You could also use dropbox,where the dropbox folder is only writen to by a script that encrypts the data. I have a dropbox folder where I put the files I want to store, then every night, I have a script that automaticly encrypts the files that were added/changed and puts that in an a dropbox.enc folder that gets synced with the server.

If someone were to make this into an actual product, it sould be relatively simple to make the encryption happen as soon as a file changes and avoid the latency.

Thanks for the reply and sorry for not checking the history. This is my first visit to HN.

I firmly recommend Tarsnap. Even though it's paid, it's fairly cheap (at least by European/US standards) since you only pay exactly what you use, the client application is open source and it's a one-man-show by Dr. Colin Percival, cperciva here on Hacker News: http://news.ycombinator.com/user?id=cperciva

It's not for everyone, though:

    At the present time, Tarsnap does not support Windows
    (except via Cygwin) and does not have a graphical user 
    interface.

"Dropbox with TrueCrypt (be careful that you don't mount simultaneously)"

What scenario do you refer to? Why would it be bad to run a non-paused Dropbox client and mount a TrueCrypt volume inside it at the same time?

I'm starting to suspect that the people who keep recommending TrueCrypt for day-to-day usage on Dropbox fall into the camp of "Do as I say, not as I do." Because if they are actually using TC the way they suggest, they might as well use FTP.

First, I created a small 64 MB TrueCrypt partition. I then mounted the partition in TC. I noticed immediately that the tc file has an exclusive lock, so any changes in your TC partition will never be synced until the partition is unmounted! If your use case is to mount your partition immediately upon login, work for the day, and then shutdown, Dropbox will never have an opportunity to sync your partition.

My next test was to mount the TC partition simultaneously (Desktop and Laptop). Then I run into conflicts, as another posted mentioned. Because of the exclusive file lock, if you mount simultaneously on two machines, you will start getting duplicate -conflict files when unmounting either of the partitions, since the other is still locked. It's not immediately clear from examination which TC partition is actually the most recent one. And may Gods have mercy on you if at any time you edit both partitions before they sync.

Even if you're willing to live with these annoyances, there is now the trade-off of which partition size to create. Too large of a partition and syncing can take a long time, even if you make minimal file changes (because of chaining, there is not a 1 bit -> 1 bit change in TC partitions). Too small of a partition, and you'll have to keep resizing it or creating new ones. What a hassle.

The only use case which seems to work well for me, is for minimally modified files, like for annual tax returns. Here, a TrueCrypt container makes sense and works quite well because the partition is basically read-only and unlikely to be simultaneously or even regularly mounted.

So for those people who keep suggesting TrueCrypt, I'm curious, do you actually use it, and if so, how? The suggestions for file-level encryption (encfs) appear to be much more sane.

Thank you for the detailed review!

Indeed, it seems like one of those problems where solutions seem obvious (use TrueCrypt!) until you experiment or think about it more deeply.

If you mount the TC volume on two computers at once, and change them, Dropbox might keep one copy or the other, or upload two copies with one named *-conflict.