Kim Dotcom Can Encrypt Your Files. Why Can’t Google?

google_cameras_inside

On the one-year anniversary of Edward Snowden’s first NSA document leaks, Bahaa Nasr spent the day in Beirut, teaching a roomful of Middle East activists how to thwart the kind of government-backed spying that Snowden so shockingly exposed.

As a project manager for the Institute for War & Peace Reporting’s Cyberarabs project, Nasr’s job is to keep journalists and activists safe from snoops. Since 2010, he has taught more than 400 activists the ins and outs of digital security, how to use a virtual private network and the TOR anonymous browser, how to avoid getting hacked, how to recover files, how to properly delete files, and how to encrypt them so that they can be shared outside of the prying eyes of governments.

There are so many security tools he and his students can use to guard themselves against NSA and other government snoops, who have ways of accessing so many parts of the internet. But Nasr says there’s a big hole in this toolkit. You can’t easily encrypt documents using the net’s biggest file sharing services, including those from Google, Microsoft, and Dropbox. And, for Nasr, this shouldn’t be the case. After all, encryption is offered by so many underground file-sharing sites, including Mega, the service from swashbuckling internet entrepreneur Kim Dotcom.

Last week, Google announced that it’s working on a browser plug-in that can encrypt the messages you send via Gmail and other email services so that, even if the NSA gained access to the machines running these services, it couldn’t read your correspondence. Even Google itself wouldn’t be able to read them. But file sharing is another matter. You still can’t encrypt files using the company’s documents-editing-and-sharing service Google Drive. And the same goes for many similar services. “This is something that should be done. Google should not be able to read my files. Dropbox should not be able to reach my files,” Nasr says. “I don’t know why they don’t provide better security for the files.”

Google, Dropbox and Microsoft do encrypt communications as they’re moving from your computer to Google’s servers. And following the NSA revelations, Google and Microsoft have also taken new steps to protect information when it’s moving from between their own data centers. But for the truly paranoid, the best solutions is to use open-source software to encrypt the file on your computer before it’s uploaded to Google or Microsoft’s networks. That way, if someone — the..

Read more: http://www.wired.com/2014/06/cloud-encryption/