In an age of eroding online privacy and increasing corporate surveillance, many are looking for a good alternative to Google Drive for their documents and files. After all, why would you want to store your private data with the worlds largest advertising company? This is especially true when you consider that Google has a financial incentive to collect and analyze your data.

Editors Note:Guest author Heinrich Long is the editor behind Restore Privacy, a blog dedicated to inform about best online privacy practices, secure your electronic devices, unblock restricted content and defeat censorship.

Even if finding a good Google Drive alternative has not been a top priority, it is another service worth replacing if you are planning to fully restore your privacy. And by selecting a reliable and secure Google Drive alternative, you will have more control of your data. You will also be supporting some great privacy-focused businesses while steering clear of surveillance capitalism.

First, we do need to point something out. Google Drive keeps your data secure against outsiders. However, this is a distinction from privacy. Thats because Google themselves can read your data if they wish. Here is what the Google Drive Additional Terms of Service, dated March 31, 2020, has to say on the subject (emphasis added):

We may review content to determine whether it is illegal or violates our Program Policies, and we may remove or refuse to display content that we reasonably believe violates our policies or the law. But that does not necessarily mean that we review content, so please dont assume that we do.

What? It seems to be saying that they want you to act like your data is private even though they can look at it whenever they feel the need to do so. We dont actually provide privacy but you should pretend that we do?

Unless you are part of an organization where you are required to use Google Drive, it should be relatively easy to switch to a more private cloud storage service. Replacing it will be an easy step toward a long-term goal of replacing all your Google apps and services.

Finding a secure cloud storage service takes on more importance when you think about all the sensitive data you are storing in the cloud. Add in the number of nasty cloud storage hacks that have occurred over the years and you might start feeling a sense of urgency.

Moving away from Google Drive is complicated by the fact that it works with various other services such as Google Docs, Calendar, and more. If you use the full suite of Google apps, replacing Drive could be challenging. However, if you have some flexibility in the additional apps and services you use, I can show you some secure cloud storage options that can act as Google Drive alternatives that also keep your data private.

Tresorit is our pick for the best Google Drive alternative today. It offers a full set of features that could be useful for individuals and teams, as well as businesses. You also get end-to-end zero knowledge encryption that ensures your data is really private and secure even from the people at Tresorit.

If you are on an individual plan, your data will be stored in Ireland. But if you spring for a business account, you can select from several jurisdictions to meet your regulatory and business requirements. Tresorit has also been audited to confirm that the product delivers on its promises. Ernst & Young did it in 2019 and rated Tresorit as a trustworthy service.

Tresorit doesnt connect to the same range of business apps that Google Drive does, but it does integrate with Outlook, Gmail, and Active Directory, making it easy to use Tresorit with your existing infrastructure.

Their business-oriented plans also give you tools for managing users and their data across the organization. When you factor in Tresorit compliance with HIPAA, GDPR, FedRAMP, and numerous other data protection regulations, you get a secure cloud storage offering that works in a business environment.

Tresorit isnt just resting on its past achievements, either. One recent addition to the product was Tresorit Drive 2.0. Tresorit Drive allows you to access and edit cloud-only files without downloading or syncing them. It is available for Windows and Mac OS.

Tresorit is a great Google Drive replacement for business users but might be overkill for individual users. The free plan offered by the company is very limited, while individuals will probably have little use for the business features while still needing to pay the products relatively high subscription fee.

Note: Effective July 6, Swiss Post acquired a majority stake of Tresorit. According to the company, the acquisition wont change much from the perspective of users like you and me. Well keep an eye on the situation and let you know if anything significant comes up. Check out Restore Privacy's complete Tresorit review.

This Canadian company is one of the best alternatives to Google Drive for both individuals and businesses. The service has a zero-knowledge infrastructure that looks really solid and features that will appeal to any audience. The Sync.com free plan could be ideal for individuals who can get by with only a few gigabytes of storage (5 GB) and dont need a Linux sync client. The company stores all your data in Canada.

Sync.com has a number of strong features for businesses. It has capable subscription plans with the ability to do things like view Office documents directly from the web, send and receive files securely, as well as unlimited storage and bandwidth. The plans are compliant with industry standards such as HIPAA, GDPR, and PIPEDA.

Sync.com provides a range of file sharing options.

There are two potential drawbacks to consider if you want to use Sync.com for business. One is that you need to store all your data in Sync.coms Sync folder. This could result in incompatibilities with other crucial business apps and services. The other potential drawback is that the company has not published any third-party audit results yet. Learn more about this Google Drive alternative in Restore Privacy's Sync.com review.

