Earlier this year, I described how I used a combination of Espionage and Dropbox to share confidential documents among our family’s Macs. Unfortunately, that approach proved too problematic and I’ve since had to switch to a new approach—based on the Tresorit service—which, while not a perfect solution, does represent an improvement.
The old approach
The old approach involved keeping my confidential data in a set of encrypted sparse disk images that were stored in Dropbox. Dropbox provided both a cloud backup of this data, as well as the mechanism through which the data was shared with my wife. Espionage provided an elegant user-interface for mounting and accessing the data on those sparse images.
The benefit of the old approach was that my confidential documents were secured both locally and in the cloud. The problem, though, was that even though cloud-syncing sparse disk images is much more efficient than syncing a non-sparse image—since only modified image bands have to sync—the amount of data that does get synced relative to the underlying change in internal files proved too much. For example, a simple change to a text file would result in several megabytes of data to upload to Dropbox—and over our pathetic Spanish ADSL lines, that was just too much.
As a result, I found myself bit by bit moving my most frequently accessed confidential data out of the secure disk images, and back into native Dropbox.
The ideal solution
The ideal solution for me would be a product/service similar to Dropbox, but which encrypts the data stored in the cloud, and provides for some type of local security on the computer as well.
For example, imagine Dropbox but implemented in a way that requires you to locally “unlock” your Dropbox before you can access the files. Then, once I’m done with the files, I’d re-lock the local file system, and the service could still sync the encrypted internal data to the cloud.
As far as I know, such a service/product doesn’t exist, and so I had to settle for the next best thing.
The new solution, Tresorit
Tresorit is quite easy to describe—just imagine Dropbox, but with all your cloud-stored data encrypted, and in a way such that nobody but you can access it, i.e. not even Tresorit staff can access your data. The company’s based in Switzerland, and operates under Swiss privacy laws.
So I now run Tresorit alongside Dropbox, and keep all my confidential data in its folder. When I modify a 2kB text document, Tresorit compresses and encrypts the modified document and uploads the resulting data to the cloud—a process which completes in orders of magnitude less time than the modified sparse images of my previous approach!
While I’m happier with this approach, it does have some drawbacks:
- Tresorit doesn’t locally protect my confidential documents. So if my MacBook Air got stolen, I’d be relying on its FileVault encryption to protect access to those documents.
Tresorit’s cloud-service does not use content-addressable storage to uniquely identify that a file exists in their store. So if you simply move a document from one folder within the Tresorit file system to another, Tresorit will re-encrypt and re-upload that data again. This bit me really badly, when I renamed a folder containing 30 GB of archived email from “Email” to “Email Archives”.
Tresorit is built on top of Microsoft Azure cloud services, and as a result, can not synchronize files whose names are invalid under the Windows operating system, e.g. names containing these characters: \ / : * ? ” < > | What’s particularly unfortunate about Tresorit’s implementation, is that when copying in, say, hundreds of documents into your Tresorit folder, you’ll begin seeing Tresorit-triggered OS X notifications about any files that contain illegal characters in the filename, and can’t be synced. But then Tresorit provides no way to later identify all those files that are not syncing! I would prefer that the app modifies the filenames, making them legal, rather than copying them into the Tresorit file system, and then forcing me to later go hunt them all down!
p>By the way, Tresorit has a number of competitors, including the well-known SpiderOak service. Before installing Tresorit, I first installed SpiderOak, but was immediately turned off by its user interface. In addition to being more pleasant to use, I like what Tresorit’s Mac-like experience reflects about the organization’s appreciation for user experience.
Postscript about customer support
I contacted the European-based Tresorit customer support about those above-mentioned issues, and was caught off-guard by their candid and quite unapologetic response. They acknowledged the shortcomings and said that for some (e.g. helping to find files with illegal filenames) they are working on a solution, while for others (e.g. implementing content-addressable storage) they are not (since in their view that would decrease security).
Thinking about it, I found that candidness quite refreshing, especially compared to the typical American-style customer support—usually beginning with, “I couldn’t be more sad to hear that you’re having trouble with our product.”—which I’ve always found to leave an insincere taste in my mouth.