These days, the tool works not only on Windows, Mac OS X and Linux, but also on Android and iOS. Right now, though, the Android version only works with Dropbox — but on Friday the team pushed out an update that they say readies it for other providers, including Box.net.
Dropbox already encrypts the files and folders stored on its platform, but only on the server side. While that should be enough for most, mistakes do happen and many people will want an extra layer of security, particularly if they’re storing sensitive data.
Box.net goes a step further by giving its enterprise customers SSL encryption for file transfers — but again that doesn’t involve encryption on the client side.
This is where BoxCryptor, a German startup that covers more platforms than competitors like SecretSync and CompletelyPrivateFiles, comes in. On the desktop it encrypts any folder, including those for Dropbox. It can’t do the same on mobile, since the folders are harder to access, but what it’s been providing there is a replacement client for accessing Dropbox files and folders, which enables encryption or decryption.
Now the Android version also has the ability to access encrypted folders that are stored on the user’s SD card — potentially useful.
This is our first step in supporting additional storage providers to Dropbox,” the team said in a blog post. “For now, we have ‘only’ added support to access encrypted folders on the SD card of your device, but we will soon also add support for additional cloud storage providers like Box.net.”
The new version also caches encrypted files locally on the SD card, so that encrypted files don’t have to be re-downloaded every time they’re opened. Meanwhile, a mostly bug-fixing update for Windows came out a few days ago.
The biggest threat to BoxCryptor would be if Dropbox itself started offering client-side encryption, but that’s unlikely to happen for a variety of reasons.
The number one reason is that most people don’t care about extra encryption and Dropbox, a company with a one-size-fits-all approach, would be unlikely to add layers of complexity to its simple product. The move would also make it harder for Dropbox to carry out the de-duplication it currently applies to its data for efficiency’s sake.
In addition you have the U.S. Patriot Act, which discourages cloud services based in America from adding client-side encryption, because it makes it harder for the authorities to snoop around people’s data as they see fit.
Add these together and the threat from the vendors seems unlikely — so it looks like third-party encryption of the sort offered by BoxCryptor will be a viable business for some time yet.