Remove Crypt.ee from "Cloud Storage"

Filen cloud storage by DanielProg39 · Pull Request #345 · privacyguides/privacyguides.org (github.com)

There was a request here for filen.

1 Like

I have doubts about the reliability of small cloud storage providers, particularly when it comes to storing crucial files. Despite the high level of security they may offer, it is uncertain if these services will exist in the long-term due to issues with resources or limited scalability.

I have doubts about the reliability of small cloud storage providers, particularly when it comes to storing crucial files. Despite the high level of security they may offer, it is uncertain if these services will exist in the long-term due to issues with resources or limited scalability.

For small cloud storage providers, it’s hard to make people trust them as their only cloud storage provider.

Proton and Tresorit meet the minimum bar for me.

IIRC, Proton owns their data centers and manages object storage in-house. They have been around for a long time and have built trust and business. Tresorit is using Azure for object storage, and they have various business customers. Hopefully, they are in a good place w.r.t business model and service reliability.

Filen has just one or two members in engineering. They are relatively new, and the pricing model (low prices & lifetime plans) might be concerning.
Cryptee’s pricing indicates a healthy profit margin. I don’t know about their team size.

But, if we don’t give new players a fair chance to survive and improve, it won’t help us as customers. We will end up with sub-optimal products, which will never gain enough traction to become mainstream products like Proton or Signal.

Whatever cloud provider you choose, make sure they provide an easy way to export. And follow the standard 3-2-1 backup strategy for peace of mind.

It was discussed over in Filen cloud storage by DanielProg39 · Pull Request #345 · privacyguides/privacyguides.org · GitHub, presently we’re not confident with it.

Would it be prudent to start a new request here? Seems that the argument against listing it is simply because it doesn’t have an audit, but they publish the source to github.

Full disclosure: I’m a customer of Filen, but I am also a customer of almost every major cloud storage service. :wink:

I don’t think PG is a promotion page. Unfortunately, they have to compete with companies such as Proton and Mega, and prove that their business model is viable in the long term.

Cryptee has addressed this in their FAQ.

Q: “Is Cryptee financially sustainable? What happens if Cryptee runs out of money?”

A: “Cryptee is a profitable, financially sustainable company, that runs 100% on subscriptions. Even if everyone stopped paying today, we keep enough reserves for multiple years. So if you’re using a free plan, and don’t want this to happen, consider subscribing to one of our paid plans. It will help us outlive your grandchildren.”

Q: “What happens if Cryptee shuts down some day?”

A: “What happens if Google or Apple or Facebook or any other company shuts down some day? Nobody can predict the future. But we are building our company slowly, steadily and carefully, — without the usual, unsustainable silicon-valley-style-rush —, so that we won’t have to close our doors some day. Reach out to us — tell us what you’d like to see us do in the event that this day comes some day, and we’ll do our best to make your wish happen.”

I received a notification about a new release, and upon checking the update, I discovered a couple of “dark patterns.” The PrivacyGuide team should not consider these metrics while reviewing a product. As consumer, these issues were concerning.

They offer 100MB of free space. It is sufficient for evaluating documents. But it is not enough to test if the app can handle a one-minute video upload from a mobile device.

My concerns:

  1. The app has no refund policy. Customers must pay a minimum of $3 to evaluate the basic functionality of the app. All other similar services (Standard notes, Filen, Tresorit, Proton, Notesnook, Joplin, etc) offer either a refund window or pro-rated refund.
  2. The website displays the per-month price when billed yearly for the 400GB and 2000GB plans. You only discover this fact after signing up.

Ok so, this is borderline creepy :sweat_smile::laughing:. I dont think they have videos in mind here for trial.

For bulk storage like that, you might as well go for cheap storage like Backblaze and encrypt your data yourself before you upload it. I automate this with a self-hosted TrueNAS Scale.

Alternatively, go for something like Cryptomator + whatever cloud storage fancies you.

I had no idea that Cryptee stored the times at which I clicked my photos in plain text.

I thought I’ll export my data out to a more privacy respecting provider and it has been such a PITA. The browser flattens my albums so I’ve to manually curate them again. There’s no way to pause and resume. And I have around 40gb of photos and the rate at which the export is happening it will take me multiple days of manual labor to pull my data out. I’ve no idea now I’ll even verify that all my data is intact.

I moved from Filen to Cryptee just a few months ago after seeing the recommendation on PrivacyGuides. And now I so regret trusting you. I mean, why is such a flawed service your #1 recommendation

Exif date of photos is quite meaningless metadata. Cryptee is not going to do much with that kind of information. Except for sorting your photos when you’re uploading them, and helping you search them afterward. Also, this kind of thing doesn’t make the whole service “flawed”. And just so you know, Cryptee is actually stripping every other metadata from the photos when you upload them, so it is hard to see this thing as a deal breaker. I would suggest you go through your own threat model again and think if this kind of thing makes a service unsuitable. After all, all of your photos stored in Cryptee are end-to-end encrypted.

Hey, in my case those timestamps are proxy for the days I’ve travelled. That is private to me. I understand it might not be private to you.

Also, the bigger “flaw” I faced was with exporting my data.

I was first using Google Photos, which gave me a single zip I could take out. With Filen the desktop app did a good job of syncing it. Now I’m trying Tresorit and they also seem to support this.

I expect cloud storage companies to respect my right to data portability. And yes, I should have verified this myself before importing my data, that’s on me

1 Like

Thinking about this further, I would rather see Crypt.ee moved to the notebooks section:

  • It isn’t a full-fledged document editor that could replace Microsoft Word
  • It isn’t a collaborative tool that could replace Google Drive
  • Their photo storage feature is not very compelling to me at the moment without automatic backups (as Cryptee has no native apps at all)

In my mind the feature set is much closer to that of Standard Notes Professional (which comes with 120GB storage) rather than something like Nextcloud/OnlyOffice.

1 Like

Status: In Progress → Done