PRISM and cloud syncing security



  • adiummyadiummy Junior Member

    Hey jpgoldberg,

    I've just read that German Cloud Provider HiDrive (Deutsche Telekom Subsidiary) offers an API, I still want Cloud sync and I hate using an US service (Dropbox) for syncing. I would strongly recommend that you offer syncing with at least one European cloud service.

    I for one won't pay for another upgrade or recommend your software (although I love it!) if you don't offer this (or even better: self hosted syncing) in the future.

  • This is an excellent discussion that I stumbled upon on a whim; I've skim-read a few pages, and have a +1 opinion myself.

    WebDAV as an application protocol (?) seems a sensible compromise. It is open and common enough that enthusiasts can set it up for themselves at home as a private cloud server, and that major (or minor) public cloud service providers can also support if it turns out to be popular enough.

    As such, private WebDAV services can be run over VPN, with the VPN being as secure as you/your company/your CSP requires it to be.

    I'm not 100% on this - for example, I'm not familiar as to WebDAV's efficiency for syncing as 1Password requires it, but it seems to be popular enough. Nor am I familiar enough with the encryption potential. However, it's easier and more mainstream than SFTP, SCP, etc. Most of these options will have proponents, and opponents, but will be more fragmented according to each group's specific requirements and available infrastructure.

    The problem at present is that in terms of cloudsync, it's basically Dropbox or sometimes, with smatterings of Skydrive, Sugarsync, etc. The challenge is to provide an alternative that is almost as easy to use, whilst having the potential to become as ubiquitous as these existing services, and the flexibility to be as private and secure as you require. Maybe WebDAV is it.


  • jaydiscjaydisc Junior Member
    edited November 2013

    WebDAV! WebDAV! WebDAV! (or SFTP :) )

  • iencryptiencrypt
    edited November 2013

    I'd just like to point out a few quality quotes from one of the great people of our nation:

    “Those who surrender freedom for security will not have, nor do they deserve, either one.”

    ― Benjamin Franklin

    “It is the first responsibility of every citizen to question authority.”

    ― Benjamin Franklin

    “They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.”

    ― Benjamin Franklin, Memoirs of the life & writings of Benjamin Franklin

    **“Justice will not be served until those who are unaffected are as outraged as those who are.” **

    ― Benjamin Franklin

    I'd also like to offer my support not just to the Agile problems they're facing but universally. There needs to be a joint venture across the globe to support the development of technology that supports our God given rights to something as simple as privacy, it is as simple as that. I'm one of many I'm sure that would like to propose that we start an open source project that allows for encryption on all operating systems and can be used for services like 1password or whatever your preference might be.

    I own a domain that I would be happily to donate to the community and also a small investment into jump starting this project. I'll be adding a blog to shortly for individuals/developers/etc. interested. You can also reach me at i [@]

    Don Dikaio

  • benfdcbenfdc Perspective Giving Member
    edited November 2013

    There needs to be a joint venture across the globe to support the development of technology that supports our God given rights to something as simple as privacy, it is as simple as that.

    Crowd-funded Dark Mail initiative.

    Crowd-funded TrueCrypt audit.

    User-funded Agilebits (a joint venture across the globe)!!

  • benfdcbenfdc Perspective Giving Member

    Apple’s warrant canary.

  • jpgoldbergjpgoldberg Agile Customer Care

    Team Member

    I see lots of calls for WebDAV. Given our history with this (promising back in the early days of iPhone apps, and failing to delivery) I am extremely hesitant to say anything about whether we will actually be able to put something into customers' hands.

    However, the overall sync architecture of 1Password 4 and the change in the numbers of files that need to be synched and accessed, means that we should be able to get over those stumbling blocks (so that we can encounter entirely new ones).

  • RoadstarRoadstar Junior Member

    I've just read that German Cloud Provider HiDrive (Deutsche Telekom Subsidiary) offers an API, I still want Cloud sync and I hate using an US service (Dropbox) for syncing. I would strongly recommend that you offer syncing with at least one European cloud service

    I'd also like to see a non-US cloud service as a supported syncing solution.

  • benfdcbenfdc Perspective Giving Member
    edited December 2013

    With all of the revelations we are seeing, I cannot imagine any principled basis for believing that non-US cloud services are safer than US-based services. Besides, if you are not being targeted then a strong master password is your keychain’s best defense, and if you are being targeted then keeping your keychain off of the cloud won’t keep it out of the reach of the NSA. To quote Reinhold:

    Of course, if you are worried about an organization that can break a seven word passphrase in order to read your e-mail, there are a number of other issues you should be concerned with -- such as how well you pay the team of armed guards that are protecting your computer 24 hours a day.

    He wrote those words many years before Snowden’s revelations.

