I’d like to use Cryptomator to encrypt my photos before uploading them to OneDrive, where I have 1 TB of space. OneDrive has a 10 GB file size limit though, and my pictures take up a lot more than 10 GB. Seeing as how you don’t have to designate the size of your Cryptomator vault like you do with Veracrypt, does this mean any pictures I upload are encrypted individually and seen/treated as individual small files by OneDrive? Meaning I can add as many pictures as I want to my Cryptomator vault without worrying about all the pictures being processed as a single chunk and breaking the 10 GB file size limit?
Also, how is it exactly that Cryptomator can detect and sync file changes in something like OneDrive while Veracrypt can’t? Does this make Cryptomator less secure than Veracrypt?
I use OneDrive as well and my vault is much bigger than 10gb. So yes. Each file is encrypted for itself. This does also mean that if you ad or change files, only these files are uploaded and not the entire vault.
You have to look it from the perspective of OneDrive (the actual sync tool): If OneDrive detects a new file or a change in an old file, it starts its syncing process on this individual file. If the file is small, OneDrive doesn’t have to sync much. If the file is huge (e.g., a 10 GB container), OneDrive has to do a lot of syncing.
Clearly Cryptomator is the superior option for cloud encryption, if you don’t want to be constantly re-uploading files manually. Although this convenience is extremely enticing though, I’m assuming that Veracrypt is still considered the more secure option overall as you have a lot of fine-grained control over the strength of your encryption, yes? (what specific encryption algorithm you want to use, number of ciphers in your cascade, setting the number of iterations, etc.). Do you think Cryptomator will ever offer something similar in the future?
I don’t think that having more control over algorithm options is making a system more secure for the average user. It could potentially be more confusing to use and there is a chance to misconfigure it. That’s why Cryptomator is designed to be easy-to-use so that you don’t have to worry about configurations. Of course, we’re regularly checking if Cryptomator’s encryption scheme is still up-to-date and when needed, we’ll update it to make it more secure (and usable).
What I said before, doesn’t mean that we’ll never make it configurable. I understand that pro users would like to be able to do more customizations. It’s just that it currently doesn’t have a high priority because it’s not needed for most people. We have more pressing and more important features/improvements to work on at the moment.
I see. Hopefully more customization will be available to advanced users in the future. Until then, I think I’ll continue to use Cryptomator for things like photos and Veracrypt for more sensitive items, like documents. Maybe I’d feel comfortable using Cryptomator for sensitive documents if it was done in conjunction with a zero-knowledge cloud service though, instead of something like Dropbox or OneDrive.