If you use Google Drive as an individual, rather than a team member or an employee, MEGA could be the Google Drive replacement you want. Among its Drive-like benefits, MEGA provides desktop and mobile clients for every major operating system, including Linux.

Like Tresorit, MEGAs end-to-end, zero knowledge encryption means not even MEGA themselves can read your data. They also offer a generous free plan that includes 15 GB of storage (which you can boost to as much as to 50 GB if you complete certain tasks). One thing that hurts this service is that it has daily data transfer limits that can leave changes unsynced until the next day if you try to move too much data at once.

While MEGA has a lot to offer for individuals, it doesnt look as good if you are looking for secure business storage. Their business plans can include unlimited storage and transfer capacity, plus built-in chat, contacts, and file preview capabilities. But Tresorit and other services like pCloud have stronger corporate offerings.

Another thing to be aware of with MEGA is that New Zealand law forces MEGA to include some worrying clauses in their ToS. Youll want to study the ToS extra carefully if you are considering MEGA for corporate cloud storage. Learn more in Restore Privacy's MEGA cloud storage review.

Compared to the other Google Drive alternatives were looking at here, NordLocker is pretty bare bones. Thats because it is really a file encryption system with cloud storage capabilities. If you are looking for secure Google Drive replacement, the NordLocker Premium plan offers 500 GB of storage at a very reasonable price.

Consider NordLocker for business or personal use if you need the maximum possible security for your cloud storage. Conventional secure cloud storage services like Tresorit or Sync.com encrypt your data whenever it is in motion or when it is on their servers. No one, not even them, can decrypt your data in these circumstances.

But conventional cloud storage services do not encrypt the data when it is at rest on your devices. If a malicious actor gains access to your device, they will also have full access to your files as well.

NordLocker gives you the flexibility to create encrypted lockers on your device or in the cloud.

NordLocker eliminates this problem. You put files and folders you want to store in the cloud into a special folder called a locker. Lockers are encrypted by default, even on your device. Unless you open NordLocker (which is password-protected) your files remain safely encrypted at all times. This results in an additional level of protection beyond the other products profiled here.

NordLocker has one other nice trick on offer. The service provides its own secure cloud storage for lockers just like everyone else. But NordLocker lockers are also compatible with any other cloud storage service. Thats a big deal. It means you can store lockers in other cloud storage services (including Google Drive), and know that your data is secure. Learn more about this versatile tool in Restore Privacy's complete NordLocker review.

Nextcloud is a free and open source suite of client-server software used to create and manage file hosting services. Depending on how it is configured, Nextcloud can serve as a secure cloud storage service for individuals, a functionally similar replacement for Google Drive in the enterprise, and anything in between.

If you have the technical expertise, you can host Nextcloud on your own servers, which offers the potential for a very secure configuration. Or you can use Nextcloud through a third-party service provider to eliminate setup and maintenance headaches. Nextcloud is also very versatile and expandable.

One example of this is Nextcloud Hub. The hub allows you (and your team) to:

Given what weve seen so far, Nextcloud looks like it should be one of the top Google Drive alternatives. There are, however, a couple of drawbacks. First, Nextclouds end-to-end (E2E) encryption is not fully functional yet. This makes the ability to host your Nextcloud system within a secure firewall very important.

Another issue is that you need to be alert to how secure and private each of the components you connect to Nextcloud is. Using Nextcloud as a secure and private alternative to Google Drive requires some technical experience. Even so, Nextcloud seems to have a bright future as a powerful, flexible, and free cloud storage solution once they get their E2E encryption solution completely ironed out. Heres Restore Privacy's full review of Nextcloud.

Here are some detailed answers to some of the additional questions people have about alternatives to Google Drive.

Does it matter where the company is located?

Where a Google Drive alternative is based matters. If it is based in a country that doesnt provide strong privacy protections, the company may be forced to hand over your private data to the government or other third parties. In many cases, the company will be legally required to turn over your data, regardless of what their Terms of Service or other policies say.

However, the Google Drive alternatives we recommend feature zero knowledge, end-to-end (E2E) encryption. What this means is that no one, not even the company that runs the service, can read your files. The file encryption used by modern services is believed by cryptographers to be secure against cracking by even the most powerful current computers. So while it is best if your files are never turned over to anyone, the data within them will be safe if that does happen.

