The popular file synchronization and hosting service Dropbox encrypts all uploaded files and folders automatically to protect network snooping and other forms of attack and unauthorized access to those files. Dropbox recently changed their terms of service which confirmed that the company was able to decrypt files that you upload to Dropbox, for instance to comply with law enforcement.
The chance that someone may look through your files may not be that enticing to you, especially if you have uploaded sensitive information to Dropbox.
Encryption is the best option if you want to sync sensitive or confidential files with Dropbox. Encrypted files can only be accessed by authorized users who have the right key to decrypt the files.
I have demonstrated in the past how to encrypt files that you sync with Dropbox with the help of the Open Source software True Crypt (sync confidential files with Dropbox). The process was lengthy, technical and not very comfortable, especially for users who have never worked with True Crypt before.
SecretSync is a standalone software programmed in Java that offers a more comfortable file storing solution. It is basically an add-on service for Dropbox that will automatically encrypt files for you before they are synced with Dropbox.
First time users need to create an account on first run. A username and password is mandatory for the account creation. Security can be improved further by adding a passphrase to the account.
All those information need to be entered on every computer that Secret Sync is installed on, to gain access to the encrypted files on those system.
Secret Sync creates a new folder on the user system and links that folder to the Dropbox folder. All files placed inside the Secret Sync folder will be encrypted before they are moved and synced with Dropbox.
Files moved or copied into the Secret Sync folder are encrypted with 256-bit AES encryption. Files are only decrypted on the user's computer systems, and not on Dropbox.
Anyone accessing the files directly on Dropbox only gets garbage from that point on because of the encryption that is in place online. These files can also not be opened on systems where Dropbox is installed, but Secret Sync is not.
Dropbox would sync those files normally, but since they remain encrypted it is not possible to access them on those systems.
The core advantage of using Secret Sync over a manual solution is that it is way more comfortable to use. All you need to do is install the software, create an account and you are set to go. This does not take longer than a minute at most.
It is even easier on additional systems as you only need to supply your username, password and optionally the passphrase that you have configured during the first installation of the service.
All files that you move into the Secret Sync folder on your hard drive (the one outside of the Dropbox folder) will be automatically encrypted by the application before they are synced with Dropbox.
You get nothing if you try to open the files on Dropbox directly, while they open fine on the local computer.
This method has a disadvantage though that needs to be addressed. Secret Sync can only do its magic if the program is running in the background. The Windows beta version is using roughly 30 Megabytes of RAM. You may also need to add Java to the equation as it needs to be running as well.
The program runs silently in the background with no user interface to stop or start it. If you want to close the program, you need to kill it in the Windows Task Manager. This may change considering that this release is a beta version and not the final product.
Secret Sync is only available for Windows currently, but the developers have promised that Mac and Linux versions will be offered soon on the program homepage as well.
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.