Protect Your SkyDrive Files From The NSA Using TrueCrypt

Omar Shahine and Mona Akmal from the SkyDrive team held an AMA on reddit answering user questions.  We’ll be sharing any interesting tidbits.

A number of users asked if the NSA could access their files on SkyDrive.  While the questions was not answered directly, it was said that a built-in encryption is not coming to SkyDrive and users could use a third party solution such as TrueCrypt.  Mona Akmal addressed the security on SkyDrive:

  • Your SkyDrive account and your private files are password-protected.
  • When you upload or access private files on SkyDrive, we encrypt information sent between you and our servers using Secure Sockets Layer (SSL) to prevent eavesdroppers from seeing your files when in transit.
  • Once your files are on our servers, we work to prevent hackers from accessing your data by employing sophisticated physical / electronic security measures. We also store multiple copies of your file on different servers and hard drives to help protect your data from hardware failure

Microsoft employee and reddit employee formerlydrinkingguy77 mentioned:

of course. You create a truecrypt ‘file’ which is a giant block of noise to anyone who doesn’t have the key. It’s mounted like a USB drive / dmg on mac. You copy files into it, change them whatever. If you had that file in your skydrive folder it would synch.

Now, the whole thing would synch every time you changed any part of it, but you would be guaranteed privacy. Truecrypt can do whole HD volumes as well. It’s worth looking into if you’re serious.

Omar Shahine:

We don’t currently have that option. Other folks have pointed out that you can use TrueCrypt to do this today.

SkyDrive Team Regarding NSA:

There is more info here:

Source: Reddit

  • TheNet Avenger

    Why not steer users to creating an Encrypted VHD, which requires no 3rd party tools, and is a feature of Windows 7 and 8?

    It can be encrypted with Bitlocker (If they are Pro User) or NTFS Encryption inside the drive, or BOTH for dual encryption that the NSA would have one heck of a time ever accessing.

    Do these people really work for Microsoft? Wow…

  • Wayne Sebbens

    The drawback with encrypting the files on your computer before you sync them to skydrive is that they can then only be decrypted again on a computer with the same software and key. You lose out on being able to view those files on the web, or your mobile device (phone or tablet).
    If it’s a sensitive document, then this might be acceptable for some people. But for those who want anything they store and share with others to be encrypted, they’ll have to decide whether the ability to view anywhere or be encrypted is more important (for now)

  • Trappist

    Truecrypt is impractical in a synced environment. I use EncFS with Dropbox for a more practical approach. GnuPG would also work for individual files.