There is one other thing to discuss. The fact that a snoop cant read your encrypted files doesnt necessarily mean that there is no usable data available about your files. The service may still have access to:

You should think carefully about the threats you want to protect your data against (your threat model) before evaluating alternatives to Google Drive.

Does it matter where my data is stored?

Yes, it matters. But with the secure, private cloud storage services we recommend as Google Drive replacements, it doesnt matter too much. If youve read the main article, you are now aware that your data is not always stored in the same country your cloud storage service is located in. For example, Tresorit is based in Switzerland, but it stores your data in Ireland or various other countries. Meanwhile, Sync.com is based in Canada and stores your data there.

The laws of the country that your data is stored in can affect your data and make it available to the local government or other organizations. But once again, since the Google Drive alternatives we recommend provide strong security (Nextcloud being a current exception) the local authorities wont be able to read your files even if they do grab a copy of them. At best, they will be able to get the same kinds of metadata that we listed in the previous question.

That means that even though your data is secure in any location, if you have the option, go with a service that is both based in, and stores your data in, a privacy friendly jurisdiction.

Why cant I use a free account?

While using a free Google Drive alternative sounds appealing, there are several good reasons to pay for your secure cloud storage. They include:

The best use for a free account is to test the service. That way, you can be sure the service will meet your needs before investing money into it.

Should I use a VPN with my Google Drive alternative?

You should always use a VPN with the cloud storage service you choose as a Google Drive alternative. While secure services like those we describe prevent prying eyes from reading the data in your files, there is still metadata that can be recorded about you. Services often use your IP address to know whose metadata they have collected.

Their gathering of your personal data helps them but offers no real benefits for you. If you use a VPN to connect to a Google Drive alternative, that service wont be able to see your real IP address and location. Instead, they will see the IP address of the VPN server you are using. Since each IP address of a popular VPN is shared by many other VPN users, it will be very hard for anyone snooping on your connection to be able to associate your online activities with your online address.

Whats the difference between end-to-end encryption and zero knowledge encryption?

People are sometimes confused about the difference between end-to-end (E2E) encryption and zero knowledge encryption. Heres a quick explanation:

E2E encryption means that messages or data are encrypted before they leave your device and remain encrypted until they arrive at their destination. Theyre encrypted from one end of the connection to the other.

Zero knowledge encryption takes things one step further. With zero knowledge encryption, the user controls the encryption keys. The cloud storage service (or whatever other service you are talking about) doesnt know the encryption keys and has no way to find out what they are. In other words, the service has zero knowledge of the encryption keys and therefore cannot read your data. Period.

As mentioned earlier, a prime requirement for these cloud storage services is that they provide the privacy and security that Google Drive does not. Time and again, cloud storage services have proven to be prime targets for hackers from run-of-the-mill creeps to high-powered hacking teams backed by national governments.

Finally, take any services you like out for a test drive. Spend a few days or weeks testing it to see if it really meets your specific needs as a Google Drive alternative. Were confident that one of these will meet your needs and let you move away from Google Drive with little stress.

See the original post here:
Google Drive Alternatives: Improving Privacy and Security - TechSpot

This isnt the first time we are hearing about WhatsApp chats of celebs leaking on the internet and spreading like wildfire. The recent incidents of WhatsApp messages of star kids leaking have stirred the online space and how. These incidents have led users of the messaging app be worried about their own privacy. Also Read - WhatsApp to stop supporting few devices from Nov 1: How to check if your phone is one of them

Following the chats leak, thousands of users have taken to the microblogging site Twitter and other social media channels to share concerns related to privacy of their personal chats and conversations on the popular instant messaging platform. Some also say that they are considering moving to a safer messaging platform such as Signal or Telegram. Also Read - Using an old iPhone? WhatsApp will stop working for you from next week

Before understanding whether WhatsApp chats can be leaked or not, we must first know what end-to-end encryption really means and whether it actually works in real life. Also Read - How to find archived WhatsApp chats on Android

Over the last few months/ years, especially after the introduction of the latest privacy policy, WhatsApp highlighted that all chats being conducted on the platform are unreadable even by the parent company Facebook, which is soon going to have a name change. This is where end-to-end encryption comes into play.

In simple terms, end-to-end encryption means, no one, except the sender or receiver of the message can read WhatsApp messages. For instance, if you are chatting with your friend Meghna, no one apart from you and Meghna can read those messages. In fact, not just the chats, the instant messaging platform claimed that all video and voice calls being conducted on the app are also end-to-end encrypted.