    BTW, unless you are confident that the NSA has never gotten its hands on your iPhone, if you are a person of interest then just to be on the safe side you should treat it as being pwned and assume that your keychain has already been exfiltrated. TAO claims a 100% success rate with its “close access methods.”

    Calls to mind the old sniper motto: If you run, you’ll only die tired.

  • jpgoldbergjpgoldberg Agile Customer Care

    Team Member

    We simply don't know whether US or non-US are more deeply penetrated. My guess is that non-US ones will be more deeply penetrated than US ones, but that is only my guess.

    But at the risk of repeating myself, 1Password's end-to-end encryption should mean that the privacy (or lack thereof) of sync services shouldn't matter.

  • bnzbnz Junior Member

    One comment I'd like to make about the most recent blog post. I like that you stress that the NSA has so far not approached you in any way. This statement is important. The problem probably is, if this ever happens, I suspect you will have a problem, even as a Canadian company. Having been at the 30c3 myself, I have heard a rather clever suggestion (in my opinion) regarding the dilemma of the threats that will be made in such a case. This suggestion is to add a statement in software and release notes that the company has not been approached by any authorities (such as secret services, police, whatsoever) to compromise the security of the service in any way. Should it ever happen, you can just remove this note. That way, you do not communicate directly about it, but still have a way to let everyone know. The fact that the sentence is removed may always be a result of new policies, overall restructuring of texts or so.

    Maybe this is something for you to consider besides the other measures mentioned here to improve and most of all preserve the trust that you have.

  • @bnz

    search this thread for the word "canary"

    how could you have missed it reading through the past 130+ comments :)

  • khadkhad Social Choreographer

    Team Member

    If it helps, here is a direct link to the beginning of the relevant posts about warrant canaries:

  • emkayemkay Junior Member

    +1 for WebDAV and/or SFTP. And I wouldn't mind manual syncing.
    This app is handling my most sensitive data but all I see is a half-hearted "...we kinda tried but you'll have to live with it."

    There are dozens of WebDAV providers out there. You can setup a simple WebDAV server on almost any shared hosting account.
    I've moved my private stuff from Dropbox to a private ownCloud installation a long time ago. It's syncing perfectly cross-plattform and -device and I have never looked back ever since. The only thing still sitting in my Dropbox is the bl**dy 1P keychain which kind of torpedos the whole effort.
    I'm really puzzled what's technically so special about syncing a 1P file that's a few Mb in size.

    I've been using 1P since v.2 and I love the app. But I'm afraid if there won't be a v.5 for me if there's no way that I can choose who to trust with my data.

  • @jpgoldberg:

    if you had confessed to having read the entire thread, I would be searching for a gentle way to recommend psychiatric help

    Oops =:O

  • adiummyadiummy Junior Member

    Hey, I love your software but I'm starting to get a bit annoyed that there's apparently no movement regarding non-US cloud sync since the Snowden revelations. And I think your statement that non-US providers are more penetrated is weak. With dropbox I can assume that the NSA already has my keychain (like every other data in the US or passing the US unencrypted). When I have a European provider or host the keychain by myself in Germany my data won't pass the Atlantic as soon as "Schengen-routing" is enabled by the ISPs. That's better then Dropbox in any case.

    Please do whatever you want with your product. I can just say that I won't pay for any upgrades or recommend your software as long as there is no cloud-syncing that keeps my data (even when it's encrypted...) from US soil.

  • jpgoldbergjpgoldberg Agile Customer Care

    Team Member

    Hi @adiummy

    There has been some movement, but I can certainly understand if you don't feel that it has been enough.

    If you are synching exclusively on Mac, then you can use "Folder Sync" with pretty much any sync service you want. This also appears to be holding up well in the 1Password 4 for Windows beta. But settling on one or two and bringing them to 1Password for iOS and Android simply is going to take time.

    I sincerely believe my argument non-US based providers are likely to be as penetrated by the NSA (and GCHQ) as US ones. But your security decisions have to be based on what you believe. Personally I think that Schengen-routing is a bad idea, but at the same time, Quite simply, I believe that if your data travels from one machine to another, then the NSA can and will get a hold of it. I think fighting against that kind of data capture given the state of the network (with or without Schengen routing) and the nature of the NSA's "collect all the data" mentality is a battle we can't win. Instead I feel that we need to be fighting this on a different front. We need to make end-to-end encryption stronger, more widely available, and easier to use. This way, when they get our data (as they will), they won't be able to decrypt it.

    But it isn't really that important what I believe, you have to make your security decisions based on what you believe. Additionally, we aren't in the vaporware business. You have to you have to make your decisions based on what we provide today and not on our continued calls for patience.

    I hope that when we do get to the place where we ought to be, whether that be weeks or months, you will renew your enthusiastic support for 1Password.

