Cryptkeeper works as a system tray applet. If you are using Unity, use the following command to get it to work:

gsettings set com.canonical.Unity.Panel systray-whitelist "['Cryptkeeper']" setsid unity

BoxCryptor

BoxCryptor is not really a GUI for encfs, but its encryption method is compatible with encfs. If you have created an encrypted folder in Linux, you can use BoxCryptor in Windows to mount the same encrypted folder.

If you use BoxCryptor to encrypt (parts of) your Dropbox folder, an USB stick or an external harddisk and want to share the encrypted data with a computer running Linux or Mac OS X, a great feature of BoxCryptor is the compatibility with EncFS, an open-source cryptographic filesystem. As EncFS had some security issues in previous version, a prerequisite is to have EncFS version >= 1.7 installed. Unfortunatly Ubuntu and other Linux distributions still use older version of EncFS (e.g. 1.6) which can not be used to read files encrypted with BoxCryptor. This blog post will show you how to install and use the latest EncFS version 1.7.4 in Ubuntu Maverick. It will NOT work in Lucid Lynx, 10.04!

download it here or follow these instructions:

1. Start the Synaptic Package Manager

Click "System > Administration > Synaptic Package Manager"

2. Add the repository for the upcoming Ubuntu Natty

Natty, the next version of Ubuntu, supports the latest version of EncFS and we can use its repository to install it.

Click"Settings > Repositories"

Click"Other Software > Add"

APT line: "deb http://archive.ubuntu.com/ubuntu natty main universe"

Close the dialog and reload the package information by clicking the "Reload" button

3. Install EncFS

Search for "encfs" and mark the encfs package all additional required packages for installation

Install the packages by clicking the "Apply" button

Tip: Also install cryptkeeper for a graphical interface to manage EncFS

4. Remove Ubuntu Natty repository

Choose "Settings > Repositories > Other Software"

Uncheck the Ubuntu Natty repositories

5. Start Cryptkeeper

Click "Applications > System Tools > Cryptkeeper"

6. Import the encrypted directory

Choose "Cryptkeeper > Import EncFS folder" in the notification area

Select the encrypted directory (the source directory for BoxCryptor)

Select a desired mount point where you want the unencrypted data to appear

7. Mount the encrypted directory

Choose "Cryptkeeper > [Mount point]" in the notification area

E.g, "Cryptkeeper > /home/robert/Documents/Safe"

Tip: If you prefer working on the command line, here are the necessary instructions to install and use EncFS 1.7.4 in Ubuntu Maverick:

Open a terminal

Add "deb http://archive.ubuntu.com/ubuntu natty main universe" to /etc/apt/sources.list

Enter "sudo apt-get update"

Enter "sudo apt-get install encfs"

Remove the Natty repository from /etc/apt/sources.list again

Enter "sudo apt-get update"

Enter "encfs [source dir] [destination mount point]"

E.g. "encfs ~/Dropbox/BoxCryptor/ ~/Safe"