this post was submitted on 12 Jun 2024
79 points (97.6% liked)

Privacy

31859 readers
313 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

What is the best cloud storage that gives a nice balance between features and privacy? I know you can manually encrypt files to use any provider, but I would prefer an open source E2EE for the sake of convenience.

Currently I have heard about the following:

  • proton
  • filen
  • sync
  • icedrive
  • pcloud

(Not including GDrive, Onedrive etc..)

top 40 comments
sorted by: hot top controversial new old
[–] [email protected] 39 points 4 months ago (3 children)

When it comes to privacy and security, I think you should treat all cloud providers equally. Use a client with client-side encryption so that the only thing that touches the provider is encrypted data.

Rclone is an example of a good client that can do this, and can even mount your cloud storage as a filesystem with its encryption layer in between.

[–] [email protected] 7 points 4 months ago

yep. I use backblaze B2 with rclone, and just don't worry since it's encrypted (including the file names) before it leaves my server.

[–] [email protected] 5 points 4 months ago

Yeah that's what I do. I use filen because it's nice and easy to use and I got in early and got a good deal on a lifetime plan (actually two because you could stack them at the time, I dunno if you still can), but yeah I encrypt everything locally first before I upload it so it doesn't really matter if it gets stolen or whatever.

If you do that then I don't think it really matters especially where you put it.

[–] [email protected] 4 points 4 months ago (1 children)

You also shouldn’t use them as a safe way to store things. They routinely delete shit or bake your data and point to their EULA like sorry buddy, no guarantees. Your stuff is not safe there at all.

Far better to store locally and just create a way to share it or access it from your home network.

[–] [email protected] 2 points 4 months ago (1 children)

I've been thinking about a 'RAID5' of free storage providers as a way to overcome this, shouldn't be too hard to implement, but I'm busy atm. I wonder if their TOS are already onto this, but conversely, how could they tell?

[–] [email protected] 2 points 4 months ago (1 children)

Building a NAS in this day and age is trivial. Hard drive space is cheaper and far more economical than paying $20 a month for a service. The way prices are going it's going to soon hit parity with car payments.

I had an old PC from 2012 with an i3 dual core in it. Ran a headless Linux server. Raided the 2 3TB drives. Done. It was replaced by a 4 TB SSD and since those have nowhere near the failure rates of HDDs, one and one. It servers files off my main computer which is a beefy Mac.

Enabled file sharing. Opened the port on my firewall. Done. It's one of the easiest services to offload to a homebuilt rig.

[–] [email protected] 1 points 4 months ago

Quite true, as I do myself, but "RAID is not a backup". Use case here would be for offsite backup of encrypted, critical, low size documents (think docs, scans of important documents, source code, personal art) by aggregating e.g. 10Gb free accounts in such a way that if a provider goes tits up, or locks you out, you replace them as you would a dead drive in a RAID array. It's mission critical secure backup for the poors...

[–] [email protected] 15 points 4 months ago* (last edited 4 months ago)

I like Backblaze mostly for their business practices. The Backblaze devs answer questions on forums sometimes (Reddit link btw). The costs are pretty good, but there are cheaper options. $6/TB plus some API transactions. I paid almost a dollar last month for a couple hundred GB of data and transactions.

Plus their drive failure publications are awesome.

[–] [email protected] 15 points 4 months ago (1 children)

Backblaze B2 with rclone and client-side encryption

[–] [email protected] 3 points 4 months ago* (last edited 4 months ago) (1 children)

Way too expensive. I pay $200/mo for 160TB with an entire large dedicated server attached to it from hetzner.

[–] [email protected] 3 points 4 months ago

I get about 100G for less than a dollar a month on backblaze b2. My credit card company waves fees less than a dollar, so its free.

It covers all my servers and PC backups.

[–] [email protected] 5 points 4 months ago
[–] [email protected] 5 points 4 months ago* (last edited 4 months ago)

BitWarden provides some encrypted storage on their paid tiers. I think it's very small, like 1GB, but it's E2E.

