14 August 2012

Dropbox Security, From TrueCrypt to BoxCryptor and 1Password

(If you want to skip the below and just get the recommended answer, go buy Boxcryptor and 1Password on all your platforms.  Job done.)

When Dropbox had various security issues last year (the no passwords required for some hours was the kick I needed to sort my security out), I started using Truecrypt to contain all sensitive material I was keeping in Dropbox.  Truecrypt felt good as it was opensource, free, stable, secure, and reasonably usable on OS X and MS-Win.

While I felt a 1000x better about my security situation, I also lost a lot of the convenience of Dropbox by moving to Truecrypt:
  • File sync.  Truecrypt stores its filesystem in a single file.  While Dropbox is efficient at syncing big files at a block level, it doesn't cope well with changes to that file happening roughly concurrently from two or more locations.  If you mount your Truecrypt filesystem from two or more machines and make even vaguely concurrent changes (within a sync activity for example), you end up with two conflicted Truecrypt files.  One quickly learns to only open the Truecrypt volume on one machine at a time.
  • Multi-platform access.  One thing Dropbox did well was to have clients available on all major platforms.  I could access my Dropbox files from OS X, MS-Win, iOS, Android and Linux.  When I switched to TrueCrypt, I was limited to PC, Linux and Mac only (and one at a time at that), no mobile/tablet access.
  • Password management.  I won't say much about this other than it became harder using Truecrypt.
That was last year.  One of the great things about tech is that problems that need solving tend to get solved if you're patient enough.
Enter Boxcryptor for file security and improvements to 1Password for password management.
While there are a number of solutions available to encrypt what you store in Dropbox, I consolidated onto Boxcryptor:
  • Secure.  Uses AES-256.  No cloud aspect to Boxcryptor and therefore no third party has my master key and can take a peak at my data.
  • Plays nice with Dropbox.  Boxcryptor uses a folder+file structure (aka "package" on OS X) with each file encrypted separately enabling Dropbox efficiently sync.
  • Multi-platform access.  Working clients on all major OSs.  At least read access on iOS and Android.
  • Stable.  I've not had a single crash or corruption yet (although I'm still backing up more frequently than I might otherwise).
  • No major delays in supporting the major OS upgrades.
  • It allows for up to 2GB for free and more if you license it.  2GB is a lot.  Once I got comfortable with it I bought a license to get rid of the 2GB restriction.  I feel the license is a nominal cost versus the upside of more user friendly security and vendor support.
I considered Datalocker, Cloudfogger, Hyperdrive, and encrypted zip files.  All of them failed in one or more of the above.
An aside on Dropbox and sharing files:  I don't retain Dropbox's easy sharing of (encrypted) files using Boxcryptor.  Encrypted zip files still perfectly acceptable and secure way to e.g. share a single file in Dropbox with colleagues so long long as you unzip into a secure location and not into Dropbox.  Then you have to zip+encrypt and move the result back into the shared folder in Dropbox.  Zipfile usability compared to regular Dropbox sharing and syncing is poor as a result.  Note that today Boxcryptor doesn't appear to (easily) support multiple concurrently-open Boxcryptor filesystems.  When it does I could see having a Boxcryptor filesystem dedicated to sharing a set of folders/files with a specific workgroup.  Each group to have its own Boxcryptor filesystem - still somewhat painful but better than zip files.
Moving on to password management.  I have to admit my previous method wasn't overly secure and certainly TrueCrypt decreased it's usability.  As I was digging into secure storage, I also had a hunt around for how to improve password management.
Enter 1Password.  Yes, it's been around awhile, but used to be very OS X centric.  I don't know when they went multi-platform but they have.  While they've been the premium (i.e. expensive!) choice for OS X password management for awhile, the lack of support for other platforms had always been a showstopper for me.
Here is the thinking that led me to 1Password:
  • Multi-platform: MS-Win, OS X, iOS, Android.  It's not on Linux, but I don't use a Linux desktop for the 1Password primary use case anyway.
  • Secure.  While I can't keep 1Password's database in Boxcryptor's filesystem (I could, but I lose mobile/tablet access), the 1Password security approach is fine.  My passwords don't go to another third party password service to maintain them.  While Dropbox has my password files, they are encrypted.
  • Plays nice with Dropbox.  The 1Password DB is also a folder+file (package) structure, just like Boxcryptor.  As a result, Dropbox syncing works well.
  • Well supported browser plugins.  I use Chrome and Safari and both are well supported.  Support isn't quite so good on mobile/tablet platforms, but it's better than what I had before.
  • Widely used.  The tech community seems to widely use it.  While not a particularly scientific measure, it seems to be on its way to being a "best practice" solution in my peer group.
I've now deployed 1Password's database into Dropbox.  It'll take me awhile to load all my credentials into 1Password but I think it's a durable investment.
One downside is that 1Password isn't overly cheap.  You have to pay for licenses for each platform (Android still free).  However, just like with Boxcryptor, I think it's worth the cost for the stability, support, and commitment to keep up with OS changes.
I did have a serious look at and play with Keepass for password management.  I like that it's free and opensource.  I liked aspects of it's design and usability.  However there were a few factors that put me off:
  • Fiddly.  There are two different and somewhat competing database and application tracks, 1.x and 2.x.  Both are under active development.  There are various "unofficial" platform ports of each track to various OSs.  You have to pay attention to what version you use on e.g., OS X to make sure it's compatible with the version you use on iOS.  
  • Not keeping up with OS upgrades.  The main OS X port indicated support for OS X 10.6 as most recent and today OS X is at 10.8.  I don't want to be the beta tester for new Keepass releases - what I'm securing is too critical to mess about with.
  • The Keepass database is a single file, meaning that like with TrueCrypt you might have to deal with Dropbox sync collisions.
As a result, I'm an even happier Dropbox user now that I have secured files and passwords and reasonable usability to access both.  All in the licenses across all the platforms for both Boxcryptor and 1Password cost me about $125 (£80).  Yes, this is a lot, but conversely I now feel like I have the best of both worlds - the convenience of Dropbox and the comfort of strong security where it's needed.

