Best Cloud/Online Backup Service That Respects Privacy & Copyright?

[zoobooboozoo]

Hi all.

I'm looking for an afordabble backup/cloud service on top of my original internal HD and external backup HD.

I'll be satisfied with a simple backup service altough features like what gobbler offers are cool.

I could use google drive for this, I think it's quite cheap and reliable but the problem is privcay and copyright. AFAIK google and other companies have this draconian terms of service that makes them litteraly own everything you upload to their servers so if anyone knows of a service that doesn't deal with such I'd be glad to hear about it.

thx in advance.

[whyterabbyt]

AFAIK google and other companies have this draconian terms of service that makes them litteraly own everything you upload to their servers.

No they dont. Thats just scaremongering FUD.

We do not claim ownership in any of your content, including any text, data, information, and files that you upload, share, or store in your Drive account.

https://support.google.com/drive/answer/2733115?hl=en

[Gonga]

Google does not permit you to opt out of all (just some) of their privacy-invading "features." Microsoft OneDrive, for one, does.

Google Drive Terms of Service also say:

"When you upload, submit, store, send or receive content to or through our Services, you give Google (and those we work with) a worldwide license to use, host, store, reproduce, modify, create derivative works (such as those resulting from translations, adaptations or other changes we make so that your content works better with our Services), communicate, publish, publicly perform, publicly display and distribute such content."

So though they say you are still the copyright holder, they have effectively usurped most of your modern copyright rights (even giving themselves the "right" to edit "your" work!) to whatever of your own material you unwisely publish through them.

http://www.google.com/policies/terms/

Google's Orwellian approach to collecting, analyzing and "sharing" your data with it's "partners," as far as we can tell, does not include the data in your Google Drive account. It does include all your activities, as monitored by cookies, your e-mail contents, etc. And in fact, nobody really knows the precise extent of what data Google does analyze, but we do know they collect and analyze a lot of stuff that they probably have no right to. Information Technology is way ahead of our ability to control it through law to protect individual, and even collective, rights.

I am not a Google expert. I have kept far away from Google, FaceBook, etc., because I truly hate what they are doing to our rights. But I have periodically read their Terms of Service and Privacy policies because I am a privacy activist. Google and other privacy-invading services aside, my understanding (could be wrong in particular cases) is that all the big cloud players encrypt your data coming and going, usually with SSL. The security problems then involve 1) how secure is the cloud server itself against hacking - we're all familiar with Apple's problems with their cloud servers being hacked with data stolen. 2) does the service mine your data, even with your preferences maxed out in favor of privacy.

In my experience, OneDrive has many advantages (especially if you subscribe to Office365 - you then get 1TB OneDrive storage included), but DropBox is more reliable. Unfortunately, DropBox is also expensive, unless you only need 2GB. OneDrive has had sync issues, that currently appear to be largely resolved, but still doesn't always sync unless you tell it to. OneDrive seems to work just like DropBox under Windows7, but under Windows8 it doesn't work quite as well...it doesn't always update the server as soon as you save the file.

[Burillo]

"cloud" and "privacy" are incompatible. you want privacy - encrypt the shit out of your data.

[Gonga]

Exactly - encrypt your data before you upload it.

Fred Langa, as usual, has a great article on how to set this up automagically:

http://windowssecrets.com/top-story/pre ... age-safer/

[standalone]

https://www.dropbox.com/security
https://support.box.com/hc/en-us/articl ... Encrypted-
http://support.apple.com/kb/HT4865

etc., etc., etc.

[aMUSEd]

One Drive is a bugfest though.

[Gonga]

https://www.dropbox.com/security
https://support.box.com/hc/en-us/articl ... Encrypted-
http://support.apple.com/kb/HT4865

etc., etc., etc.

Interesting that. So Dropbox and Apple both encrypt your data at all times. However, apparently crackers broke Apple's encryption.

[Burillo]

https://www.dropbox.com/security
https://support.box.com/hc/en-us/articl ... Encrypted-
http://support.apple.com/kb/HT4865

etc., etc., etc.

Interesting that. So Dropbox and Apple both encrypt your data at all times. However, apparently crackers broke Apple's encryption.

no they didn't.

when Dropbox et al refer to encryption, they mean, if someone got hold of a hard-drive from one of Dropbox's servers (or accessed the servers themselves via a vulnerability), that someone wouldn't be able to decipher the contents of said hard-drive - they're encrypted.

however, when you (the owner) access that data, you, by necessity, decrypt it in order to read it (or, more precisely, the Dropbox server does that on your request). this unencrypted data is then sent to you over an encrypted channel (to prevent getting the data over the air or sniffing network traffic). you then receive this encrypted data stream and decrypt it locally, and the data becomes unencrypted again.

the key point is, to access Dropbox data, you have to authenticate yourself. meaning, if the attacker got hold of your credentials, all bets are off and this server-side encryption does nothing to stop someone from getting your data.

which is why i recommend client-side encryption - i.e. the "unencrypted" data that Dropbox would send you will actually be encrypted by you. Dropbox wouldn't care, it's just 1's and 0's to it, but if the attacker gains access to your account, he'll still won't be able to use the data because it will be encrypted - not by Dropbox, but by you.

[xybre]

You think Microsoft is going to respect your rights?

[Burillo]

You think Microsoft is going to respect your rights?

sometimes hell freezes over, apparently.

[standalone]

https://www.dropbox.com/security
https://support.box.com/hc/en-us/articl ... Encrypted-
http://support.apple.com/kb/HT4865

etc., etc., etc.

Interesting that. So Dropbox and Apple both encrypt your data at all times. However, apparently crackers broke Apple's encryption.

Link?

[standalone]

which is why i recommend client-side encryption - i.e. the "unencrypted" data that Dropbox would send you will actually be encrypted by you.

And which encryption utility do you recommend? You are so confident of the benefits of encryption that I guess you are 100% certain that the application that you use is not backdoored.

My personal recommendation to all of you worried about your privacy online is suicide, there is no other way around it.

[Burillo]

My personal recommendation to all of you worried about your privacy online is suicide, there is no other way around it.

just because the problem is unsolvable in principle doesn't mean things can't be improved.

which is why i recommend client-side encryption - i.e. the "unencrypted" data that Dropbox would send you will actually be encrypted by you.

And which encryption utility do you recommend? You are so confident of the benefits of encryption that I guess you are 100% certain that the application that you use is not backdoored.

again, same flawed argumentation - because the problem is unsolvable in principle, you shouldn't do anything about it at all. of course there's no way to be 100% certain that the application is not backdoored, but this software isn't written by idiots - the majority of popular encryption algorithms are public and are scrutinized by experts in the field, and there are lots of open-source encryption tools (open-source meaning it's harder to backdoor it).

i myself don't use any - i don't use cloud services myself (or rather, i use one that i host myself). but i would recommend TrueCrypt or PGP (or its derivatives, GnuPG et al). maybe something that uses Blowfish or Twofish, as those are strong algorithms too.

[xybre]

You think Microsoft is going to respect your rights?

sometimes hell freezes over, apparently.

Well, not exactly. They're just trying to protect their European business. US companies are suffering due to government snooping, and MS is trying to do damage control overseas. It's not just about individuals, its about EU regulations. If they are found in violations of them, they could be run out of all of EU countries which could result in billions in lost revenue.