The overnight news of a 4Chan hacker releasing hundreds of celebrity pictures has emphasised a point which technologist have long known – most cloud services that store files and pictures and files are not that secure.  This means that your data can be read by unscrupulous staff, by law enforcement or as in this case by anyone who manages to hack into the system.


This leaves us with two possible courses of action – either make very sure you do not upload anything that you would not mind becoming public or secure your cloud.  Securing your cloud data means using a system called Trust No One or TNO – and boils down to making sure all data is encrypted before leaving your system and is only unencrypted when it gets back to you.

Most conventional cloud systems such as Dropbox, Google Drive, iCloud or OneDrive do not by default do this but can be made to do so by putting an encrypted area within them using something like Truecrypt.  This adds another layer of complexity for the user and will tend to stop mobile systems like phones working properly but has the benefit of putting the control in the users hands completely.

Some cloud systems are designed with the encryption built-in from the ground up.  Some good examples of these include SpiderOak, Wuala, Tresorit and Bitcasa.  As a consequence of their security these systems tend to be by necessity less feature rich and more expensive.  In addition you have to trust that the providers have set their systems up correctly and securely.

Finally you could simply avoid the cloud and store your data yourself offline.  The cost of hard disks has plummeted over the last couple of years and this is a viable strategy but you miss out on all the advantages of the cloud and become reasonably secure.   Ideally this hard disk would also be encrypted and with something similar to Truecrypt and would only be accessed when needed.

You the user need to make a choice between convenience and security.  Having iCloud back up your photos automatically with the default settings is very convenient but has inherent security problems.  Using an unconnected camera and transferring your photos manually to an encrypted drive is far less convenient but far more secure .  We all need to decide where on the spectrum of convenience and security we fall.


Leave a Reply