Is VC safe enough to upload backups to the "cloud" aka google servers?

Is VC safe enough to upload backups to the "cloud" aka google servers?

The only stuff that could be stolen in my kepass container and its encrypted too but well you can't be paranoid enough

Other urls found in this thread:

grc.com/misc/truecrypt/truecrypt.htm
twitter.com/AnonBabble

1. Verashit is more vulnerable than truecrypt 7.1a
2. Cloud based services are aids unless you're running your own server
3. Password managers database should never leave your local device

Citation needed on (1)

I keep local offline backups but they can burn or get niggered or something

>old hard drive nears end of life
>add to backup drive pile
>backup to a few hard drives at all times

Why do you need cloud storage? No shitty old computers laying around?

>can burn or get niggered
k

I just GPG encrypt disk images with Camellia-256.

You fucking retard. Why the shit would you upload any data sensitive enough to be encrypted to the cloud? One day the current encryption algorithms will be weak enough for brute force attacks. The powers that be will simply decrypt your shit.

Do you store your private keys on the cloud too? After all, they are encrypted using your password, right? You're effectively reducing all your security and privacy to that one password.

grc.com/misc/truecrypt/truecrypt.htm

Truecrypt prevents niggers from accessing your shit. Putting your encrypted shit on a cloud server is absolutely fucking retarded

you're autistic

uploading containers like that is retarded, might as well just use 7z, better something like borg/duplicity for incremental backups, or an ecryptfs/encfs stack

it will be fine, just use a 20+ char password

You already got BTFO in the last thread.

Why the fuck would you upload anything to Google's servers for any reason? Just use NextCloud or OwnCloud if you need something like that.

by the time that shit like RSA 4096 is broken, i would likely be dead or all those passwords would be deprecated.

get real nigger.

But I lose it

>just upload it to servers you don't have

Great response

I encrypt my files with PGP and then upload them to Google drive. Explain how can they access my shit without my private key and my password.

Google is one of the largest tech companies in the world. They have a large amount of storage and processing power. Don't gamble. You don't know what they have, or what they're generating. Just a little food for thought.

cryptsetup/LUKS has been audited by hundreds of professional security outfits. I know Optiv(Accuvant) and NCC Group did it numerous times for clients over the years because governments request these things on a regular basis so do bigcorps. Modern security auditing is more risk insurance than anything, and it doesn't mean at all the software is 'safe' just the bare minimum of competence has checked this software for obvious problems and found none, ergo we can insurably use it for acceptable risk.

Do you have a physical key like Ubikey or Cryptokey because if your priv key is stolen then there's some sweet history to go and decrypt from the beginning of time.

CAST5's implementation is also likely vulnerable to timing attack related to cache or data-dependent operations with it's 64 bit block size, again a physical key would be better.

Problem is the only acceptable file encryption for storing "in the cloud" is PGP (CAST5) or ChaCha20 using LibreSSL. XTS (Veracrypt containers, LUKS containers) you would not want to store in any kind of cloud ever because XTS only has security guarantees for the confines of disk geometry meaning you can't flip bits then wait for the mark to reuse the encrypted container, opening up a blind shell or god knows what else.

I've never understood the reasoning behind the use of CAST5 over AES in pgp

>not reading the vault 7 docs
Nigger

Veracrypt is funded by the CIA venture capital firm In-Q-Tel.

I thought that was interesting.