Take Control of Your Online Privacy (1.1) (2014)
Share Files Privately
In my world, “sharing files” generally means exchanging business documents such as word processing files, PDFs, and screenshots—maybe the odd font or disk image. I may be atypical in that regard. I have heard stories suggesting that people sometimes share less-wholesome files, including pirated movies, games, and software. If you’re tempted to do that, I invite you to skip back to Take the Pledge and follow the instructions there for avoiding online stupidity.
Having dispensed with that obligatory disclaimer, the fact is that what you have to share is none of my business or concern. You may have digital content of some kind that, for any of numerous legitimate reasons, you want to share online, but for which you have a privacy concern. In this chapter, I talk briefly about the privacy risks in file sharing and explore a few ways of addressing them.
Note: If you’re looking for the ultimate guide to sharing illegal stuff without getting caught, sorry—this isn’t it. I’ll outline the basics of private file sharing here, but remember: this book is about ordinary privacy for ordinary people.
Understand the Privacy Risks of File Sharing
To put it as concisely as I can, most privacy concerns with file sharing fall into one of the following categories:
· You want to share files with a specific person or group without letting anyone else know what you were sharing or with whom.
· You want to share files publicly, but without anyone knowing you were the person who uploaded or downloaded them.
Most methods of sharing files offer neither sort of privacy protection, which is why you may want to use extra precautions.
And what are the risks if you don’t? That all depends on what you’re sharing. Perhaps a competitor sneaks a look at trade secrets in confidential business files you’re sharing with your employees, clients, or contractors. Maybe the public gets early access to the top-secret new album, software, or game that you were only previewing for your agent or investors. Or the other side in a legal dispute sees potentially damaging information in a file you intended for your lawyer’s eyes alone. And, if you’re sharing copyrighted media, the copyright holder can rain all sorts of legal trouble on you.
Encrypt Transfers, Files, or Both
A danger when sharing files is that their contents could be intercepted in transit between your computer and the recipient’s computer. You can reduce the risk of eavesdropping if you Encrypt Your Wi-Fi Connection or Use a VPN, but these measures protect data only for part of its journey. For end-to-end protection, the connection between your computer and the remote computer must be encrypted.
When you’re connecting to a file server, that generally means using protocols such as SFTP (SSH File Transfer Protocol), FTPS (FTP over SSL), FTP over SSH, or WebDAV HTTPS. Whatever you do, you should not use plain FTP (File Transfer Protocol), which is about the least secure file transfer method there is. (Not only is ordinary FTP not encrypted, but even your password is sent in the clear!)
However, protecting files while in transit may not always be an option—and even when it is, it only solves part of the problem. If a file is going to be sitting on a server someplace, and if you want to restrict access only to trusted parties, you might want to encrypt it as well.
Back in Encrypt Your Email, I mentioned that you might use a program such as WinZip to encrypt files, or, to transfer files solely between Mac users to create an encrypted disk image in Disk Utility. The same advice holds for files you share with other methods—whether you upload to a public server or use any of numerous file sharing services such as Dropbox, Google Drive, SugarSync, or SpiderOak.
But wait! Don’t these and most of the other cloud storage and syncing services already encrypt files you upload? Yes! Sort of!
I’ll take Dropbox as an example, because it’s the most common of these (and because I wrote a book about it, Take Control of Dropbox). All the files you put in your Dropbox are indeed encrypted, but Dropbox holds the encryption key, so the company could decrypt your files if they had to (for example, in response to a subpoena). Even if that’s not a worry, Dropbox has two different methods of sharing files:
· Share a link: Dropbox generates a link to a file or folder you’ve stored online, and you can do whatever you want with that link—post it on a Web site or send it by email, say. Anyone who follows the link gets the contents of the file or folder—unencrypted. In other words, once you’ve shared a link, the only thing protecting it is the URL’s obscurity. If anyone learns that URL, Dropbox’s encryption is moot.
