Dropbox has gotten some heat lately for allegedly lying to its users about the privacy of user data. The gist of the gripes is that Dropbox has made clear that it would turn over your data – in unencrypted form – to authorities if required to do so. That came as a shock to many people, who assumed that even the Dropbox folks didn’t have access to the encrypted data in their Dropbox folders. The lesson – if you want to keep your private data private, then you need to encrypt it before you put it into Dropbox and sync it to the cloud. One way to do that is through SecretSync, a beta app currently available for Windows only.
To use SecretSync, run the installer, which will create a special SecretSync folder on your computer, outside of your Dropbox folder. Any files placed in this folder will be encrypted, and then moved into a “tunnel” folder in your Dropbox folder. This folder is syned to your Dropbox account, and only decrypted when it reaches a machine with your proper credentials.
The difference between Dropbox encryption and the encryption performed by SecretSync is that only you will have the key to your files encrypted by SecretSync. Dropbox’s encryption is done server side, while SecretSync encryption is done locally. With SecretSync, your files stay encrypted during synchronization, and are unencrypted locally.
The only glitch that I ran into with SecretSync is that the installer tried to place the SecretSync folder on a network drive (probably due to a network document management app that I had running in the background). The FAQ on the SecretSync site helped me to relocate this folder to my Documents folder.
SecretSync is currently Windows only, although the website touts that Mac and Linux are coming soon. SecretSync is in beta, but anyone can download it.
Do you worry about the security of your Dropbox files?