EmailDiscussions.com  

Go Back   EmailDiscussions.com > Email Service Provider-specific Forums > FastMail Forum
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read
Stay in touch wirelessly

FastMail Forum All posts relating to FastMail.FM should go here: suggestions, comments, requests for help, complaints, technical issues etc.

Reply
 
Thread Tools
Old 10 Jul 2016, 07:23 AM   #1
emailer84
Member
 
Join Date: Aug 2008
Posts: 61
Are files stored in FM's file storage encrypted at rest?

I'd like to store some mildly sensitive files (tax stuff) in FM's file storage.

I'd feel more comfortable if it was encrypted at rest so that IF FM's servers were hacked, at least the files (like presumably the emails are) would be unusable by a hacker.

I realize that FM's staff *could* potentially read the files, but I trust the company has good policies in place. They do after all advertise their privacy on the homepage.

If not, can anyone recommend a free/cheap WebDav service that would do what I'm looking for.

Thanks,
emailer84 is offline   Reply With Quote

Old 10 Jul 2016, 08:09 AM   #2
somdcomputerguy
Cornerstone of the Community
 
Join Date: Jun 2004
Location: Rupert, WV
Posts: 876
Are you a Windows user? Try this out - https://www.gpg4win.org/

You'd be much better off securing your file(s) locally, then uploading them.

- Bruce
somdcomputerguy is offline   Reply With Quote
Old 10 Jul 2016, 02:32 PM   #3
DumbGuy
Essential Contributor
 
Join Date: Oct 2008
Posts: 212
Just encrypt your files before uploading to FM. Put 'em all in a folder and zip 'em up with a good encryption utility, perhaps the one just mentioned above.

Does anyone know -- is WinZip and other .zip utilities still reputable for encrypting files/folders?
DumbGuy is offline   Reply With Quote
Old 10 Jul 2016, 02:58 PM   #4
BritTim
The "e" in e-mail
 
Join Date: May 2003
Location: mostly in Thailand
Posts: 3,084
Recent WinZip versions use an implementation of AES that is considered sound and secure for most purposes. I personally prefer to use 7-Zip. The reason is that WinZip can be expected to contain a backdoor for use by the US intelligence services while there is a good chance 7-Zip does not.
BritTim is offline   Reply With Quote
Old 10 Jul 2016, 04:44 PM   #5
DumbGuy
Essential Contributor
 
Join Date: Oct 2008
Posts: 212
Thanks much, BritTim!
DumbGuy is offline   Reply With Quote
Old 10 Jul 2016, 05:34 PM   #6
emailer84
Member
 
Join Date: Aug 2008
Posts: 61
Thanks for the replies.

Unfortunately I need to sync with a mobile app so I can't have my own encryption. Does anyone know if FM encrypt at rest?

If not, can anyone suggest another WebDAV service? I only need 100 MB or so.
emailer84 is offline   Reply With Quote
Old 11 Jul 2016, 12:25 AM   #7
David
Ultimate Contributor
 
Join Date: Dec 2001
Location: Canada.
Posts: 10,355
Quote:
Originally Posted by emailer84 View Post
Thanks for the replies.

Unfortunately I need to sync with a mobile app so I can't have my own encryption. Does anyone know if FM encrypt at rest?

If not, can anyone suggest another WebDAV service? I only need 100 MB or so.
In the past I used to encrypt files myself before uploading them, so unless things have recently changed I think not.
David is offline   Reply With Quote
Old 11 Jul 2016, 02:05 AM   #8
pjwalsh
Essential Contributor
 
Join Date: Dec 2008
Location: Canada
Posts: 312
Quote:
Originally Posted by emailer84 View Post
Unfortunately I need to sync with a mobile app so I can't have my own encryption.
For encryption before upload with ability to sync with a mobile device, there's the excellent SyncBack.
They have a free version, without the option of mobile device synchronization.
http://www.2brightsparks.com

You could use 7-Zip for encryption on the PC before upload, on the mobile device a good Android WebDAV client can access and decrypt the .zip file (prompting for the password).
http://www.7-zip.org
X-plore file manager for Android

7-Zip has 2 grades of encryption, native ZIP and AES.
7-Zip is more than an excellent ZIP utility, it's also a good file manager.