End-to-end encryption ensures only you and the person youre communicating with can read or listen to what is sent, and nobody in between, not even WhatsApp. This is because with end-to-end encryption, your messages are secured with a lock, and only the recipient and you have the special key needed to unlock and read them. All of this happens automatically: no need to turn on any special settings to secure your messages, the instant messaging platform explains in an official blog post.

So, now that end-to-end encryption means no one can read or access personal chats of users, how are messages of celebs leaking? Theres a lot attached to this topic. First, we must understand that these leaked chats are a set of screenshots and not really chats leaked by WhatsApp. Second, most of these chats are leaked from devices handed over for further investigation for the ongoing drug case.

There are two ways to took at such incidents. One, chats leaked from the devices are being handed by too many people and hence circulation of controversial messages can happen. Second, chats leaked are of prominent personalities and information about them spread like wildfire.

All-in-all, if you look from WhatsApp point of view, chats/ messaging being exchanged on the platform are secure by Signal encryption protocol, which basically secures messages before they leave a device. This is about individual or personal chats. As for Business accounts, the security works little differently.

WhatsApp considers chats with businesses that use the WhatsApp Business app or manage and store customer messages themselves to be end-to-end encrypted. Once the message is received, it will be subject to the businesss own privacy practices. The business may designate a number of employees, or even other vendors, to process and respond to the message, WhatsApp explains in a blog post.

The key question that arises here is, can your WhatsApp chats get leaked?

Well, no and yes.

Anyones chats or personal data can be accessed by a third party if the user of the device isnt aware. Since such incidents of WhatsApp chats leak continue to happen every now and then, it gets even more important to secure the app with a lock. The messaging platform provides an option to screen lock the WhatsApp app for Android and also iPhone users.

Users also get to apply additional security to their WhatsApp account via verify security code feature. Once the feature is enabled, users will be asked to enter the code every time they log in to the app. There are several other privacy and security options including restricting access to profile photo, status, about section and more. WhatsApp recently introduced certain group settings as well which allows users to limit others from randomly adding them to groups.

Continue reading here:
If WhatsApp chats are end-to-end encrypted, how are personal chats of celebs leaking? - BGR India

WhatsApp is beginning to roll out a new feature that will provide its two billion users the option to encrypt their chat history backup in iCloud or Google Drive, patching a major loophole that has been exploited by governments to obtain and review private communication between individuals.

WhatsApp has long encrypted chats between users on its app. But users have had no means to protect the backup of those chats stored in the cloud. (For iPhone users, the chat history is stored in iCloud, and Android users rely on Google Drive.)

It has been widely reported that law enforcement agencies across the globe have been able to access the private communications between suspect individuals on WhatsApp by exploiting this loophole.

WhatsApp, which processes over 100 billion messages a day, is closing that weak link, and tells TechCrunch that its providing this new feature to users in every market where the app is operational. The feature is optional, the company said.(Its not uncommon for companies to withhold privacy features for legal and regulatory reasons. Apples new encrypted browsing feature isnt available to users in certain authoritarian regimes, such as China, Belarus, Egypt, Kazakhstan, Saudi Arabia, Turkmenistan, Uganda and the Philippines.)

Mark Zuckerberg, founder and chief executive of Facebook, noted that WhatsApp is the first global messaging service at this scale to offer end-to-end encrypted messaging and backups. Proud of the team for continuing to lead on security for your private conversations, he wrote in a post on his Facebook page.

WhatsApp began testing the feature with a small group of users last month. The company devised a system to enable WhatsApp users on Android and iOS to lock their chat backups with encryption keys. WhatsApp says it will offer users two ways to encrypt their cloud backups.

Users on WhatsApp will see an option to generate a 64-digit encryption key to protect their chat backups in the cloud. Users can store the encryption key offline or in a password manager of their choice, or they can create a password that backs up their encryption key in a cloud-based backup key vault that WhatsApp has developed. The cloud-stored encryption key cant be used without the users password, which isnt known to WhatsApp.

While end-to-end encrypted messages you send and receive are stored on your device, many people also want a way to back up their chats in case they lose their phone, the company wrote in a blog post.

The feature can be accessible by navigating to Settings > Chats > Chat Backups > End-to-End Encrypted Backup (Image Credits: WhatsApp)

As we wrote last month, the move to introduce this additional layer of privacy is significant and one that can have far-reaching implications.