3 comments:

  1. Hi Jeff,
    This is Mohan.
    I have tried dropbox + boxcryptor on my IOS and MsWindows7. This solution works fine for documents to encrypt. But for 1password for each device I feel a bit expensive for me. I am using open source password safe on my desk top the same data file I am using in boxcryptor on both devices. But on IOS I am using PwSafe app which supports the same data file.
    Here I am missing bi directional sync feature of PwSafe. When I want to open this data file for the first time I need to open boxcriptor and it will connect to dropbox and it will download the psafe3 data file and opens. But it is getting treated as local database file for PwSafe app. When I am doing any changes from my IOS device, changes are not getting synced to dropbox. But instead of this if I place the file in un-encrypted dropbox location the bidirectional sync works pefectly. Is this the way with 1password also? Or you are able to make changes to the password file from IOS devices as well?

    ReplyDelete
  2. Hi Mohan!

    As noted in the blog entry, I'm using 1Password hosted in Dropbox but not in BoxCryptor. 1Password encrypts its "database" (a collection of files and folders) to a satisfactory level. I hadn't looked at Password Safe as it doesn't provide straightforward support of OS X making it a non-starter for me (similar issues as with KeePass as above). Ootherwise it looks pretty good - approach to db security looks ok, so no need to put db under BoxCryptor.

    I assume BoxCryptor maintains a local and separate cache of files it retrieves from Dropbox and decrypts. In this case a decrypted (by BoxCryptor) version of the Password Safe db. I'm guessing that's a one-way trip - only decrypted by BoxCryptor, never re-encrypted and handed back to Dropbox to resync. Indeed, this could be quite dangerous. If BoxCryptor uses a finite cache and decides to recycle the space used by the (modified) Password Safe db file - bang, file gone, replaced by a newly downloaded (different) version.

    I didn't try to force/fiddle 1Password on iOS to use a db under BoxCryptor control as the db is already encrypted.

    It appears Password Safe's DB is a single file. I would guess this could result in a sync collision within Dropbox (like the Truecrypt-in-Dropbox problem above). While this on the surface seems unlikely, what about the scenario where you've been making changes to the Password Safe DB on two untethered devices then both gain Internet access at roughly the same time? Dropbox may manage the sync as a conflict and create a second Password Safe DB file. 1Password notes this problem in their documentation (http://help.agilebits.com/1Password3/cloud_syncing_with_dropbox.html, see FAQ at end) and how it is handled. 1Password's use of a fine granularity folder+file structure should result in fewer conflicts than with everything in a single file (Password Safe, KeePass).

    All of this does suggest that using BoxCryptor on iOS is probably a one-way read-only activity unless an app is specifically designed to play nice with BoxCryptor and Dropbox.

    ReplyDelete
  3. A word of caution regarding dropbox and creating a symbolic link into the mounted/unencrypted boxcryptor filesystem. As above, my BoxCryptor encrypted filesystem sits in Dropbox. Purely for click efficiency, I created a symbolic link from Dropbox to my mounted (unencrypted) boxcryptor filesystem (/Volumes/BoxCryptor). I later noticed that Dropbox doesn't respect the symbolic nature of the link and instead crawls through the boxcryptor filesystem replicating it all into Dropbox and to all sync devices in an unencrypted format.

    I tested this out on a directory outside of Dropbox with a few files in it. I created a symbolic link to the test directory within Dropbox, and sure enough Dropbox replicated it. Therefore, it doesn't matter whether Dropbox is following a link inside of Dropbox (to BoxCryptor encrypted filesystem) or outside of it.

    In hindsight this is obvious behaviour - how else can dropbox replicate files in its AWS S3 storage and to other Dropbox synchronised devices? Conversely, I feel it's a potentially dangerous security hole allowing Dropbox to access/sync/share data outside of the Dropbox filesystem.

    ReplyDelete

Note: Only a member of this blog may post a comment.