E2E encrypted files sync without Devonthink?

Another attempt to get a smart rule to work, another hour+ of my life I’m not getting back…

The only must-have feature for me is cloud based syncing of documents

Occasionally I’m out of the house with just an iPhone, and need to access a doc on my computer.

Obsidian’s sync is not the right solution for document management (I’m mostly relying on DT/Finder tags to surface the docs I need).

I do own a Synology, but unplugged it a couple years ago. It seems like a lot of overhead for syncing ~5gb of docs.

Document tagging and E2E encrypted syncing. Any suggestions?

I do not know, what do you mean with the term „E2E“, but when I need access to some documents on the go, beside DTTG, iCloud is doing a good job for me.

Sorry, I meant end to end encryption. Ill edit the original post

VeraCrypt and Disk Decipher are working great for me. It’s less convenient than Cryptomator but much more reliable on iOS.

1 Like

iCloud Drive would be my suggestion for basic file syncing as well, but you’d be stuck with the Files app on iPhone. Not a big deal if you know which document you are looking for, but I’m not a fan of its interface for doing anything resembling what I can do in Finder.

Your files will be encrypted using AES 128 at rest, but the keys are managed by Apple, not by you. It should more than secure enough for basically everyone, I’d say, but assumes a bit of trust. Note that Apple is not claiming “end-to-end” encryption for iCloud Drive, but rather encryption “on server” when they are not performing operations on the data. One such operation would be the actual sync of your files. The sync service definitely need to see the plain text contents of the file in order to know what you just added, changed or removed, right?

In transit, you always have encryption through TLS 1.2. If that breaks, we’re all in trouble :slight_smile: While data protection is indeed very important, you also need to be clear on what threat model you are optimizing for and what measures you are willing to implement to ensure confidentiality.

There are a couple of file manager apps available on the app store, maybe there is something, that enhances your work with iCloud acc. your needs.

1 Like

What issues are there with Cryptomator on iOS? I have not run into any yet.

Why not use the synology. The DS Drive app has had significant updates (basically personal Dropbox, very easy to set up. Depends on other uses you can go down a rabbit hole, but once setup it has required no maintenance on my end. Does exactly what you want and no cloud servers.

I use Nextcloud for this, with the folders that I sync to my mobile clients E2E encrypted. Works very well for me.

I liked the idea of synology. What I didn’t like:

  • a separate operating system. That I have to learn. And will it be hacked like qnap famously was?
  • vpn/tunnel magic that I don’t understand well enough to audit. I see it works, but I don’t know how or how well.
  • it’s loud and hot. I did the math and realized it costs ~$70/yr to run!
  • 3 WD red drives, one would fail every 3 months. Like… wtf. Ive never had a spinning hard drive fail except in my syno. Thank god for RAID
  • RAID. Kinda like the vpn thing, it just bothers me
  • random alerts in middle of night waking me up. Loud. Annoying. Wayyy to often.
  • creating/mounting/sharing drives from Linux to Mac. Im sorta glad I learned how to operate a mini-home network server thing… mostly so I know not to try it again.

Im just trying to keep a few gigs of personal docs private. Synology feels like taking the helicopter to go pick up milk.

Cryptomator was very easy to set up, thanks for the recommendation. However, it seems native finder tags aren’t part of the sync mechanism yet. I use tags to organize the documents I need.

Lacking end-to-end encryption has always been a dealbreaker for me. It might be irrational; I have nothing to hide, and if all my files spilled out to the public, nobody would care. But just knowing it’s possible, I find myself censoring my own thinking, it really hampers my workflows.

I don’t know of anything to support native tags other than iCloud by itself?

To the sync service data is just that; data. It’s not like it has to comprehend the data. Apps like Obsidian, Day One, Cryptomator or any other app that encrypts data couldn’t work if this were true…

Having spent a couple hours searching/testing, it seems you’re right. DevonThink, Resilio sync… though they apply, sync, and show the tags correctly, the tags are unsearchable. Seems only iCloud supports tags search through Files app.

So a simple sync solution + Files app wont work If you want full tagging features. You would also need an app (like devonthink) that handles them itself.

My documents are managed 100% by tags, not folders (whereas notes/knowledge management live in obsidian with very few tags.) Its been a long journey… but I don’t think I can go back to folders for docs.

This has been a frustration of mine. Honestly I’d be using synology drive alone if tag search was better (Aka allowed Boolean search would be enough with tags). Devonthink is powerful, but the mobile just doesn’t work. I like the privacy but I have a NAS that’s local and VPN.

Synology isn’t quite enough, devonthink is too finicky but at least easy to link on iOS devices to obsidian. I pretty much gave up tagging outside of DT.

1 Like

In which case it needs to replace the entire file for each change, and not just the deltas. This model works too, as long as you don’t update a file on two devices at the same time.

This is how the LastPass service works, as they don’t have access to my key. Apple holds my iCloud keys, and their description on the “iCloud security overview” page clearly states that the keys ARE acccessed by Apple software while conducting “necessary processing”.

It was not mentioned what this processing actually is, but my guess is that sync could be one purpose. I might also be guessing wrong :upside_down_face: