Yes, it’s true. Finally a way to get your personal files on each machine you work with that gets backed up online without any worry of who is rummaging through your data when you aren’t looking! It’s the secure online backup you were looking for!
Windows? Linux? Mac? No problem. Installers are available for all three systems.
DropBox (a glorified subversion system for the rest of us) has finally worked its way out of beta and will become the backbone for our project. Transmission of data to DropBox is via HTTPS, so we at least have half the problem resolved.
The second problem is DropBox’s STORAGE of my files. If they defect to the goverment faster than AT&T did with the NSA, then you can be sure your private key and personal bookmarks to porn sites will be used against you. I wanted the storage of my files encrypted. Since I couldn’t trust DropBox, I turned to my good old friend, TrueCrypt.
The solution here is to create a TrueCrypt volume inside of your DropBox folder. Even though DropBox has a 2GB folder limit, you shouldn’t use all of it for your TrueCrypt drive. Unfortunately, TrueCrypt creates the encrypted partition to it’s maximum capacity, which means if you create a 1GB encrypted volume, it actually takes up 1GB on the harddrive even with nothing in it. And transferring a 1GB file many times for little to no content isn’t the best plan.
Since the volume is filled out to maximum filesize even with no data, it’s best to create a few smaller drives (in the 256MB range) as DropBox has to upload the entire file at least once and you have to download the synchronized file on every computer. TrueCrypt can mount about 12 volumes automatically, so my recommendation is to keep the volumes small and increase the sizes for volumes you don’t modify often.
Don’t feel guilty about using encyption. Don’t be guilted into the “If you have nothing to hide” mantra; privacy is your right as a human, exercise it.
Tags: hacking, recommendation, rumination, software, svn
September 18th, 2008 at 12:08 pm
So I also immediately figured this would be a super-handy technique and have been experimenting with it. *Ideally*, you would want the truecrypt volume to sync dynamically in the same way that DropBox does. However, because TrueCrypt puts an exclusive lock on the file when it mounts the volume, this is not possible. DropBox *can’t* dynamically sync changes as they are being made within the TrueCrypt volume.
At least, that’s been my experience when mounting the same TrueCrypt volume stored in my DropBox on both my laptop and my desktop (Ubuntu and WinXP respectively). I was wondering if you had a similar experience and/or a solution!
~tw
October 8th, 2008 at 4:53 pm
[...] Secure online storage with Dropbox and Truecypt [...]
November 19th, 2008 at 6:25 pm
Thanx for this article…
So if you add a 256 MB truecrypt-file to your dropbox it will have to be up- & downloaded once, of course. But then, if you open the container and add a few files, won’t it have to up- & download (on the other pc) the whole thing again? Or just the changes?
By the way, you could also create a growing container, I guess?
December 24th, 2008 at 10:30 am
Dropbox only transfers the changes. Now, being an encrypted file, you can count on more than a few bytes to be changed throughout the Truecrypt volume, but at least it’s done in the background, and by the time you travel to the other site where your other end of the Dropbox is, it should be there and ready to go, automatically.