· Invite someone to a folder: You can share a folder in such a way that only people you invite can share it, and those people must all be Dropbox users too. This method enables the files to stay encrypted on the server all the time, although of course you can’t control what any of the other participants in the folder may do with your files.
So, for Dropbox, if you’re sharing a link and you want to ensure that a file stays private, you should encrypt the file before putting it in Dropbox in the first place. Then you can share the password with the recipient (see the sidebar Transferring Passwords Out of Band).
Other services have their own methods (so you’ll need to read the fine print), but the general rule is that if you’re sharing a link in such a way that the link is the only thing someone needs to access the file, the service’s encryption is irrelevant—you should instead encrypt the file yourself first.
Finally, let me mention that if a file is sensitive enough to encrypt, you should pay attention to its name too. Sometimes filenames themselves give away important information, and if that may be the case, obscuring the filename is a smart idea.
Keep File Syncing and Backups Private
What about files you store in the cloud using a backup or sync service, but don’t share with anyone else? Those should be safe from prying eyes, right?
Well, yes—usually. Any cloud syncing or backup service worth its salt encrypts your data both in transit and while stored online, which means that it should be safe from anyone but you, the person who chose the password. However:
· A weak password could enable someone else to break in.
· Even a strong password might not prevent the provider itself from accessing your files, if the provider holds the encryption key. Some (such as Dropbox) always do; some (such as SpiderOak) never do; and some (such as CrashPlan) give you the choice. I say more about this in Take Control of Dropbox andTake Control of CrashPlan Backups, but basically: if you don’t control the key, you should take extra steps to encrypt any sensitive files yourself.
· If you’ve synced files to multiple devices, and if one of those devices is stolen, then those files could be visible to the thief (unless you’ve protected them in other ways, such as using FileVault on a Mac or some other form of full-disk encryption).
But generally, as long as you’re reasonably careful, files you sync or back up to an encrypted cloud service should be fine as long as you don’t share them with others.
By the way, just as you should encrypt backups in the cloud, you should do the same for backups stored on a local disk if that disk could ever leave your physical control (for example, if you keep an extra backup disk offsite). CrashPlan, Apple’s Time Machine, and numerous other backup apps can encrypt local backups.
Use Peer-to-Peer File Sharing
Another type of file sharing relies on peer-to-peer (or P2P) file sharing networks, of which the best known is BitTorrent. Peer-to-peer file sharing has many perfectly valid, legal uses, including distributing large files without incurring massive storage and bandwidth fees. Sometimes you’ll even see musicians and movie studios using P2P networks to distribute media to the public. But P2P is often associated with illicit sharing of copyrighted materials—fair warning.
In a P2P network, someone makes a file available for others to download, but as soon a recipient downloads a portion of the file, that person’s computer also turns into a server, making that portion available to other downloaders. Thereafter, anyone trying to download the same file may connect to multiple computers at once, fetching only small pieces of the file from each one; the client software reassembles all the pieces at the end. This makes file transfers more efficient, but (slightly) harder to track than conventional client-server transfers.
Note: There’s an official BitTorrent client, but many third-party client apps also work with the BitTorrent protocol.
How does your P2P client know which other computers are currently sharing all or part of a certain file (and if only part, which part)? That’s the job of a computer called a tracker, which maintains a list of all the file’s pieces, but doesn’t actually store the file itself.
And how do you find a tracker that knows about a file you want to download? Using BitTorrent, that information—basically details about the file and the address of one or more trackers—is stored in a tiny file called a torrent. Torrents can be sent by email or posted on any Web site, but most users get torrents from innumerable Web sites that index and distribute torrents by the thousands.
Frustratingly for those fighting copyright violations, a torrent itself (or a site that indexes them) doesn’t contain any of the files’ potentially copyrighted contents, only the address of a computer or service that coordinates the files’ distribution, piece by piece. The only sure way to know who’s transferring what to whom on a P2P network is to join one yourself; in the process of transferring a particular file, you’ll also see the IP addresses of the other computers uploading and downloading portions of it. IP addresses, as we’ve seen, can often be traced back to individuals. So, Big Media frequently hires specialized firms to monitor P2P sharing of movies and other copyrighted files in order to find out which IP addresses should be the targets of legal action.