  • adiummyadiummy Junior Member

    Thanks for your answer. I'm looking forward to whatever is coming. I have to admit that I share your view that strong encryption is the most important thing and I'm not a big fan of Schengen routing either.

    But please concede that it's just tremendously annoying to be forced (in case you want convenient 1P cloud-sync) into a US cloud service that I don't want to use anymore just out of principle. I host my owncloud, caldav/carddav, mailserver, rss-aggregator etc. instead of US services since the Snowden revelations and I don't miss anything. And I just want to finally abandon dropbox as well. Please help me with that! :)

    (And to be more constructive: I'd prefer a self-hosted solution and I'd love to see support of Bittorrent Sync)

  • jpgoldbergjpgoldberg Agile Customer Care

    Team Member

    Granted: I willingly concede that it is tremendously annoying to be forced ... into a US cloud service.

    Although I have a different view of the actual security risks of a US v non-US cloud service, I emphatically understand why people, particularly those outside of the US do not like being forced to use a US based cloud service.

    And yes. I concur about self-hosting as well. But that is probably going to be the hardest to code into the mobile apps, as we will have to pick a single protocol with a consistent authentication mechanism. Bittorrent sync looks very attractive for a number of reasons.

    The one that I personally like best but is furtherest away from providing useful APIs is Tahoe-LAFS. I really don't think that will ever be truly "consumer grade" because it is designed to be provably private. That is, by inspecting the client software alone, and running your own checks against the servers, it is provable that service operators cannot know or modify your data.

    I'm not sure that it is possible at this time to bring provable security to everyone, but that doesn't mean it shouldn't be a long term goal.

  • adiummyadiummy Junior Member

    Sounds interesting. I'm convinced you will come up with a good solution, and please don't let me wait until 2016! ;)

  • Given the news today about Condoleezza Rice joining the Dropbox Board of Directors, I am even more willing to drop Dropbox. The only reason I still use it is because I really like the syncing in 1Password. So please add support for WebDAV so that I can pick my own service.

  • JasperJasper

    Team Member

    Thanks for the feedback, @Gobo.

    Also, please see this post regarding WebDAV:

  • I'm also here looking for an alternative to Dropbox based on this latest turn of events. I was hoping that Transporter is being considered, as they have released an SDK recently. Maybe that will work better than WebDAV?

  • JasperJasper

    Team Member

    Thanks for the feedback, John! We are looking into alternative sync services. :)

  • +1 to alternatives.

    This after lobbying elsewhere just a couple weeks back for more cooperation between you and Dropbox Inc.. The irony doesn't escape me *facepalm*

  • MeganMegan

    Team Member

    Hi @toolbear,

    Thanks so much for adding your vote here, I'll be sure to let our developers know you're keen on some alternative sync options.

    ( I wasn't even going to mention your other post. ;) )

  • khadkhad Social Choreographer

    Team Member
    edited April 2014

    Thanks so much for your continued feedback in this area, everyone. Just a reminder on this. In addition to Dropbox syncing, 1Password currently supports:

    Note that at this time Folder sync is only available on the desktop where we have access to the file system. I suspect many of these requests are focused on iOS where 1Password is sandboxed and we must build support for specific sync options directly into the app.

    We're looking at some more options for the future and sincerely appreciate your voices here.

  • @khad I'm going to ask the sticky question. You keep saying that support for additional sync services is delayed until all platforms can be supported. So why do you support iCloud since I doubt it that that will be coming to Android any time soon?

  • khadkhad Social Choreographer

    Team Member

    You keep saying that support for additional sync services is delayed until all platforms can be supported.

    That is not something I have ever said. As you mention, iCloud is proof that that is not necessarily the case.

  • jpgoldbergjpgoldberg Agile Customer Care

    Team Member

    @RichardPayne‌ I'm sorry for the confusion here about platforms and synching. With Folder Sync with 1Password for Mac, you now already have a variety of sync mechanisms available to you as the back-end, with 1Password actually being agnostic about your choice, but of course, those don't extend to mobile. As you and @khad have correctly pointed out, there is iCloud for OS X and iOS, but that doesn't extend to Windows or Android.

    I think that I am the one who has said things that suggest "waiting for all platforms". And I will try to be more careful in my language from here on out. Dropbox is the only sync mechanism that we do have working across all platforms. So that is the one we are going to be steering people to within our apps and documentation for the time being. When a user first sets up synching, do we really want to present them with a list that says something like. "If you ever plan to use 1Password on iOS then don't use Bittorrent; if you ever plan to use 1Password on Windows, but not mobile, than CronoSync is fine, but not SugarSync ..."

    So for something to fully fill the role that Dropbox plays today with 1Password, that something needs to work across platforms.

This discussion has been closed.