I really like Cryptomator. Have used it almost a year without any concerns.
Then it occurred to me: What if someone hacked and got into my Dropbox account? Poor Dropbox security is one of the reasons Crypto exists, right?
So if someone broke into my Dropbox account, they couldn’t access the info in my vault, but they could still be evil and simply delete the vault.
Like most security related things on digital platforms, not everything can be insured.
You can be using a secure messenger, but if you use a keyboard or phone that isn’t, or have a friend who exports your chat into plaintext (and it gets compromised somehow), then that makes using that particular messenger moot.
As with Cryptomator, if the contents of your Dropbox are breached, despite using (non-SMS) two-step verification and a strong password, as long as you used a strong key to encrypt your content, it will remain as gibberish to the attacker, depending on what computational resources they have (or if they already have compromised your computer and have the key, like a government agency or something).
So in this case, the best thing to do is to create other backups on the cloud, offline, etc. (There’s a 3-2-1 backup rule about having one on your computer, on the cloud, off site, in an external HD, etc.)
The more secure and private you want things to be, the more expensive it becomes to maintain; fortunately, it has become cheaper over time. Cryptomator is a good example of this…
That is true. Or they can delete the key file and you won’t have access to the vault anymore.
But: that is actually the reason to use encryption. Your data (content) is safe and that is why you are using it. If you want to protect yourself against data loss then you need another thing additionally: backups. Use a backup for your local vaults, e.g. TimeMachine on a Mac.
The use case you are describing is not the use case of encryption. Hope that helps.
App_User and tomtom, Thanks for the feedback. Helped me clarify.
Crypto does its job, which is to keep anyone from ever “seeing what’s in my vault.”
Preventing the evil forces of the world from “destroying my vault” might be a little too much to ask for.
Backups it is.
Well, I am not entirely convinced. I already have a backup: the local copy of the synced folder. If someone were to destroy all the data in the cloud, then I would expect that my local files still work. However, can I still decrypt them without the masterkey.cryptomator file?
If not, then why is this single point of failure stored in the most insecure environment? Should it not be stored locally?
Short answer: no
It is. Just have a look at your local sync folder
As you do have the Option to store and access your vault only online as well (eg with cyberduck app) and as cryptomator vaults are designed to be used on multiple devices (just the way you want to access any other online stored file in other devices) the key file has to be stored together with all the other encrypted files at the same place where the encrypted files are stored online
If you feel uncomfortable with that, just make an additional backup of the masterkey files wherever you want.
Please keep in mind that cryptomator is not a backup solution. It’s an encryption solution for online stored files. It’s purpose is not to avoid loss of data for whatever reason.
Yes, sure. But Cryptomator needs to work with existing backup solutions. If I back up my local machine, then I would expect to be able to recover a fully functioning system from that. If I understand you correctly, then that would be possible, because the masterkey.cryptomator file is also stored locally.
Yes, if you are using you storage providers sync client to sync your vault with your online storage (which is the standard way when using cryptomator)
What about this scenario.
Files are in Dropbox, encrypted.
Someone snoop in my Dropbox account and delete masterkey file and some folder so he break up folder structure.
Ok… but Dropbox has file history and we are able to restore those files back. We identify folders , files and masterkey and restore it.
WIll I be able to connect from local PC with existing vault(or create new with same pass) to this on Dropbox?
This is specially interesting with smart sync, when files are not actually downloaded locally.
Yes, this PC should have the same version as the restored files, anyway. So there isn’t even anything to sync.
No! Vaults have unique keys, even if you chose the same password. It is not possible to restore a lost masterkey file by using the masterkey from a different vault with the same password.
This is why backups are so critical. You should periodically zip compress your Vault and store it in a backup folder on your encrypted local machine, an encrypted external hard drive (one in site and one off site).
depending on what computational resources they have
Do you mean that the vault can be decrypted by a powerful computer?