Warning! Possibly an even bigger danger than privacy risks using BitTorrent and similar networks is that pirated media files often contain malware or digital watermarks that can harm your computer and/or further endanger your privacy. Be suspicious!
Now then… What most people want from P2P networks is the public yet anonymous transfer of files. That is, you’re not hiding the files’ contents from anyone; you simply want to prevent anyone else from knowing that you were the one who uploaded or downloaded it. If that’s the case, you can consider several options:
· Hide your IP address. If you use a proxy server or a VPN (see Use a VPN)—or even better, an anonymous VPN that does not log connections (examples include BTGuard and TorGuard)—you greatly reduce the risk that any particular file transfer can be traced to you, at the cost of slower performance. (Of course, this doesn’t help you if someone finds the file in question on your computer!)
· Avoid suspicious public indexes. You may have heard of a site called The Pirate Bay—I won’t link to it here because I’d like you to stay away from it! Same goes for IsoHunt. These are among the biggest torrent indexers, and they’re also places most likely to lead you to torrents that are tracked, contain malware, or both. With some research you can find less common indexes, including some that are invitation-only.
· Avoid seeding. In P2P terms, seeding means making an entire file available to downloaders—either as the file’s originator or as a public service after you’ve downloaded the whole thing. Seeding is considered a kindness among P2P users, but it also arguably increases your legal liability.
· Try a friend-to-friend network. Most P2P networks, including BitTorrent, are public—anyone can join. A subset of P2P networks is the friend-to-friend (F2F) network, which is basically a private peer-to-peer network among friends who agree to participate with each other—only members can easily see what’s being transferred within the group. Retroshare is an example of such a network.
There are many other varieties of peer-to-peer file sharing systems, and numerous apps, services, and techniques designed to keep them more private. But if you have to go through that much effort, you may be better off creating your very own personal cloud, as I discuss next.
Create a Personal Cloud
What if you could combine the simplicity of Dropbox with the security of a friend-to-friend network and the assurance that all the data and hardware is safely under your control? And what if, in the bargain, you got up to 3 TB of file storage that you can access from any computer or iOS device, with no monthly fees? If you have a lot of data to share privately, you may be interested in a device called the Transporter.
Transporter is a small gadget containing a hard drive and a network interface, much like a NAS (network-attached storage) device. (A version called Transporter Sync omits the internal hard drive and works with any external USB hard drive you have.) The difference is its software, which makes it function very much like Dropbox. All transfers to and from your Transporter are encrypted, and if you have two or more of them, they can automatically sync any or all of their files with each other, regardless of where they’re physically located. So, merely by connecting a Transporter or two to the Internet, you effectively create a personal cloud for file sharing.
I’ve had a Transporter for nearly a year, and although it’s not ideal for most of my needs (see my TidBITS article Bypassing the Cloud with Transporter), I like the fact that it has none of the complications of peer-to-peer networks. If I wanted to share large files with a few friends and have near-zero risk of intrusion or detection, that’s how I’d do it. (You can even share files in a way that other users need not have their own Transporter.) But remember that anyone with physical access to one of your Transporters, or who can learn your password in any way, could obtain your data, so be sure to take appropriate security measures.
Transporter isn’t the only device in this class. A number of other NAS devices (such as Synology’s DiskStation products and TonidoPlug) also offer private sharing over the Internet, but Transporter stands out for its size, cost, and simplicity.
It’s also possible to create a personal, Dropbox-like system for syncing and sharing files using only software—for example, with the free BitTorrent Sync. But because this runs on your computer(s), you’ll have to leave at least one computer turned on, awake, and connected to the Internet at all times to maintain access to your data from other devices.