Encrypt the document in DropBox?

Im not sure this exists. Is it possible to encrypt the document in DropBox? So that none can read it on the way to/from DropBox servers?

/a

Dropbox already establishes a secure connection between your computer and their servers. And all data stored on their servers is encrypted as well.
dropbox.com/help/27

Depending on your application, you might want a higher level of security. In particular, since Dropbox holds the encryption keys for your data, they can be forced to surrender them by a court, or they can be stolen. (Note that any other service that works like Dropbox will have the same vulnerabilities.) In that case, I would recommend using a direct connection (wire, not WiFi) to transfer your data.

Katherine

Thanks Katherine, I found some other threads on topic too. The reason for looking into more security is that US seems to have cancelled all data protection for non-US citizens. So we may have to be more careful. /A

Vaults are pretty easy to make and use on a Mac. The easiest way is to use Disk Utility’s File/New Image/New Image from Folder… menu command, and after selecting the folder, where prompted enable encryption and then provide a good solid password.

anderswt - Did you ever solve this to your satisfaction?

I find myself in a situation where I’m using dropbox as the storage location for research (so I can see it on my desktop (Linux/Win) PC and iPad. Now I’m probably paranoid but would like to have some security over any Scrivener folders.

What is your specific security concern?

Dropbox uses strong encryption. Any attacker who can break Dropbox’s encryption can probably break Apple’s, too. The list of people with this ability is very short, though.

A government agency can get the keys from Dropbox, via a court order, so in that case secondary encryption would help. But if you’re worried that a government is interested in your files you probably don’t want to use any cloud service.

Katherine

Actually my concern is not government, nor directly dropbox.

I don’t use scrivener for writing, but for ‘research’. Typically when I went overseas I’d create a folder containing all relevant documents (eg including copies of passport, information about flights/boarding passes, hotel bookings, relevant bankcards or financial details). When I saw scrivener I immediately was attracted to the ‘Research’ folder/pin board - and am using it to organise my latest trip (and its wonderful for this).
Unfortunately Scrivener’s ‘Files/Docs’ subfolder contains information in plain text, meaning that were anyone to be able to log into my dropbox account they could find this information. I’m using dropbox to store this information as a central place to sync my iPad (which I use when I travel, and do some research) and my main computer (Linux, but running Scivener Win) where I do most of my research/coordination.

My actual concern is the fact that a number of these large companies (Dropbox/Google etc) are not surprisingly under attack from hackers either directly or through phishing scams etc. attempting to gain access to individual accounts. I’d basically like another layer of protection on the information available therein.

Edit: As an example of this, the recent Google Docs share phishing
cnbc.com/2017/05/04/what-to- … email.html

I would say that your best bet would be to create an encrypted disk image, put the Scrivener project in that, and put the whole thing in Dropbox.

Katherine

I would suggest that you look into Boxcryptor. They claim end to end encryption for a number of services including Dropbox. You can find them here: boxcryptor.com/en/

They claim to have built it on the zero knowledge paradigm, meaning that nobody can access the data except you.

I don’t have any connection with them, I have just noted their existence over several years. (I almost subscribed to them but decided that Truecrypt served my personal needs better.)

Cheers
Owen

Things like creditcards, passports and other stuff you absolutely don’t want others to gain access to, I keep in 1Password. It’s encrypted and the password is virtually impossible to break. For other very sensitive stuff, I use Mega cloud service. They can’t give up my encryption key to authorities because they don’t have it. Only I have it, and my copy of it is stored in 1Password.

Scrivener needs Dropbox, which isn’t totally safe, but Scrivener wasn’t made for storing sensitive information. It was made for creative work.

The simplest solution is usually to use different tools for the things they are meant for instead of insisting on using them for something they weren’t designed for. This is true for both physical tools and software tools.