As others have recommended you really should be uploading encrypted files, not so much out of mistrust of FastMail security, but if others gain access to your PC or your misplaced/unsecured phone they could have easy access to the unencrypted personal files.
You can set password-protected access to the X-plore app.
Of course you should have the phone itself set to auto-lock, requiring PIN or other to access.

--
one of these posts will answer OP's question.. 'FM files encrypted at rest?'

Last edited by pjwalsh : 11 Jul 2016 at 04:55 AM.
pjwalsh is offline   Reply With Quote
Old 11 Jul 2016, 05:11 PM   #9
KevinS
Senior Member
 
Join Date: Jun 2004
Location: Bellingham, WA, US
Posts: 129
MEGA cloud storage

https://mega.nz/#privacycompany
https://mega.nz/#help/security

Mega stores and transfers everything encrypted. Free accounts get 50GB (I think). They have sync clients, mobile apps, and browser extensions.

--Kevin
KevinS is offline   Reply With Quote
Old 11 Jul 2016, 10:51 PM   #10
janusz
The "e" in e-mail
 
Join Date: Feb 2006
Location: EU
Posts: 4,933
The second of the links above says:
Quote:
The client machines are responsible for generating, exchanging and managing the encryption keys
Doesn't it mean that the mobile application the OP is referring to must somehow be able to cope with 3rd party encryption keys?
janusz is offline   Reply With Quote
Old 12 Jul 2016, 12:55 AM   #11
KevinS
Senior Member
 
Join Date: Jun 2004
Location: Bellingham, WA, US
Posts: 129
Quote:
Originally Posted by janusz View Post
Doesn't it mean that the mobile application the OP is referring to must somehow be able to cope with 3rd party encryption keys?
The Mega client/app deals with the keys. They aren't third party keys. They are your keys. The encryption/decryption is handled on the client side. You are encouraged to backup your master key in a secure location in case you ever forget your password. But I am no expert on the service... just a simple user.
KevinS is offline   Reply With Quote
Old 12 Jul 2016, 01:43 AM   #12
janusz
The "e" in e-mail
 
Join Date: Feb 2006
Location: EU
Posts: 4,933
Quote:
Originally Posted by KevinS View Post
The Mega client/app deals with the keys. They aren't third party keys. They are your keys. The encryption/decryption is handled on the client side.
What I meant was the the keys are 3rd party as far as the application is concerned. Assuming (for a lack of a better idea) that the OP wants to use the encrypted files in, say Polaris Office, I don't expect Polaris Office to know anything about the keys.
janusz is offline   Reply With Quote
Old 12 Jul 2016, 01:59 AM   #13
KevinS
Senior Member
 
Join Date: Jun 2004
Location: Bellingham, WA, US
Posts: 129
Quote:
Originally Posted by janusz View Post
What I meant was the the keys are 3rd party as far as the application is concerned. Assuming (for a lack of a better idea) that the OP wants to use the encrypted files in, say Polaris Office, I don't expect Polaris Office to know anything about the keys.
The keys are not third party as far as the application is concerned. The keys are local and portable. The encryption/decryption is done locally. I suppose the keys could be used with other applications if the application supports it. I have no knowledge of Polaris Office. Mega does document their stuff and have an SDK. The code for various client components is on github:
https://github.com/meganz
KevinS is offline   Reply With Quote
Old 15 Jul 2016, 11:52 AM   #14
brong
The "e" in e-mail
 
Join Date: Jul 2004
Location: Melbourne, Australia
Posts: 2,696

Representative of:
Fastmail.fm
Yes, they're encrypted at rest - the partitions where user data are stored (IMAP spools, file storage spools, etc) are all encrypted with LUKS.
brong is offline   Reply With Quote
Old 28 May 2017, 06:39 PM   #15
digp
Master of the @
 
Join Date: May 2003
Posts: 1,319
What is LUKS and is it trustable?

Is the encryption 256 bit etc? Would welcome some more information please.

Similarly, I wish to store tax documents etc, but don't want the hassle of encrypting them if FM store them in encrypted using reasonable encryption.
digp is offline   Reply With Quote
Reply


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Forum Jump


All times are GMT +9. The time now is 01:56 PM.

 

Copyright EmailDiscussions.com 1998-2022. All Rights Reserved. Privacy Policy