Celebrating Cryptomator 1.0, 8 years of easy-to-use encryption for cloud storage & 10 years since our first commit to Cryptomator!
🚀 A decade of championing privacy and security.
Here's to continuing our mission of protecting your cloud files 💚
Services which still blocks your account for supposedly “suspicious activity”, even though you have #TwoFactorAuthentication, is like saying “we don't trust our own #2FA system” and/or “we don't trust you, we think you shared your 2FA secret with someone”.
I don't know. If it is the latter, that's user-error and their problem. If we continue solving user-error issues, the end-user will never learn anything.
Is 2FA perfect? Of course not. But it is far less likely for an account to be compromised if 2FA is enabled (without user-error).
So, accounts with 2FA should not be included in the “we temporarily blocked your account because of suspicious activity”. If there was indeed a legitimate unauthorised account access, due to user-error, let the user deal with it and learn from it. Otherwise, what's the use of 2FA?
In the gaming industry, some companies actually do that. If your account has 2FA enabled, they automatically remove your account from IP address checks. This allows the account owner to freely use VPNs without getting banned because of IP jumps. They don't mention it officially, but you can test it. If you disable 2FA and use VPNs, you'll get banned sooner or later (and have to go through a lengthy verification process). If you have 2FA enabled, you're free to use VPNs all you want.
(We're not talking about [gaming] services where they have regional licensing deals. They will indeed ban your account if you use a VPN because it is a restriction due to the regional licensing deals in place.)
I dunno, just #RandomThoughts. It's a hassle to suddenly see you're temporarily blocked even though you have 2FA enabled anyway. (Some services will even disable your 2FA because they assumed you shared your 2FA secret.)
Sure, there are people who keep a copy of their 2FA secret in unsecure ways. That still falls under user-error. 2FA secrets should not be kept, at least that's how it was designed. If a user wants to keep it, then encrypt it and store it somewhere. For example, use #Cryptomator.
I'm totally in favor with your post, but not everyone is willing to self-host or is capable of doing it. So I recommendation would be and one that I'm currently using, is when uploading a file to these cloud services encrypt your files. I'm using #cryptomator, but I'm sure there are other alternatives, like #rclone. There is also #veracrypt, but to my understanding, is not great for cloud sync.
Cryptomator is open source and free, but only on desktop. To use the mobile version, you will have to pay. Here is a list of alternatives to cryptomator, if you are familiar with one, please share your knowledge.
I've been wavering on choosing a cloud provider to sync my data with. I really was hoping to use #ProtonDrive, but I really need a #Linux client. I was using #Google dive, but I really do not like how their system works.
So, I am going to go with #Dropbox I am not particularly excited to use them, but just yesterday, my wife needed an ID which she did not have. If my data was in the #cloud, I could have just shown it on the phone.
@my_actual_brain I do wish Proton would come out with a way to sync straight from the my machine without having to go through a web app. In the meantime, I've been using #cryptomator to backup to #OneDrive and it's worked well for me so far!
Nach meiner Einschätzung sind nicht nur große Teile der Microsoft-O365-Service kompromittiert, sondern auch alle Windows-Rechner, die damit verbunden waren. Ein Super-Gau epischen Ausmaßes - scheint vielen aktuell nicht klar zu sein. 🤷♂️ 👇
@kuketzblog Am Besten den eigenen Speicher verwenden. Dazu eine Verschlüsselung wie #cryptomator und sync auf allen Geräten mit #syncthing
Betriebssystem nach Wahl.
Eigentlich hatte ich #nextcloud abgeschrieben, große Dateien / Dateimengen bringen die Clients zum Absturz. Aber da ich bisher keinen guten Ersatz für googledocs gefunden habe und ein "Onlineoffice" brauche, suche ich nun wieder nach einem seriösen Angebot. Bei ionos / 1&1 heißt es:
nextcloud kann Verschlüsselung, aktivieren Sie das in keinem Fall!
Sie brauchen keine Verschlüsselung.
Wenn Sie doch Verschlüsselung brauchen nutzen Sie veracrypt.
@Natureshadow Performance ist in dem Fall nicht mehr so wichtig, als Backup-Cloudspeicher nutze ich jetzt was anderes. Ich werde versuchen #cryptomator mit Netxcloud zu verheiraten. #Cryptpad finde ich genial, obwohl mir ein paar Funktionen fehlen, aber ich habe keine Idee wie ich das hosten könnte. Mir fehlt ein geeigneter Server im Internet und eigentlich will ich auch keinen, zu Administrationsaufwand.
@brunty maybe. But if you need to sync your encrypted volume over the internet or a local #nextcloud you could try #cryptomator as an interesting alternative.
#Evernote has laid off its entire US staff, so I think that ship is sinking pretty quickly. If you want to save your notes, you can go into the desktop version of the app and download to HTML. 👍
Es gibt zahlreiche Cloud-Anbieter, in denen man seine Daten ablegen kann - für ganz unterschiedliche Zwecke (zB. Backup). Welchen Anbieter haltet ihr für empfehlenswert und weshalb? Nutzt ihr eine zusätzliche Verschlüsselung wie bspw. #Cryptomator für sensible Daten? Ich bin gespannt auf eure Nutzung/Antworten.
Dropbox is sharing users' files with OpenAI, here's how to opt out (boingboing.net)
Edit 1 :...