Securely Sync Your Files with SecretSync

by The Tech Labs 1

Dropbox, the most prominent of all file synchronization services, had some security issues recently that highlighted an important fact about using cloud services – that you have to explicitly trust the service provider to handle your data with the appropriate amount of care. And when they don’t do this, it’s your data that’s at risk, or is it? SecretSync seem to cover that issue. Note, we also covered another protection service before, please see: Secure Your Dropbox Data with BoxCryptor

The only substantial solution to the problem of using a service like Dropbox with perfect confidentiality is to use client-side encryption, because it ensures that your data is secure before it leaves your computer.

There are several solutions available for encrypting your files before sending them to Dropbox, some which are Open Source, and others that are for pay. SecretSync is one of the freemium options, which offers a free version that syncs up to 2 GB of data, and several other options for pay. It’s currently in beta.

SecretSync is quite simple to install and use. It creates a folder outside of Dropbox into which you put your files. It monitors this folder, and as soon it detects changes, it encrypts the files with 256-bit AES encryption and adds them to Dropbox. Dropbox then synchronizes the encrypted files to your other computers. At no time can anyone at Dropbox ever access the contents of your files, since they’re encrypted with unbreakable encryption before Dropbox even receives them.

SecretSync can actually be used with any synchronization service, not just Dropbox. It is known to work with SugarSync, SyncDocs, and even Ubuntu One, on Linux. It’s available on Windows and Linux, and a version for Mac OS X is promised.

Installing SecretSync:

To start the installation, download the installer from and run it. SecretSync requires Java to be installed, which is how it manages to be cross-platform. The setup will prompt you for a check.

Next, you will be prompted to setup an account with SecretSync. This delivers a 256-bit key dynamically to you, without requiring any key management on your part. Many less technical users like this option since it provides them with a much better level of confidentiality, without the difficulty of key management. Security is improved since Dropbox has no access to this key, and your SecretSync account, which is separate from Dropbox, only provides a key, but has no access whatsoever to your data.

The next part of the install allows you to choose a passphrase that is only stored on your computer. This provides absolute confidentiality, since no one has access to this secret but you. SecretSync still obtains the key from the SecretSync servers, but it’s combined with your passphrase on your computer to create a one-way, unguessable value. This value is far stronger than if you just used a passphrase by itself.

You can provide any value for the passphrase, including a 256-bit encryption key, as shown below.

Using SecretSync:

Once SecretSync is up and running, you simply open the SecretSync folder through its shortcut, and add files.


Files will be encrypted and rendered secure before Dropbox, or whatever other synchronization service you use, transfers them to their servers.

SecretSync Conclusion:

If you have sensitive or confidential data of any kind that you need to share between computers, you’ll need the security of client-side encryption. SecretSync is a simple and handy tool for providing this extra layer of protection, and requires little effort.

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>