End-to-end encryption remains a thorny topic of discussion as governments across the globe continue to lobby for backdoors. Apple was pressured to not add encryption to iCloud Backups after the FBI complained, according to Reuters, and while Google has offered users the ability to encrypt their data stored in Google Drive, the company reportedly didnt tell governments before it rolled out the feature.

India, WhatsApps biggest market by users, has introduced a new law that requires the company to devise a way to make traceability of questionable messages possible. WhatsApp has sued the Indian government over this new mandate, and said such a requirement effectively mandates a new form of mass surveillance.

The U.K. government which isnt exactly a fan of encryption recentlyasked messaging apps to not use end-to-end encryption for kids accounts. Elsewhere in the world, Australia passed controversial laws three years ago that are designed to force tech companies to provide police and security agencies access to encrypted chats.

WhatsApp declined to discuss whether it had consulted with lawmakers or government agencies about the new feature.

Privacy-focused organizations including Electronic Frontier Foundation have lauded WhatsApps move.

This privacy win from Facebook-owned WhatsApp is striking in its contrast to Apple, which has been under fire recently for its plans for on-device scanning of photos that minors send on Messages, as well as of every photo that any Apple user uploads to iCloud. While Apple has paused to consider more feedback on its plans, theres still no sign that they will include fixing one of its longstanding privacy pitfalls: no effective encryption across iCloud backups, the organization wrote.

WhatsApp is raising the bar, and Apple and others should follow suit.

See original here:
WhatsApp now lets users encrypt their chat backups in the cloud - TechCrunch

Today EFF and other internet and digital rights organizations are announcing the Alliance for Encryption in Latin America and the Caribbean (AC-LAC). The Alliance is a platform for collective capacity building and information, based on the principle that encryption is an essential tool for security and respect for human and fundamental rights in the region, including freedom of expression and privacy.

The virtual launch event is October 21, with the participation of member organizations. It is open to the public.

This regional Alliance seeks to advance a proactive agenda to promote and defend encryption in Latin America and the Caribbean. It aims to strengthen the use of encryption and generate an ecosystem of trust, security and stability within information and communications technologies (ICTs), particularly the critical infrastructure of the internet and its applications and services.

The platform,comprised of 14 organizations throughout the region, seeks to coordinate efforts with encryption initiatives at the global, regional, and national levels, and generate spaces for exchanging information and mobilizing actions to respond to the effects weakened encryption have on security and fundamental rights.

The member organizations, which have outlined a joint agenda despite their diverse natures and interests, are: Access Now, ALAI, APC; Article 19; Coalizo Direitos na Rede (CDR); Derechos Digitales; EFF; Karisma Foundation; IP.rec; IRIS; ISOC Brazil; Nic.br; R3D. The eLAC initiative will participate as an observer member. The Alliance is open to new members who share its principles and ideas.

On Thursday, October 21, during Global Encryption Day, AC-LAC will present its regional pro-encryption agenda. A live event will be held to introduce the Alliance and its mission, and discuss why encryption is imperative for a more secure internet.

In addition to the 14 member organizations, AC-LAC counts on the Institute for Digital Development of Latin America and the Caribbean (IDD LAC) as the Alliance's secretariat.

Follow us on our social networks: twitter: @aclac_alianza and linkedIn: AC-LAC or on our website http://www.ac-lac.org for more information.

The rest is here:
Meet the Alliance for Encryption in Latin America and the Caribbean - EFF

Starting today, WhatsApp is adding end-to-end encryption to your cloud backups on both Android and iOS. While WhatsApp itself has been end-to-end encrypted by default for the past five years, until now if you chose to backup your chats to Google Drive (from the Android version of WhatsApp) or iCloud (if you're on iOS), those backups wouldn't be encrypted.

Now, however, you can turn on end-to-end encryption for your backups. The way WhatsApp owner Facebook describes this in its announcement, it seems like it won't be on by default but you'll have to actively choose to enable it by going to Settings > Chats > Chat Backup > End-to-end Encrypted Backup.

When you do that, you'll need to use either a password of your choice or a 64-digit encryption key that only you know. Once you set all that up, neither WhatsApp nor Google or Apple will be able to read your backups without your key or password.

Facebook rightly points out that WhatsApp is the only global messaging service to provide such a level of security at such a scale. The new feature allowing for end-to-end encryption of backups will be rolling out slowly to those with the latest version of WhatsApp for Android or iOS.

Source

Read the original post:
WhatsApp end-to-end encrypted backups are rolling out on both Android and iOS - GSMArena.com news - GSMArena.com