Cryptoviruses have been on my mind.
I’ve been with IceDrive for a while now and I’ve also looked into other cloud services, but it seems that there really isn’t a contender for this. Maybe IceDrive can be the first?
Here’s the constraint in terms of functionality, I would still like the mounted Encrypted drive to be available, even unlocked on my machine.
Is there a way to somehow prevent it possibly being encrypted by a cryptovirus?
As I understand it’s only the folder/sync solutions keeping tabs on versions of files, the drive itself doesn’t seem to be able to do that. Am I mistaken?
Apart from obvious solutions like IceDrive offering a timeshift service, is there a technical challenge that can be overcome instead?
Its in interesting question
We would have to try it out to know for sure, as to how their viruses work
The obvious answer is that if it did happen, and was a success, all you would have to do is revert to a previous file version
So that alone makes it protect albeit a time consuming recovery service
However, we would need to know how the programs work, for example do they just create a huge spradic amount of threads to try and encrypt everything? Because this would just crash or lock up the drive due to insane network requests
Do they do it one by one? In which case it would have to download everything then reupload everything, to the point it would probably time out or you would know something is up
You would also see strange behaviour in the activity logs
Basically, we need some kind of cryptovirus emulator and see! But as for some basic protection the version histories would protect it
You also have the ability to not store your encryption key on your mount drive, requiring you to submit the passphrase every time you open it
So it just would not work if you used this
You could also use the read only drive option which would block any changes to files
Interested to hear more thoughts
Yes, all valid points. As I mentioned it’s a more extreme case which isn’t a fault of the service itself by any means. But perhaps an interesting outlook on what could be a cloud storage requirement in the near future.
I occasionally could be dealing with files with malicious intent and me being comfy with not wanting to type the password every time is bound get me locked eventually.
My concern came from seeing a variant of a cryptolocker that specifically targets cloud services first and may even sit dormant until a pathway is found. My guess is people tend to keep their valuables in the cloud these days, albeit seems to be targeting companies so that may not be a concern for the average person.
I haven’t had time to test this scenario with IceDrive, but a 1Gbps connection won’t hang at all, it’ll write a lot of versions in seconds.
I was wondering whether an opt-in cache system at the cost of the user’s cloud space could be a thing? Meaning IceDrive wouldn’t necessarily be using up any extra space, I’d be using my own cloud space.
The idea is that ultimately any change to even the encrypted folder would end up in that space where I could manually sort it later myself if the worst were to happen. Even deletions.
But I guess this would be getting in the way of zero-knowledge?