Apple iCloud storage is actually E2E too if you turn on Advanced Data Protection. (Note that not all iCloud features are E2E, like email, for example.) And the price is pretty comparable too. Naturally this works a lot better if you're on a Mac, but just FYI.

[–] [email protected] 5 points 4 months ago

Filen.io is really good, but lacking features in their apps. But they're about to release a new desktop client with webdav and rclone support.

[–] [email protected] 5 points 4 months ago (1 children)
[–] [email protected] 1 points 4 months ago
[–] [email protected] 3 points 4 months ago* (last edited 4 months ago)

The cheapest one + rclone crypt and or cryptomator / veracrypt

[–] [email protected] 3 points 4 months ago

I've heard google is pretty good! /s

[–] [email protected] 3 points 4 months ago (1 children)

I'm using BorgBase with Vorta (desktop client for Borg Backup) and I'm pretty happy with it.

[–] [email protected] 2 points 4 months ago

I started with this setup and added borgmatic to my home server. Borg and borgbase are awesome.

[–] [email protected] 3 points 4 months ago (1 children)

Cloud is just someones computer so I wouldn't ever upload anything without encrypting it manually myself first just in case .

[–] [email protected] 1 points 4 months ago* (last edited 4 months ago) (1 children)

If the client (which encrypts the data in for an E2EE service) is open source and has also been audited by third parties than there's little reason to do so

[–] [email protected] 1 points 4 months ago (1 children)

Yep but just in case yknow if your paranoid like me . also that kind of a provider is hard to come by .

[–] [email protected] 1 points 4 months ago

I guess so, it doesn't hurt if you don't mind the inconvenience

[–] [email protected] 2 points 4 months ago (1 children)

Best for what requirements?

Lots of space? Ease of use? What devices? Web access? Etc

[–] [email protected] 1 points 4 months ago (1 children)
[–] [email protected] 1 points 4 months ago

Proton because I get it basically for free under my existing Proton plan and because of Proton's stellar reputation.

That's not to say the apps aren't a bit buggy or missing (Linux doesn't have one) though.

[–] [email protected] 2 points 4 months ago (1 children)

I'm using pcloud because proton still doesn't have a way to share folders with other users, so I can't share my holiday photos with my partner there.

Pcloud works fine. The online interface is not the nicest, but it works.

[–] [email protected] 3 points 4 months ago

I think they recently rolled it out recently https://proton.me/drive/file-sharing

[–] [email protected] 2 points 4 months ago (2 children)
[–] [email protected] 15 points 4 months ago (3 children)

Unless you're hosting that off site, it's not really fulfilling the same complete purpose of cloud storage.

[–] [email protected] 1 points 4 months ago

What do you mean, self-hosted is equally reachable regardless of where it's hosted.

[–] [email protected] 1 points 4 months ago* (last edited 4 months ago)

i'm gonna play devils advocate and say you could rent cloud space on say a vps and host your own solution there instead of locally. it'd probably be better if you have the know how to do it properly.

[–] [email protected] -2 points 4 months ago* (last edited 4 months ago) (1 children)

You can self host and make it accessible only to you from anywhere in the world.

You might be thinking about it not fulfilling the 3-2-1 backup strategy, but as long as you have a remote copy of the data through some means then you have the remote copy fulfilled.

[–] [email protected] 1 points 4 months ago
[–] [email protected] 10 points 4 months ago

I do.

All data is replicated 3x locally, with one cloud. backup.

Having all data in one physical location makes for a single failure point.

[–] [email protected] 2 points 4 months ago

If you need to share with others, trezorit is probably the best option for businesses and Mega is second (and the first few gigs are free)

[–] [email protected] 2 points 4 months ago

I think storj is worth mentioning. You could also look at the list of supported providers for rclone.

[–] [email protected] 1 points 4 months ago

Nextcloud self hosted if you can. Keep in mind it does require maintenance and planning.

[–] [email protected] 1 points 4 months ago

I've enjoyed Proton for several years, except there ia no Linux desktop client. I intend to test installing the client in a virtual machine running windows, and then use shared folders.